The fight against cybercrime in Serbia

The fight against cybercrime in Serbia

Strategic commitment?

The Strategy for the fight against high-tech crime in Serbia

 

In 2018, the Government of the Republic of Serbia passed the national Strategy for the fight against cybercrime.

The Strategy was adopted for the period 2019-2023.

An integral part of the Strategy is the Action Plan for its implementation for the period 2019-2020.

The action plan for the next period has not been adopted.

The Strategy defines the institutional response to emerging forms of high-tech crime, the roles and responsibilities of state authorities, and the goals and basic directions of action to combat all types of high-tech crime

In the Strategy and the Action Plan, problems are identified, the solution of which is determined through specific goals, and measures and activities are foreseen to achieve those goals (with determined carriers, deadlines, results and costs).

PROBLEMS IDENTIFIED

The following problems have been identified in combating high-tech crime:

  • to harmonize the Criminal Code and the Criminal Procedure Code with the EU acquis, as well as with the Convention on cybercrime
  • to supplement and amend the existing laws that define the competences of state authorities, related to high-tech crime
  • by-laws to regulate this area more closely
  • to enforce the provisions of the Law on the Organization and Competence of State Authorities for the Fight against High-Tech Crime
  • to amend and supplement the aforementioned law, in order to increase the institutional capacity of the prosecution and the police, as well as other state bodies that are responsible for the fight against high-tech crime
  • izmeniti akte o unutrašnjem uređenju i sitematizaciji radnih mesta u organima državne uprave
  • to ensure a uniform action of the bearers of the fight against high-tech crime   
  • to invest in specialist staff training, technical equipment, new software tools
  • to establish a definition of critical infrastructure
  • to introduce the simpler possibilities of conducting digital forensics
  • to improve cooperation in this area, both between state administration bodies and with the private sector and civil society organizations
  • to improve regional and international cooperation, primarily with Interpol
  • to carry out preventive activities related to strengthening the awareness of citizens, as well as authorities, about the possibilities of misuse of information and communication technologies, mobile phones, the Internet and social networks
  • to improve a proactive approach in which all actors recognized as bearers of the fight against high-tech crime will participate, primarily the Special Prosecutor's Office and the Ministry of Internal Affairs, the Department for Suppression of High-Tech Crime
  • to enable the spontaneous exchange of information
  • to enable cooperation on the implementation of measures and actions defined by the Convention on cybercrime

SPECIFIC GOALS

Four specific goals have been determined, aimed at solving the recognized problems, and measures and activities related to them have been defined:

Measure 1.1. Draft proposals for amendments and additions to the legal regulations of the Republic of Serbia with the legal acquis of the European Union

 

Activities:

  • Create a Draft Law on Amendments to the Code of Criminal Procedure and the Criminal Code in order to harmonize it with Directive 2013\40
  • Draft the Law on Amendments to the Code of Criminal Procedure and the Criminal Code in order to harmonize it with Directive 2011\93

Measure 2.1. Reorganize the High-Tech Crime Department

 

Activities:

  • Amend the act on internal organization in accordance with the personnel plan of the Ministry of Internal Affairs and financial possibilities
  • Complete the Department for the prevention of abuses in the field of electronic commerce, electronic banking and payment cards on the Internet
  • Fill out the Department for Suppression of Illegal and Harmful Content on the Internet

 

Measure 2.2. Form special organizational units in bodies and organizations in accordance with their competences and needs

 

Activities:

  • Form an organizational unit for the fight against high-tech crime in the Customs Administration
  • Form an organizational unit for the fight against high-tech crime in the Security and Information Agency
  • Form a special organizational unit in the Military Police of the Serbian Army

 

Measure 2.3. Improving the personnel, professional, technical and organizational capacities of competent institutions for exchanging data on incidents and responding to incidents

 

Activities:

  • Conduct training for employees in competent authorities on how to deal with incidents in ICT systems
  • Raise the digital competences of employees in the public sector

 

Measure 2.4. Realize the necessary trainings of different levels

 

Activities:

  • Create an analysis of the educational needs of basic training for state bodies responsible for the fight against high-tech crime
  • Create a training program and plan in accordance with the conclusions of the analysis
  • Implement basic level trainings
  • Realize specialist training at the invitation of international organizations that participate in the fight against high-tech crime

 

Measure 2.5. Get modern electronic equipment and software tools

 

Activities:

  • Procurement of computer equipment
  • Procurement of specialized software
  • Training for the application of modern electronic equipment and software tools

 

Measure 2.6. Harmonization of the standard operating procedures of the carriers of the fight against high-tech crime

 

Activities:

  • Adopt operational procedures for collecting and securing electronic evidence
  • Improve the work methodology of other state bodies in accordance with the adopted instruction in the procedure of collecting and securing electronic evidence

Measure 3.1. Raising public awareness of high-tech crime

 

Activities:

  • Conduct education of children and parents, social workers and teaching staff about the dangers of high-tech crime
  • Raise the level of public awareness through cooperation with the media
  • Inform banks' clients about the dangers of high-tech crime
  • IT Caravan - an educational campaign for the promotion of useful, creative and safe use of information technologies
  • Inform and educate children, parents and teachers on the topic of children's safety on the Internet by organizing trainings in schools
  • Inform and educate children, parents and teachers on the topic of children's safety on the Internet through the work of the National Contact Center for Children's Safety on the Internet - BIT 19833
  • Smart and safe promotional campaign (Girl/Girl in ICT Day, Safe Internet Day, European Programming Hour, Information Society Day...)
  • Training aimed at increasing the capacity of employees in system institutions for the implementation of the Regulation on the safety and protection of children when using information and communication technologies

