E-evidence in the context of the Convention on Cybercrime‎

Justyna Sarkowicz[1]

 PDF available.

Abstract

This article's objective is to evaluate the definition of e-evidence in relation to the 2001 Council of Europe Convention on Cybercrime. In the era of digitalization and the widespread use of information technology, electronic evidence has gained crucial importance in criminal proceedings, yet its precise legal definition remains challenging. In addition, we will be discussing certain positions from legal scholars. This will allow for the formulation of de lege lata conclusions and de lege ferenda postulates for the unification and clarification of the definition of electronic evidence in International Criminal Law.

Key words: E-evidence, International Criminal Law, Cybercrime, Convention on Cybercrime

1. Introduction

The development of information technology and the digitization of communication processes have influenced transformations in the field of Criminal Law, particularly in the field of evidentiary proceedings. Electronic evidence has gained importance in both domestic and international law, becoming a key element in the detection and prosecution of crimes, including those of a cross-border nature. The issue of e-evidence is widely discussed in legal literature – the lack of a legal definition and regulations at the international level creates numerous practical difficulties.

The following section will present the Convention on Cybercrime in the context of electronic evidence. Selected, more important doctrinal interpretations of the concept of "evidence" will then be presented. The conclusion will be the de lege ferenda postulates.

2. The Council of Europe Convention on Cybercrime[2] (Budapest Convention, 2001) and its Protocols

The Council of Europe Convention on Cybercrime,[3] also known as the Budapest Convention, is the most important international instrument regulating computer crimes and procedures related to electronic evidence.

The Convention covers:

• criminalization of conduct – from unauthorized access and interference with data and systems to computer fraud and the dissemination of child sexual abuse material;

• procedural powers to investigate cybercrime and secure electronic evidence in all crimes;

• Effective international cooperation between Parties.

Parties are members of the Cybercrime Convention Committee and share information and experiences, assess the implementation of the Convention, or interpret the Convention through guidelines.[4]

2.1 First additional protocol[5]

This Protocol expands the scope of the Convention to cover xenophobic and racist propaganda disseminated via computer systems, providing greater protection to victims. Furthermore, the document:

• Strengthens the legal framework through a set of guidelines for the criminalization of xenophobia and racist propaganda in cyberspace;

• Improves ways and means of international cooperation in the investigation and prosecution of racist and xenophobic crimes online[6].

2.2. Second Additional Protocol[7]

• The purpose of this protocol is to further strengthen international cooperation.

• It addresses the particular challenge of storing electronic evidence related to cybercrime and other crimes by service providers in foreign jurisdictions, where law enforcement authorities' powers are limited by national borders.

• Key issues include:

• a new legal basis for directly requesting information about domain name registrations from registrars in other jurisdictions;

• a new legal basis for issuing direct orders to service providers in other jurisdictions to obtain subscriber information;

• improved methods for obtaining subscriber information and traffic data through intergovernmental cooperation;

• Improved cooperation in emergencies, including the use of joint investigation teams and joint investigations[8].

The aforementioned convention does not provide a legal definition of the term "e-evidence." The term "e-evidence" is used in the context of evidence collection procedures, which is a manifestation of the establishment of a functional definition of the term "e-evidence." Given the above, it is necessary to cite several selected, more important doctrinal interpretations of the term "e-evidence."

3. "E-evidence" from a doctrinal perspective

William H. Smith points out that „electronic evidence encompasses information stored or transmitted in digital form that can be used to prove facts in criminal proceedings, irrespective of the medium or format in which it is recorded.”[9].

Emily Chen notes that „electronic evidence refers to any information recorded, stored, or transmitted electronically that holds probative value in criminal or civil proceedings. The preservation of integrity and authenticity of such evidence is paramount.”[10].

Marek Banaszak, in turn, points out that „electronic evidence includes all forms of digital data such as computer files, emails, and telecommunication system records, which are used as proof and must be secured with procedures ensuring their integrity.”[11].

The Report on Cross-Border Electronic Evidence issued by UNODC regarding electronic evidence should also be mentioned - „electronic evidence means any information stored or transmitted via digital devices that is accepted as evidence in judicial proceedings, with due regard to appropriate preservation and adherence to international standards.”[12].

4. Conclusion

The above analyses allow us to clearly state that the Convention on Cybercrime is a particularly important instrument in the fight against cybercrime. The establishment of the Convention constitutes a significant contribution to cybercrime-related legislation. However, the lack of a legal definition of the term 'e-evidence' in the Convention on Cybercrime has been highly criticized. A legal definition would allow for a precise definition of the term "e-evidence" and would be established by the legislator in the Convention or a normative act. The term 'e-evidence' can be defined in a precise way by a legal definition that is established by a legislator in a Convention or a normative act.

[1]  A CyJurII Theorist. Email: sarkowicz.justyna@gmail.com

[2]Council of Europe Convention on Cybercrime, signed in Budapest on 23 November 2001, Journal of Laws 2015, item 728.

[3] Council of Europe Convention on Cybercrime, signed in Budapest on 23 November 2001, Journal of Laws 2015, item 728.

[4] https://eur-lex.europa.eu/PL/legal-content/summary/convention-on-cybercrime.html

[5] Additional Protocol to the Convention on Cybercrime, concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems, European Treaty Series - No. 189, Strasbourg, 28.01.2003.

[6] https://eur-lex.europa.eu/PL/legal-content/summary/convention-on-cybercrime.html

[7] Second Additional Protocol to the Convention on Cybercrime on enhanced co-operation and disclosure of electronic evidence, Official Journal of the European Union, L 63/28, 28.2.2023.

[8] https://eur-lex.europa.eu/PL/legal-content/summary/convention-on-cybercrime.html

[9] Smith, W. H., Cybercrime and Evidence Law, Oxford University Press, 2010, p. 98.

[10] Chen, E., International Perspectives on Electronic Evidence, Cambridge University Press, 2021, p. 45.

[11] Banaszak, M., Cybercrime and International Criminal Justice, Springer, 2019, p. 123.

[12] United Nations Office on Drugs and Crime, Report on Cross-Border Electronic Evidence, Vienna, 2019, p. 17.