The EU is starting to pay more attention to cybersecurity, but it still lacks a process to make it easier for police to share information across borders, writes Paul Rosenzweig.
Paul Rosenzweig is a senior adviser to The Chertoff Group and former Deputy Assistant Secretary for Policy at the US Department of Homeland Security.
Earlier this year the European Union released its new Agenda on Security. But the agenda, while admirable, is incomplete. It is missing a vital component – reform of the Mutual Legal Assistance Treaty (MLAT) process.
Europe’s new security agenda is an excellent first step toward greater EU cooperation in the cyber domain. European nations will work to reduce the barriers to cross-border cybercrime investigations, especially related to jurisdiction and evidence sharing. The agenda also obliges EU institutions to follow through on the 2013 Cybersecurity Strategy. That includes adopting a binding directive on network and information security.
As the agenda says, its goal is simple: “The implementation of this directive would not only promote better cooperation between law enforcement and cybersecurity authorities, but also provide for cybersecurity capacity building of competent member states’ authorities and cross-border incident notification.”
As a token of greater cooperation, the agenda also sets as a goal better law enforcement information sharing. It looks to Europol’s European Cybercrime Centre as “a central information hub for law enforcement.” In short, Europe is looking to get cyber serious.
But one component is missing – MLAT reform. Mutual Legal Assistance Treaties are the way police and prosecutors cooperate across borders. It is, for example, how police in Italy ask the police in America to collect evidence for them and send it back to Italy for a trial. The current process is simply not fit to the task.
A recent Global Network Initiative report on data flows across borders noted that typical law enforcement response times are measured in months, if not years – yet the cyber network acts, literally, at the speed of light.
In America, the President’s Review Group on Intelligence and Communications Technology reports that the average length of time it takes for the US to secure a response to its requests for evidence from foreign police partners is ten months.
Criminality and malfeasance on the internet have grown exponentially at a rate that mirrors the growth of the internet itself. And most, if not all, cyber criminality also is a breach of cybersecurity – the stolen password, for example, is both an enabler of theft and a means of cyber-attack on the unfortunate victim. And so, we need not only a “central hub” for cyber threat information and better cross-border incident notification – we need enhanced cross border law enforcement cooperation and better transnational sharing of evidence, leads, tips, and data about criminal behaviour.
We need a system that keeps up with the pace of the growth of criminality in the new cyber domain.
Truly comprehensive reform in the EU would also work to fix the MLAT system. What is needed is a new way – an MLAT system that produces a prompt and automated response. Today, requests for assistance are often still processed the old way – through formal diplomatic messages that go through courts and foreign ministries. That’s one reason the process is so slow. In the increasingly rapid age of cybercrime and cyber espionage increased use of rapid response mechanisms is essential.
A second keystone of MLAT reform would be reciprocity. One current cause of contention is that nations sometimes go around the MLAT system because it is so slow – but in doing so, they are acting unilaterally. A reciprocal, rapid system would solve that problem too. In other words, the US could agree to use non-unilateral MLAT means of evidentiary exchange as to matters within the jurisdiction of another nation, but only if that nation reciprocally agreed to do likewise with respect to evidence within American jurisdiction). To be sure, there may be exigencies (e.g. a serious, imminent threat of death or bodily injury) where even the revamped MLAT process might prove too slow – but those will be the exception rather than the rule.
The EU Security Agenda is a good first step. Kudos to the EU for putting cyber cooperation on the European security agenda. The next step, the vital one, is to deepen that cooperation. A nimble and effective MLAT process can enhance trans-border data exchanges, and bring law enforcement into the 21st century.