 

Measure 3.2. Raising the level of awareness among public authorities regarding high-tech crime

 

Activities:

  • Conduct basic level training for public authorities on high-tech crime
  • Create adequate material for e-training of police officers in the field of combating high-tech crime
  • Conduct e-training to raise the level of awareness of police officers in the field of combating high-tech crime

Measure 4.1.Improve cooperation between the private, public sector and civil society

 

Activities:

  • Sign a joint memorandum on the cooperation of the leaders of the fight against high-tech crime
  • Sign memoranda on cooperation with scientific institutions, the Association of Serbian Banks and business entities
  • Organize and participate in joint conferences

 

Measure 4.2.Improve cooperation on preventing sexual exploitation of children and minors

 

Activities:

  • Establish direct communication between the Department for Suppression of High-Tech Crime and Interpol's database of video and photo materials resulting from the exploitation of minors for pornographic purposes on the Internet
  • Pass a mandatory instruction / instruction on the formation and use of a national database of content created by the abuse of minors on the Internet
  • Establish a database of video and photo materials created by exploiting minors for pornographic purposes on the Internet

 

Measure 4.3.Improve international and regional police cooperation

 

Activities:

  • Intensify the exchange of operational data and information
  • Create standard operating procedures for 24/7 contact points
  • Participate in joint international actions

By fulfilling the set strategic goals and further developing international and regional cooperation in this area, it was expected that the Republic of Serbia would contribute to security, not only in the country, but also in the region.

The question is what happened to these expectations?

IMPLEMENTATION, MONITORING, EVALUATION AND REPORTING

The strategy envisages that:

 

  • Ministries and other state bodies implement the strategy, within their competences;
  • the Government will establish the Council for the fight against high-tech crime, as a working body, whose competence will be the analysis of the implementation of the planned activities, and which, for this purpose, will submit periodic reports to the Government on the progress in the implementation of the Strategy and the Action Plan
  • the Council proposes the formation of an Expert Team for the implementation of the Strategy for the implementation of specific activities, which will be responsible for monitoring the success of the implementation of the Strategy and the Action Plan.
  • the Government, at the proposal of the Council, appoint a National Coordinator for the fight against high-tech crime, who will inform the Council about all aspects of the implementation of the Strategy and the Action Plan and coordinate the work of the Expert Team, whose members will provide him with information and data related to high-tech crime in order to achieve the goals more effectively Strategies
  • the National Coordinator and the Expert Team to meet quarterly, and more often as needed, and to prepare six-monthly reports with an assessment of the success of the Strategy's implementation and submit them to the Council, and the Council to the Government;
  • two evaluations will be done: one at the end of the second year of implementation and one at the end of 2023
  • the National Coordinator and the Expert Team will prepare a final report with an assessment of the success of the Strategy's implementation and submit it to the Government by the beginning of 2024 at the latest.

 

It is not known to the public whether:

 

  • the Council has been formed
  • the Expert team has been formed
  • the National coordinator has been appointed
  • evaluation has been performed 
  • final report has been made

A strategy within a strategy

As stated in the Strategy: "The Republic of Serbia is obliged to enact and implement a strategy and action plan for the effective resolution of high-tech crime in accordance with the strategic and operational approach to the European Union (EU) regarding high-tech crime", and the obligation "primarily stems from the Negotiating benchmarks for Chapter 24 - Justice, Freedom, Security".

The Action plan for Chapter 24 from 2016, within recommendation 9, contains three sub-recommendations, with eight defined activities, which the Republic of Serbia should fulfill within the EU accession process:

9.1: Provide further specialized training and capacity building of law enforcement authorities responsible for combating high-tech crime;

9.2: Harmonize the legislation of the Republic of Serbia with Directive 2013/40 and other legal acquis and standards of the EU in the field of combating high-tech crime;

9.3: Strengthen cooperation between state authorities and civil society institutions in the fight against high-tech crime.

After the opening of Chapter 24, Serbia received a transitional measure, which aims to develop a Strategy for the fight against high-tech crime, which reads:

"Serbia is preparing, adopting and implementing a strategy and action plan for the effective fight against high-tech crime in accordance with the strategic and operational approach of the EU regarding high-tech crime. Serbia is strengthening its operational capacity (in terms of staff and equipment in the High-Tech Crime Unit) to address the problem of high-tech crime and aligning its legislation with the relevant EU acquis, including with regard to child sexual abuse on the Internet, providing specialized training and raising the level of public awareness and among civil servants regarding high-tech crime"

2020 Revised Action Plan determines nine activities directed towards this transitional measure, the bodies/institutions responsible for the implementation of those activities, deadlines, means and indicators of results have been determined.

Among the activities specified in the Revised Action Plan are the implementation of the Strategy and the Action Plan and reporting thereof, as well as the harmonization of laws and by-laws with the Council of Europe Convention on cybercrime (with accompanying protocols) and relevant EU acquis

In this regard, the Strategy itself states: "the process of European integration is expected to increase the expediency of work in high-tech crime cases, in terms of a faster flow of information needed for the detection and prosecution of perpetrators of criminal acts, and a faster response to mutual requests for the provision of international legal assistance ", which will be achieved "through the strengthening of the capacities of state bodies of the Republic of Serbia, especially the Special Prosecutor's Office for the fight against high-tech crime".

While waiting for the final report with the assessment of the success of the implementation of the Strategy for the period 2019-2023, the question arises: is it time for a new Strategy?