[governance] Re: IG questions that are not ICANN [was: Irony]

Alejandro Pisanty apisan at servidor.unam.mx
Sat Dec 1 21:02:09 EST 2007 

Hi,

on the strand on cybercrime:

a useful way to approach this would be to make a quick list of 
stakeholders (the four WSIS stakeholder groups, then a more fine-grained 
segmentation of these), and their present and possible future roles.

Thus, you can recognize governments as you are already doing. Governments 
in many countries (certainly the once you are mentioning here) have three 
main branches, executive, legislative, and judiciary. Each plays or can 
play a vital, differentiated role. Then e.g. within the executive you have 
differentiated functions - crime prosecution is in the executive in many 
countries, crime prevention, education, telecoms regulator (or other 
setting and policing rules for ISP operation), and so on.

The cooperation described in previous emails in this strand is mainly 
among law-enforcement agencies, which aid each other cross-border in 
investigating crimes and prosecuting criminals.

Not much of this can be done with cooperation form other parts of the 
governments. It is well known that a person that has committed a crime 
under the laws of country A but is in country B cannot be captured in 
country B and lawfully extradited to country A unless his actions are also 
a crime in country B. And then of course you have to have compatible rules 
for evidence, country A has to recognize the evidence obtained in country 
B, the rules for the control of the custody of the chain of evidence in 
country B have to satisfy country A, and so on.

Lawyers and other experts will be happy to dwell in the details.

The business (what we call the private sector outside the US and UK) to 
business cooperation is often easier to meet. Phishing is recognized by 
banks in most countries, and though competition issues (banks compete with 
each other by being safer, among other factors) may make them want to not 
cooperate, once the environment is toxic enough they will not only 
cooperate with each other in-country but also cross-border. This gets 
complicated by the huge level of consolidation among banks that exists 
transnationally.

Other private-sector victims or co-victims to cybercrime (strictly 
speaking the bank is not the victim of phishing; the client is the victim; 
so I use "co-victim" because banks are shouldering some of the burden for 
many reasons) such as small and medium enterprises which are swindled by 
criminals (e.g. in fake purchases) may find it more difficult to cooperate 
with their peers cross-border directly, preferring their governments to 
act on their behalf instead, unless they are very cyber-savvy.

(And, ah, many of us are of the opinion that there is actually no 
cybercrime, only crime committed by cyber means.)

I'll stop here for a moment and ask, what is the role of civil society in 
this picture? (exercise left to the readers.)

Yours,

Alejandro Pisanty


.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  . .  .  .  .  .  .
      Dr. Alejandro Pisanty
Director General de Servicios de Computo Academico
UNAM, Universidad Nacional Autonoma de Mexico
Av. Universidad 3000, 04510 Mexico DF Mexico
Tel. (+52-55) 5622-8541, 5622-8542 Fax 5622-8540
http://www.dgsca.unam.mx
*
---->> Unete a ISOC Mexico, www.isoc.org
  Participa en ICANN, www.icann.org
.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .


On Sat, 1 Dec 2007, Jacqueline A. Morris wrote:

> Date: Sat, 1 Dec 2007 21:34:54 -0400
> From: Jacqueline A. Morris <jam at jacquelinemorris.com>
> Reply-To: governance at lists.cpsr.org,
>     Jacqueline A. Morris <jam at jacquelinemorris.com>
> To: governance at lists.cpsr.org, 'Ian Peter' <ian.peter at ianpeter.com>,
>     'Suresh Ramasubramanian' <suresh at hserus.net>
> Subject: RE: [governance] Re: IG questions that are not ICANN [was: Irony]
> 
> There is some cross-boundary cooperation, but it isn't easy. There are some
> bilateral agreements (for example between Trinidad and Tobago and the UK and
> also with the US ) that allow for co-ordination and cooperation in certain
> instances, but some in the local Police complain that the processes are
> unwieldy.
> I do agree that there needs to be more than simple government to government
> cooperation. But governments are vital, in that they are the ones who can
> sign agreements that are binding, they can amend laws that allow for
> cooperation (and that is important with regard to evidence, with regard to
> what is allowed in different jurisdictions, such as methods of data
> gathering).
> Jacqueline
>
>> -----Original Message-----
>> From: Ian Peter [mailto:ian.peter at ianpeter.com]
>> Sent: Friday, November 30, 2007 23:03
>> To: governance at lists.cpsr.org; 'Suresh Ramasubramanian'
>> Subject: RE: [governance] Re: IG questions that are not ICANN [was:
>> Irony]
>>
>> Nice concept Suresh, but at Rio a number of govt reps complained at the
>> almost total lack of international co-operation in this area and the
>> ineffectiveness of current efforts because there is no way to get
>> cross-boundary co-operation currently.
>>
>> That’s a structural problem IMHO. And one not likely to be solved
>> solely by
>> governments co-operating among themselves. In addition technical
>> co-operation is necessary as they readily admit - that takes two forms
>> at
>> least which I outlined. Finally the public policy issues are
>> substantial of
>> course.
>> .
>>
>> Ian Peter
>> Ian Peter and Associates Pty Ltd
>> PO Box 10670 Adelaide St  Brisbane 4000
>> Australia
>> Tel (+614) 1966 7772 or (+612) 6687 0773
>> www.ianpeter.com
>> www.internetmark2.org
>> www.nethistory.info
>>
>>
>> -----Original Message-----
>> From: Suresh Ramasubramanian [mailto:suresh at hserus.net]
>> Sent: 01 December 2007 14:00
>> To: governance at lists.cpsr.org; Ian Peter
>> Cc: 'Alejandro Pisanty'; 'Milton L Mueller'
>> Subject: Re: [governance] Re: IG questions that are not ICANN [was:
>> Irony]
>>
>> Ian Peter [01/12/07 13:45 +1100]:
>>
>>> A structure for dealing with cybercrime would have the following
>> inputs
>>> 1. Governmental
>>> 2. Industry players (carriers, ISPs, etc)
>>> 3. Technical innovators and standards groups
>>> 4. Public interest groups
>>> Each would need representation on a structure dealing with this issue.
>>
>> Actually, the focus would not be on "governance" - it would be on
>> interoperability and cooperation across "stakeholder communities" (or
>> stakeholder silos, as I've heard them called .. civ soc talking to
>> other
>> civ soc, agency talking to agency etc)
>>
>> Take a look at these three - they actually do a lot of what you ask
>> for.
>>
>> CoE convention on cybercrime -
>> http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm
>>
>> ITU botnet project - again, taking these concepts you cite and applying
>> them practically, instead of as a thought experiment -
>> http://www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html
>> http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-botnet-mitigation-
>> toolki
>> t-background.pdf
>>
>> And then this - a "self assessment" document to help a country assess
>> how
>> ready it is to deal with cybersecurity.
>> http://www.itu.int/ITU-D/cyb/cybersecurity/projects/readiness.html
>>
>>> Effective action would require the consent and involvement of each
>> group
>>
>> At an international level?  What you would get at that level is again
>> coordination and cooperation at a broad level, and awareness of each
>> others
>> initiatives. It is not like (say) governing a swiss canton where all
>> the
>> citizens can get together to decide where to build the next public
>> toilet
>> or how much to spend to improve a local park.
>>
>> 	srs
>> ____________________________________________________________
>> You received this message as a subscriber on the list:
>>      governance at lists.cpsr.org
>> To be removed from the list, send any message to:
>>      governance-unsubscribe at lists.cpsr.org
>>
>> For all list information and functions, see:
>>      http://lists.cpsr.org/lists/info/governance
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.503 / Virus Database: 269.16.11/1161 - Release Date:
>> 30/11/2007
>> 12:12
>>
>>
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.503 / Virus Database: 269.16.11/1161 - Release Date:
>> 30/11/2007
>> 12:12
>>
>>
>> ____________________________________________________________
>> You received this message as a subscriber on the list:
>>      governance at lists.cpsr.org
>> To be removed from the list, send any message to:
>>      governance-unsubscribe at lists.cpsr.org
>>
>> For all list information and functions, see:
>>      http://lists.cpsr.org/lists/info/governance
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.503 / Virus Database: 269.16.12/1162 - Release Date:
>> 11/30/2007 21:26
>>
>
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.503 / Virus Database: 269.16.12/1162 - Release Date: 11/30/2007
> 21:26
>
>
> ____________________________________________________________
> You received this message as a subscriber on the list:
>     governance at lists.cpsr.org
> To be removed from the list, send any message to:
>     governance-unsubscribe at lists.cpsr.org
>
> For all list information and functions, see:
>     http://lists.cpsr.org/lists/info/governance
>____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

More information about the Governance mailing list