219 research outputs found
A infiltração online no processo penal – NotÃcia sobre a experiência alemã
The article describes the German discussion about the online-infiltration as a fact-finding measure in Criminal Procedure and tries to learn some lessons for the Brazilian system.O artigo descreve a discussão alemã sobre a técnica de investigação da infiltração online no processo penal e tenta extrair lições para o sistema brasileiro
“My Computer Is My Castle”: New Privacy Frameworks to Regulate Police Hacking
Several countries have recently introduced laws allowing the police to hack into suspects’ computers. Legislators recognize that police hacking is highly intrusive to personal privacy but consider it justified by the increased use of encryption and mobile computing—both of which challenge traditional investigative methods. Police hacking also exemplifies a major challenge to the way legal systems deal with, and conceptualize, privacy. Existing conceptualizations of privacy and privacy rights do not always adequately address the types and degrees of intrusion into individuals’ private lives that police hacking powers enable.
Traditional privacy pillars such as the home and secrecy of communications do not always apply to computer-based police investigations in an era of mobile technologies and ubiquitous data. In this Article, we conduct a comparative legal analysis of criminal procedure rules in the United States, Germany, Italy, the Netherlands, and the United Kingdom to see which privacy frameworks lawmakers and courts apply when regulating police hacking. We show that while classic privacy frames of inviolability of the home and secrecy of communications remain adequate for some forms of police hacking (observation and interception), they fail to capture novel and fundamentally different ways in which the most intrusive forms of police hacking (covert online searches and remote surveillance) impact privacy in twenty-first-century society.
Our analysis shows the emergence of two new frameworks that have the potential to begin filling this void: 1) a container-based approach, focusing on the computer as protection-worthy in itself—or the “informatic home;” and 2) a content-based approach, focusing on the protection of data—or “informatic privacy.” Since both approaches have valuable benefits and potential drawbacks, we propose that a complementary application of the two might work best to capitalize on their advantages over traditional privacy frameworks to regulate police hacking
EL "DERECHO FUNDAMENTAL A LA CONFIDENCIALIDAD E INTEFRIDAD DE SISTEMAS INFORMÁTICOS"- UN APORTE EXITOSO A LA CREACIÓN DE DERECHOS DE LIBERTAD?
Después de la notificación de la Sentencia del Tribunal Constitucional Federal sobre la inconstitucionalidad de las disposiciones relacionadas con el denominado Registro informático que se contemplaban en la Ley de seguridad constitucional del estado federado de Nordrhein-Westfalen los medios de comunicación informaron sobre la creación de un nuevo derecho fundamental por parte del Tribunal Constitucional Federal: el llamado derecho fundamental informático. El objeto de este artículo es, tomando como punto de partida dicha sentencia, analizar de forma crítica el problema de la creación de “derechos fundamentales”
EL "DERECHO FUNDAMENTAL A LA CONFIDENCIALIDAD E INTEFRIDAD DE SISTEMAS INFORMÁTICOS"- UN APORTE EXITOSO A LA CREACIÓN DE DERECHOS DE LIBERTAD?
Después de la notificación de la Sentencia del Tribunal Constitucional Federal sobre la inconstitucionalidad de las disposiciones relacionadas con el denominado Registro informático que se contemplaban en la Ley de seguridad constitucional del estado federado de Nordrhein-Westfalen los medios de comunicación informaron sobre la creación de un nuevo derecho fundamental por parte del Tribunal Constitucional Federal: el llamado derecho fundamental informático. El objeto de este artículo es, tomando como punto de partida dicha sentencia, analizar de forma crítica el problema de la creación de “derechos fundamentales”
Fundamental Rights in the Use and Abuse of the Social Networks in Italy: Criminal Aspects
