RITI-Policy Helps Romania Fight Cyber Crime

In 2003, it has been estimated that 12% of cyber-attacks on American companies came from Romania. This cyber crime, defined as illegal activities performed using computer systems (such as online fraud, unauthorized access to computer data, and denial of service attacks) is a top priority for the Government of Romania. Not only does cyber-crime cause problems for Romanian and other online companies to do business, it has understandably had a dramatically negative impact on the development of the Romanian IT sector, especially e-commerce.

To combat this pressing problem, the Government of Romania passed a series of cyber crime laws in April of 2003. While the enactment of these laws is essential to fighting cyber crime, their enforcement has been very challenging, in part due to the fact that these crimes are relatively new types of criminal behavior.

Most Romanian law enforcement authorities have limited or no knowledge of computer systems, electronic data, or the reality of the cyber world. These officials have been seriously hindered by a lack of definitions on cyber crime and their inexperience with electronic data investigation procedures. They require guidance and clarification on what is cyber crime and how to investigate it, before they are able to enforce the cyber crime laws.

Building the Capacity of Romanian Law Enforcement to Enforce Cyber Crime Laws
dot-GOV's Romanian Information Technology Initiative (RITI-Policy) and Ion Georgescu, a computer crime legal consultant, have been working with the Ministry of Communications and Information Technology (MCTI) to address this need. Together they are drafting the Guide on the Implementation of Cyber Crime Law, targeting the Romanian authorities implementing this new cyber crime law.

In addition, once the Guide is completed, RITI-Policy and MCTI will work with Romanian Police and General Prosecutor Office to train investigators and prosecutors throughout the country on cyber crime. The cyber crime law guide will be used as a basis for this training program, as well as the experiences by other resident authorities, such as the U.S. Secret Service at the U.S. Embassy.

The development of this guide and training program was accomplished as a result of the close working relationship between MCTI and RITI-Policy. Through this ongoing relationship, MCTI is able to turn to the RITI-Policy team for solid technical assistance when new issues, such as cyber crime, come up.

Guide on the Implementation of Cyber Crime Law
Written in Romanian, the Guide explains the legal and technical aspects of cyber crime cases and how the law should be applied. The Guide is targeted to Romanian law enforcement officials with limited computer expertise, giving them practical, concrete guidance on how to investigate and enforce cyber crime laws.

The guide has two major sections:

I. A reference guide on computer systems and information traffic
Chapter 1 - Definitions of computer systems and their components (hard disks, CD-ROMs, flash memory etc.). Personal Digital Assistant and mobile phones are included.

Chapter 2 - Definitions of computer networks and their components - servers, hubs, routers etc., including Internet, Intranet, VPN etc.

Chapter 3 - Definitions of services and software (world wide web, email, ftp, IRC, instant messaging, network software, encryption software, etc.)

Chapter 4 - Overview of the major vulnerabilities of computer systems.

II. Legal provisions on computer crime
Chapter 5 - Regulations on computer crime. Presents the concept of computer crime, the different types of computer attacks, and European regulation on computer crime.

Each offence regulated under the current Romanian law is analyzed using examples and case studies (Title III of Law 161/2003 on Certain Steps to Ensure Transparency in Performing High Official, Public, and Business Positions to Prevent and Sanction Corruption).

Chapter 6 - Investigating computer crime and digital evidence. Introduces the procedures for on-site investigations, search and seizure, as well as tools and methods of laboratory investigation for digital evidence and computer crimes.

The procedures investigators need to follow are presented along with issues of data validation and checking of investigative accuracy. The chapter addresses definitions and types of digital evidence and the risks related to collecting and safeguarding evidence.

  • Standards and internationally recognized best practices in the area of computer crime investigation, collection, and analysis of digital evidence;
  • Case studies from Romania and abroad;
  • Additional resources such as Romanian institutions responsible for cyber security, and relevant websites; and
  • Terminological index with the key words and concepts and the acronyms used.
Roll Out of the Cyber Crime Guide
The final version of the Guide on the Implementation of the Cyber Crime Law was submitted for comments to the MCTI as well as to the US Embassy in February 2004. The Guide will undergo a final review in April, after which it will be published and distributed to county police departments throughout Romania. The training program for Romanian investigators and prosecutors is anticipated for Autumn 2004.

The RITI-Policy Project began on May 21st, 2002 and will run three years (Associate Cooperative Agreement No. 186-A-00-02-00101-00 under the dot-GOV Leader Award No. GDG-A-00-01-00009-00).

For More Information, Contact:
Sarah Tisch, Ph.D.
Chief-of-Party, dot-GOV
Internews Network
Tel: 202 833-5740 x 203

R. Jerker Torngren
Chief-of-Party, e-Government project
Internews Network

Related DOT-COM Activity
RITI | Policy
Related DOT-COMments Newsletter Articles
Related Links
Click on USAID's logo to visit USAID
Click on Internews Network logo, to visit Internews
Click on Academy for Educational Development (AED) logo to visit AED
Click on Educational Development Center (EDC) logo to visit EDC
Core funding for the DOT-COM Alliance is provided by the United States Agency for International Development (USAID), Bureau for Economic Growth, Agriculture & Trade, Office of Infrastructure and Engineering (EGAT/OI&E), Office of Education (EGAT/ED), and Office of Women in Development (EGAT/WID), under the terms of Award numbers: GDG-A-00-01-00009-00, dot-GOV; GDG-A-00-01-00014-00, dot-ORG; GDG-A-00-01-00011-00, dot-EDU.
© dot-com-alliance. All rights reserved.
The views expressed in this publication do not necessarily reflect the views of the United States Agency for International Development or the United States Government.
Privacy Policy: https://dot-com-alliance.org/policy.htm
Accesibility: https://dot-com-alliance.org/policy.htm#accessibility
Webmaster: [email protected]