1. Introduction
Cyberwarfare crimes are a major threat to the security of European countries. The effects of such attacks could be devastating for European economy, stability and national security. Cyberwarfare at its core means the misuse of computer technologies (such as hacking, using computer viruses, and other forms of malware) to disrupt, damage or destroy an adversary's information systems and networks. These are actions in cyberspace that threaten key state infrastructure systems in the form of armed conflicts with destructive effects. It often involves the exploitation of vulnerabilities in computer systems and networks to achieve strategic objectives, such as espionage, sabotage, or coercion. Cyberwarfare can target a wide range of assets, including military, governmental, critical infrastructure, and commercial systems, and it can have significant consequences for national security, economic stability, and public safety.[1] Cyberwarfare includes acts that compromise and disrupt critical infrastructure systems, which amount to an armed attack.[2] Only governments, organs of the state, or state-directed or state-sponsored individuals or groups can engage in cyberwarfare.[3]
The question therefore remains, whether European Union has effective cooperation measures for combatting such crimes?
2. Procedural Criminal Law Cooperation in the EU
The EU cooperation in combatting cyberwarfare attack can be analysed through two perspectives. One is procedural criminal law cooperation where EU Member States combine their efforts in combating international crimes. The other is cooperation within the EU institutions. Here we will present the procedural criminal law cooperation.
Procedural cooperation measures in criminal matters within the EU are vital for maintaining security, combating cross-border crime, and ensuring justice across EU Member States. Cooperation is executed with approximation of criminal procedural law of Member States and with EU legal assistance. The approximation of procedural law is possible in accordance with Article 82(2) TFEU if it is necessary to facilitate mutual recognition of judgments, judicial decisions, and police and judicial cooperation in criminal matters having a cross-border dimension. Minimum rules can be established by means of directives adopted in accordance with the ordinary legislative procedure.[4] Legal assistance is based on the approximation of legislation and includes the area of extradition, other mutual assistance in criminal matters (gathering of evidence, searches and confiscations, interrogations of witnesses and suspects), and enforcement assistance (execution of judgements and decisions of other Member States’s courts).[5]
On this premise the EU has adopted numerous conventions, directives and framework decisions that all facilitate mutual cooperation and recognition between Member States. Meaning that the Member State is never alone in gathering of evidence or prosecution of a criminal offence, when the offence was committed internationally, or in the territory of other Member States. For the purposes of prosecuting cyberwarfare crimes, the most relevant procedural measure of the EU are the European Arrest Warrant, European Evidence Warrant, European Freezing and Confiscation Order, the European Investigation Order, European Judicial Network (EJN), and Schengen Information System (SIS).
3. European Arrest Warrant and European Evidence Warrant
European Arrest Warrant (EAW) allows for the swift extradition of suspects between EU Member States. It replaces traditional extradition procedures with a simplified and fast-tracked process, aiming to ensure that suspects cannot evade justice by fleeing to another EU country. European Evidence Warrant enabled Member States to have objects, documents and data confiscated in other Member States. However, it was latter replaced with the European Investigation Order (EIO). The EIO-Directive established a single comprehensive framework based on the principle of mutual recognition that allows Member States to obtain evidence from other Member States. It soon became the leading legal instrument for gathering of evidence in the EU and a useful tool for legal practitioners dealing with offences with a cross-border element. With the use of EIO issuing authority of the Member State can demand certain investigative measures to be executed by the executing authority of another Member State. This enables gathering of evidence on international level as never seen before and is a crucial procedural measure for combatting cyberwarfare attacks on international level.
4. European Freezing and Confiscation Order
European Freezing and Confiscation Order enhances cooperation among Member States in the area of asset freezing and confiscation in criminal matters. It aims to streamline the process of freezing and confiscating assets across borders within the EU, particularly in cases involving organized crime, terrorism, and other serious offenses, such as cyber attacks, although the latter will probably not be the main target of this order as illegal assets are not a necessity not the consequence of cyberwarfare attacks.
5. European Judicial Network
European Judicial Network facilitates cooperation and information exchange between judicial authorities in the EU Member States. It helps streamline legal processes, such as mutual legal assistance and extradition requests, by providing a platform for direct communication and coordination. EJN Contact Points function as active intermediaries and assist with establishing direct contacts between competent authorities and by providing legal and practical information necessary to prepare an effective request for judicial cooperation or to improve judicial cooperation in general.[6]
6. Schengen Information System
Schengen Information System (SIS) is a centralized database used by Schengen Area countries to exchange information on individuals and objects of interest, such as missing persons, stolen vehicles, and wanted criminals. It helps enhance border security and law enforcement cooperation within the Schengen Zone. From March 2023, SIS contains different types of biometrics (photographs, palm prints, fingerprints, fingermarks, palmmarks) to confirm and verify the identity of people registered in the system.[7] Meaning it could provide a useful tool in combatting international cyberwarfare crimes when searching the perpetrators in the territory of EU Member States.
7. Conclusion
Overall, presented cooperation measures, based on the principle of mutual recognition, demonstrate the EU's commitment to enhancing security, promoting the rule of law, and combating crime through cross-border collaboration among its Member States. The EU has legal basis for implementation of procedural measures that can be used to prosecute cyberwarfare crimes on the international level. This cooperation is not of political but of a legal nature - meaning that the Member State does not decide on cooperation politically but is legally bound by EU legislation. Thereby, making this kind of cooperation much more effective. Combined with EU institutions such as Europol, Eurojust, The Court of Justice of the European Union (CJEU), and The European Public Prosecutor’s Office (EPPO), the European Union has a strong cooperation system established for cooperation in criminal matters on the EU level.
[1] Digmelashvili, 2023, pp. 12-19.
[2] Maras, 2016, pp. 10-20.
[3] Ibid., pp. 10-20.
[4] Ambos, 2018, p. 414.
[5] Ibid., p. 415.
[6] Available at: https://www.ejn-crimjust.europa.eu/ejn2021/ContentDetail/EN/2/63https://www.europarl.europa.eu/news/en/headlines/society/20211008STO14521/cybersecurity-why-reducing-the-cost-of-cyberattacks-matters. (Accessed: 10 March2024).
[7] Available at: https://home-affairs.ec.europa.eu/policies/schengen-borders-and-visa/schengen-information-system/what-sis-and-how-does-it-work_en (Accessed: 10 March 2024).
Reference
Ambos, K. (2018) European Criminal Law. Cambridge: Cambridge University press.
Digmelashvili, T. (2023) ‘The Impact of Cyberwarfare on the National Security’, Future Human Image, 19, pp. 12-19; https://doi.org/10.29202/fhi/19/2.
Maras, M. H. (2016) Cybercriminology. Oxford: Oxford University Press.
Council Framework Decision 2002/584/JHA, OJ L 190, 18.7.2002.
Council Framework Decision 2008/978/JHA, OJ L 350, 30. 12. 2008.
Directive 2014/41/EU, OJ L 130, 1.5.2014.
Regulation (EU) 2018/1805, OJ L 303, 28.11.2018.
https://www.ejn-crimjust.europa.eu/ejn2021/ContentDetail/EN/2/63https://www.europarl.europa.eu/news/en/headlines/society/20211008STO14521/cybersecurity-why-reducing-the-cost-of-cyberattacks-matters. (Accessed: 10 March 2024).
https://home-affairs.ec.europa.eu/policies/schengen-borders-and-visa/schengen-information-system/what-sis-and-how-does-it-work_en (Accessed: 10 March 2024).
Comments