Aquesta anàlisi dels comportaments il·lícits en l’ús i l’abús de les xarxes socials se centra, en primer lloc, en els delictes que aquestes conductes poden configurar (epígrafs 3 a 6) –alguns dels quals són s’han introduït recentment, com el ciberassetjament a menors (child grooming)–, en els quals els usuaris de les xarxes poden ser tant autors com víctimes de les violacions dels drets fonamentals que aquestes conductes afecten (epígraf 2). En segon lloc, es tracta de la qüestió de la possible responsabilitat penal dels gestors de les xarxes socials –que es poden reconduir a la categoria general dels proveïdors de serveis d’internet– que assumeixen un paper cada vegada més incisiu i protagonista en l’evolució del sistema i, per tant, també en les estratègies de prevenció i control de les activitats il·lícites a la xarxa (epígraf 7). Els principals aspectes crítics sorgits d’aquesta investigació suggereixen algunes indicacions inicials per a adequar el dret penal que regula aquesta matèria a les necessitats que presenta. This analysis of criminal behaviour in the use and abuse of social networks focuses, firstly, on the crimes that this behaviour can lead to (epigraphs 3 to 6) – some of which have been introduced recently, such as child grooming – where users of these networks can be both the offender or victim in the violation of the fundamental rights affected by such behaviour (epigraph 2). Secondly, it looks at the question of the possible criminal responsibility of social network managers – who are taking on an increasingly incisive role and becoming more important agents in the system’s evolution, and, thus, also in the strategies for preventing and controlling criminal activities on the web (epigraph 7). The main critical aspects arising from this research highlight initial indications for how to adapt the criminal law regulating this area to the current needs.Este análisis de los comportamientos ilícitos en el uso y el abuso de las redes sociales se centra, en primer lugar, en los delitos que estas conductas pueden configurar (epígrafes 3 a 6) –algunos de ellos de reciente introducción, como el de child grooming– en que los usuarios de las redes pueden ser tanto autores como víctimas de las violaciones de los derechos fundamentales a los que tales conductas afectan (epígrafe 2). En segundo lugar, se trata la cuestión de la posible responsabilidad penal de los gestores de las redes sociales –que se pueden reconducir a la categoría general de los internet service providers– que están asumiendo un papel cada vez más incisivo y protagonista en la evolución del sistema y, por tanto, también en las estrategias de prevención y control de las actividades ilícitas en la red (epígrafe 7). Los principales aspectos críticos surgidos de la presente investigación sugieren algunas indicaciones iniciales para adecuar el derecho penal que regula esta materia a las necesidades que presenta
Remote forensic investigations
Diese Arbeit setzt sich zur Aufgabe, die neue Ermittlungsmethode der Online Durchsuchung zu erörtern und in einer breiten und allgemeinen Art zu präsentieren. Ein besonderer Fokus wird dabei auf das Verhältnis von Technik und Recht gelegt.
Dem Leser wird vorab ein weit gefasster technischer Teil präsentiert, der die Darstellung der verschiedenen, im Zuge einer Online Durchsuchung angewendeten, Software-Programme involviert, wobei besonderes Augenmerk auf die technischen Aspekte der Telekommunikation sowie der Verschlüsselungstechnik gelegt wird. Darüber hinaus beinhaltet die, in einem Abschnitt konzentrierte, technische Aufarbeitung des Dissertationsthemas eine kurze Einführung in die Computer-Forensik, also die Vorgehensweise einer „Computerdurchsuchung“ durch die Strafverfolgungsbehörden. Neben einer Beschreibung der festgelegten Verfahren und Prinzipien einer derartigen „Computerdurchsuchung“ wird überblicksmäßig auch auf die speziellen Hard- und Software-Tools eingegangen. Diesen technischen Teil abschließend werden sodann auch die angedachten Einsatzgebiete der Online-Durchsuchung aufgezeigt und einer faktisch-technischen Begutachtung unterzogen.
Der auf die technische Erörterung folgende Rechtsteil der Arbeit enthält neben einem Überblick über die verfassungsrechtlichen Bestimmungen, insbesondere eine Auseinandersetzung mit der in punkto Online-Durchsuchung wesentlichen Frage der Verhältnismäßigkeit. Trotz des Umstandes, dass sich die vorliegende Dissertation vor allem mit dem Verfahrensrecht befasst, erfolgt eine kurze Darstellung von wichtigen materiell-rechtliche Bestimmungen. Nach einer Einführung in die Strafprozessordnung und ihrer Grundsätze – wobei insbesondere das Kräfteverhältnis zwischen Kriminalpolizei, Staatsanwaltschaft und Gerichten sowie das System zur Durchsetzung von Zwangsmaßnahmen erläutert wird – konzentriert sich die Darstellung auf einzelne Bestimmungen der StPO, die auf den ersten Blick gerechtfertigt erscheinen, eine Online-Durchsuchung durchzuführen. Die dabei eingehend beleuchteten verfahrensrechtlichen Paragraphen betreffen:
- Durchsuchung von Orten und Gegenständen (§§ 117 Z2 iVm 119 Abs 1 StPO),
- Überwachung von Nachrichten (§§ 135 Abs 3 iVm 134 Z3 StPO),
- Auskunft über Daten einer Nachrichtenübermittlung (§§ 134 Z2 iVm 135 Abs 2 StPO),
- Großer bzw. kleiner Lauschangriff (§§ 136 iVm 134 Z4 StPO).
Im Anschluss widmet sich die Dissertation dem Sicherheitspolizeigesetz.
