Rob Wainwright: Cybercriminals’ main commodity is personal data

With good reason, coverage of the World Economic Forum Annual Meeting in Davos is likely to focus on the troubled economic waters in which governments and corporations are still trying to navigate.

But the Meeting has a diverse agenda that tries to address the most important long-term trends affecting global society. Across this year’s agenda, a strong programme of events is addressing the risks and disadvantages posed by the rapid growth of Internet connectivity.

This connectivity is overwhelmingly positive. Newspapers – from The Times of London to The Times of India – are now equally available to the residents of all continents, unhindered by practical necessities like paper, printing and postage. Meanwhile, events in the last 12 months in Egypt and elsewhere have shown the value of the Internet in promoting and safeguarding freedom of speech.

Few would have predicted the pace of change in human behaviour brought about by the Internet and mobile connectivity. Some governments and corporations are more successful than others in keeping up. Even the successes have been isolated. Whatever measures may be in place nationally, this uneven picture across the world illustrates a clear lack of international oversight of the Internet. This leads to vulnerabilities which cybercriminals are all too ready to exploit for their own commercial gain.

Personal data is the new commodity driving much of today’s cybercrime. In the digital age, we are increasingly identifiable by numbers (bank accounts, passwords, social security, etc.). These numbers have become the stock in trade for fraudsters across the world. There is a certain irony in the fact that personal data is the main commodity of online crime, while the right to anonymity is effectively abused by cybercriminals.

Measures to tackle cybercrime must be proportionate and not used indiscriminately. At the global conference on Internet governance – hosted by William Hague, Secretary of State for Foreign and Commonwealth Affairs of the United Kingdom, in London in November – fears were voiced that attempts to monitor and regulate Internet use would quickly be exploited by oppressive regimes. While heeding that warning, a framework is needed that gives law enforcement agencies the means to investigate, judiciary the means to prosecute, and citizens and companies the means to protect themselves against cybercriminals.

Legislation should be harmonized to make cross-border investigation easier. Companies and members of the public should know where and how to report crime online. We need to build on individual success stories to develop closer cooperation between industry and law enforcement. In particular, collaboration via trust platforms would speed up the collective response to online threats. This idea will be taken forward at the Annual Meeting in Davos through the Risk and Responsibility in a Hyperconnected World project.

Just as community policing aims to keep citizens safe from crime, the effective policing of the Internet should ensure that its users enjoy all the benefits of cyberspace without being exposed to undue risks.

Click here to see the report.

* Rob Wainwright is the Director of Europol (European Police) and Global Agenda Council on Organized Crime