E/CN.15/2002/8
I. Introduction
1.
At its resumed tenth session, held on 6 and
7 September 2001, the Commission on Crime
Prevention and Criminal Justice adopted a plan of
action 1 dealing with the prevention and control of
high-technology and computer-related crime as followup to and in implementation of paragraph 18 of the
Vienna Declaration on Crime and Justice: Meeting the
Challenges of the Twenty-first Century, adopted by the
Tenth United Nations Congress on the Prevention of
Crime and the Treatment of Offenders. 2
2.
In its resolution 56/121 of 19 December 2001, the
General Assembly, expressing concern that technological advances had created new possibilities for
criminal activity, in particular the criminal misuse of
information technologies, recognizing the need to
facilitate the transfer of information technologies, in
particular to developing countries, underlining the need
for enhanced cooperation among States in combating
the criminal misuse of information technologies and
stressing the role that could be played by the United
Nations and other international and regional organizations, welcoming the work of the Tenth United Nations
Congress on the Prevention of Crime and the
Treatment of Offenders and recognizing with appreciation the work of the Commission on Crime Prevention
and Criminal Justice at its ninth and tenth sessions,
decided to defer consideration of the subject of the
criminal misuse of information technologies pending
work envisioned by the plan of action.
3.
In its resolution 56/261 of 31 January 2002, the
General Assembly took note of the plans of action with
appreciation; called upon the Secretary-General to
ensure the widest possible circulation of the plans;
invited Governments to carefully consider them as
guidance in the formulation of legislation policies and
programmes; and invited the Secretary-General to
consider carefully and implement, as appropriate, the
plans, in accordance with medium-term plans and
programme budgets and subject to available resources.
2
II. Status of ongoing efforts to prevent
and control high-technology and
computer-related crime
A. General trends and developments
4.
The field of high-technology and computerrelated crime continues to be characterized by rapid
evolution on the part of offenders, preventive,
legislative and law enforcement efforts and the
underlying technologies themselves. During 2001, a
number of States established or enhanced their
capacities to deal with high-technology and computerrelated crime as a specialized area of legislation and
law enforcement. Legislative reforms included the
creation of new offences, the expansion of existing
offences and the modernization of investigative powers
such as search and seizure and wiretapping authority to
deal effectively with crime in the new electronic
environments. That trend is expected to continue, in
particular in Europe, where States are now engaged in
implementing the Convention on Cybercrime, adopted
by the Council of Europe in Budapest on
23 November 2001. 3
5.
The relationship between government crime
control efforts and the role of the private sector
companies involved in the production of hardware and
software and in the delivery of services continued to be
a major issue, at both the policy and legislative level
and the investigative and law enforcement level in
many countries. Major concerns included the extent to
which crime control and investigative aids should be
incorporated into new technologies, the costs of
storing, intercepting and retrieving data sought by law
enforcement agencies and a series of policy, criminal
and civil liability issues arising from the relationships
between the State, service providers and individual
customers. Following a series of major virus and
denial-of-service attacks during 1999 and 2000, a
group of major high-technology companies established
and funded a joint non-profit centre, the Information
Technology Information Sharing and Analysis Centre,
to set aside competitive rivalries and combine efforts
against computer-related crime. Within major
technology companies, the incorporation of security
features into new software became a higher priority, as
the companies sought to reduce their own vulnerability
to attack and out of recognition that the fear of crime