Die Aufarbeitung des SPG erfolgt in gleicher Art und Weise wie die zuvor erörterten Thematiken, wobei die darin normierten Aufgaben des Rechtsträgers, i.e. die erste allgemeine Hilfeleistungspflicht sowie die Aufrechterhaltung der öffentlichen Sicherheit und Ordnung und die damit einhergehenden Kompetenzen der Sicherheitspolizei, einer näheren Begutachtung unterzogen werden. Im Speziellen werden folgende Bestimmungen untersucht:
- Betreten und Durchsuchen von Grundstücken, Räumen und Fahrzeugen (§ 39 SPG),
- Zulässigkeit der Verarbeitung von personenbezogenen Daten (§ 53 SPG),
- Besondere Bestimmungen für die Ermittlung (§ 54 SPG).
Die betreffenden Unterkapiteln des rechtlichen Teils dieser Dissertation endet mit dem Versuch, die Online-Durchsuchung als modernes Ermittlungs- und Beweissicherungsinstrument die besprochenen verfahrensrechtlichen Bestimmungen zu subsumieren.
Im abschließenden Teil beschäftigt sich die vorliegende Arbeit mit dem Verhältnis von Prävention und (Straf-)Verfahrensrecht. Ausgehend von generellen Überlegungen zu Prävention und einem historischen Abriss der Entwicklung vom Naturrecht zum Rechts- und schließlich zum Präventionsstaat, beleuchtet der Autor die problematische Wechselbeziehung anhand von fünf Punkte näher:
- Generelle Überlegungen zur Prävention,
- Verhältnis der Kompetenzen von Kriminal- und Sicherheitspolizei,
- Systematische Problem der Eingliederung der Online Durchsuchung im Rechtssystem Österreichs,
- Präventive Aspekte im materiellen Strafrecht,
- Verdachtslage vor Durchführung einer Online Durchsuchung.
Zusammenfassend ist festzuhalten, dass nach Intention der vorliegenden Dissertation der geschätzte Leser einen generellen Überblick über das Thema „Online Durchsuchung“ erhalten soll. Darüber hinaus wird der Versuch unternommen, sowohl die in der Maßnahme involvierten technischen als auch rechtlichen Aspekte gleichermaßen zu erläutern und einander gegenüber zu stellen. Der Fokus soll dabei jedoch nicht wie in anderen, bereits verfügbaren Schriften auf grund- und menschenrechtlicher Basis liegen, sondern wird vielmehr die problematische Eingliederung dieser Ermittlungsmethode in das österreichische (Verfahrens-)Rechtsystem aufgezeigt. Dabei dienen insbesondere die Strafprozessordnung und das Sicherheitspolizeigesetz als Vergleichsmaßstab.The purpose of this thesis is to provide an introduction and general overview of the newly developed method of remote forensic investigations. It intends to present RFIs in a rather broad and general way with a special focus on the relationship between technology and law. T
The technical part of this thesis involves presentations of software programs potentially capable to be applied in RIFs. The terms of ‘malware’ and ‘viruses’ are also clarified, as are the expressions ‘spyware’ and the various forms of ‘Trojan horses’. Special attention is given to the technical issues and properties of telecommunication as well as to that of decryption and encryption. In order to show how a computer has to be searched physically by law enforcement agencies, the author gives a brief introduction into computer forensics. The illustration includes a description of the established procedures for the investigation authorities and the various principles the process is based on. Furthermore, a brief overview of the special hardware as well as software tools is given. Thereafter, a presentation of the potential application of a remote forensic investigation in regards to its two main purposes, i.e. obtaining access to a computer and the exploitation of that access.
The legal part of this thesis starts with an overview on the relevant provisions in the Austrian constitutional law and one of its cornerstones - the principle of proportionality. Despite the fact that this thesis is mainly dedicated to procedural law, the author gives a summary of important substantive law provisions. This is necessary in order to show that the security agencies would – without empowerment to conduct a remote forensic investigation – commit a criminal act and would therefore be liable for it as well. After an introduction into criminal procedures law, involving an illustration of general principles – such as the principle of indictment, or the system of warrants – the relationship between the criminal police, the public prosecution and the court as well as their special tasks and competences, the provisions in regard to remote forensic investigations are pointed out extensively. Especially the following provisions of the Austrian Code of Criminal Procedure are examined in detail including an extensive effort to subsume an RFI under them:
- Search of Locations and Objects
according to section 117 no. 2 in conjunction with section 119 para. 1 of the Austrian Code of Criminal Procedure
- Surveillance of Data and Communication
according to section 135 para. 3 in conjunction with section 134 no. 3 of the Austrian Code of Criminal Procedure
- Disclosure of Transmission Data
according to section 134 no. 2 in conjunction with section 135 para. 2 of the Austrian Code of Criminal Procedure
- Surveillance of Persons
according to section 136 in conjunction with section 134 no. 4 of the Austrian Code of Criminal Procedure
Following this, a similar approach is used in order to present the Austrian Security Police Act. Special focus is put on the tasks of maintaining public order, primary assistance and maintaining public security. Consequently, the competences of the public security police will be illustrated in the same manner as the competences of the criminal police:
- Competence to Enter and Search of Premises, Rooms and Vehicles
according to section 39 of the Austrian Security Police Act
- Legitimacy of Processing of Personal Data
according to section 53 of the Austrian Security Police Act
- Special Regulations for Investigation
according to section 54 Austrian Security Police Act
The final part of this thesis is dedicated to the relationship between the prevention of criminal incidents and criminal procedural law. Starting with rather general considerations to prevention and a historic overview on the development from a state of nature, to a state of law and finally to a state of prevention, following five aspects are examined in depth:
- General aspects of prevention,
- Relationship between the criminal police and the public security police,
- Systematic questions regarding an incorporation of RFIs into the Austrian legal order,
- Preventive aspects within the regime of substantive criminal law, and
- Demanded degree of suspicion.
Summarizing, it is to state that the intention for this thesis is to give a broad and general overview on RFIs, from a technological as well as a legal point of view. The focus is – unlike other publications in this respect – not directed on fundamental/human rights issues, rather than on issues related to a potential incorporation of RFIs into the Austrian legal order. The Austrian Code of Criminal Procedure and the Austria Security Police Act are the points of reference and the standard of comparison
Mobile, intelligent and autonomous policing tools and the law
This thesis resolves
around problems arising for the existing
legal framework from the use of
novel software-‐based
policing tools during criminal
investigations. The
increasing dependence on information and
communication technologies and the Internet means
that more aspects of people’s lives move online, and
crime follows them. This has triggered the development
of innovative, autonomous investigative technologies that
are increasingly replacing human officers for the policing
of the online sphere. While only recently discussions of
the legal status of embodied and unembodied robotical
devices have gained more widespread attention, discussions
of the legal status of autonomous agent technology are not
new. They have focussed however in the past on applications
in the private domain, enabling contract formation online. No
systematic study has so far been carried out that looks at the
use of autonomous agent technology when deployed by state
actors, to fulfil core state functions. This thesis starts with the
hypothesis that the use of automated, intelligent devices to
replicate core police functions in the online world will increase
in the future. Looking at first emerging technologies, but with an
eye
towards
future
deployment
of
much
more
capable
software
tools
that
fulfil
policing
functions
on
the
Internet,
this
thesis
looks
at
the
challenges
this
poses
for
regulators
and
software
developers.
Based
on
extensive
qualitative
research
interviews
with
stakeholders
from
two
different
jurisdictions
(Germany
&
UK)
this
thesis
finds
that
these
novel
policing
technologies
challenge
existing
legal
frameworks,
which
are
still
premised
on
the
parameters
of
the
offline
world.
It
therefore
develops
an
alternative
governance
model
for
these
policing
tools,
which
enables
their
law-‐compliant
use
and
prevents
rights
violations
of
suspects.
In
doing
so
it
draws
upon
both
worlds,
the
technical
and
the
legal,
while
also
incorporating
the
empirical
research
results
from
the
interviews
with
experts.
The
first
part
of
this
thesis
analyses
the
technical
foundations
of
these
software-‐based
policing
tools.
Here,
one
of
the
key
findings
is
that
the
current
governance
system
focuses
on
ex-‐ante
authorisation
of
very
specific,
individual
software
tools
without
developing
a
systematic
classification.
This contradicts the principle of sustainable law making. To overcome this piecemeal approach,
as a first contribution to existing research this work defines a new class of investigative technologies
– mobile, intelligent and autonomous (MIA) policing tools ‐ based on the findings of the technical
analysis. Identifying such a natural class of present and future technologies that pose the same type
of legal issues should facilitate the sustainable governance of these new policing tools. The second
part of this thesis analyses two specific legal issues: cross-jurisdictional investigations and the
evidentiary value of the seized data. These issues were identified as most pressing by the
experts interviewed for this work. This analysis reveals that investigative activities of MIA tools
are potentially in conflict with international law principles and criminal procedure law.
In order to gain legitimacy, these new policing tools need to operate within the parameters
of the existing legal framework. This thesis argues that given the unique technical capabilities
of MIA tools, the primary approach to achieving this is to assign legal responsibility to these
tools. The third part of this thesis develops
a novel governance approach to ensure that MIA tools operate within the parameters of the legal framework,
and therefore obtain legitimacy and relevance, also with regard
to the investigative results. This approach builds on existing research identifying
code as a regulatory modality and contributes to the field of legal
theory. It constitutes a solution for the governance problems of
MIA tools, however, it requires currently
lacking collaboration among stakeholders
and cross-disciplinary research
- …