Internet bank or investment account, sell or buy stocks, or currencies. One can say ... connected to the computer (a laptop) and acts as a modem device â sends .... Adleman) in PGP (Pretty-Good-Privacy) or SSH and SSH2 (Secure Shell) soft-.
This paper was presented at the 6th CrossCross-border Crime Colloquium, held in 2004 in Berlin, Germany Wojciech Filipkowksi ©
Internet as an Illegal Market Place Wojciech Filipkowski*
Introduction The Internet is a vital element of the informative society. It has changed the way we live; communicate with people, or even work. It can be seen as both sociological and economical phenomenon. This technology allows us to cross borders, meet or cooperate with people from other countries and exchange ideas. It has also fuelled the globalization process of world economy. Not surprisingly, everyone is trying to take advantage of this technology in every possible manner, including illegal one. There are many ways we can use it. Most of all, the Internet is a great communication tool. It allows exchanging information, data, news and ideas. At the click of a button we can participate in events that happen in distant areas of our globe. We can send e-mails, SMS or files, even talk using, for example Voice over Internet Protocol (VoIP) technology or instant messengers (Mitraszewska 2004: 31). It expands the opportunities we have had so far. There is possibility of entering into remote places like libraries, accessing data in other networks, browsing WWW resources. Those are possible from one place – our home. Also, different branches of national economy profit from this technology. It is a vital distribution channel for selling products or offering services. The potential clients can easily communicate their demands and find products that suit their needs. They are able to buy and sell different commodities, and pay or receive money for them. On the other hand, the entrepreneurs have an unproblematic access to clients. They can advertise and offer their products or services. It is also possible to gather information about their clients, which helps to determine new market strategies. The Internet has also created new branches and economic sectors (e.g. ecommerce, on-line banking or other financial services), or investment tools (e.g. new payment technologies, electronic funds transfers), which operate at *
The author is a junior lecturer at the Faculty of Law University of Białystok, Poland.
the ‘speed of light’. Likewise, it has formed so called the dot.com industry. There are a variety of companies operating only in the Internet industry offering access or software to the worldwide network (such as Internet Access Providers – IAP or Internet Service Providers – ISP). Almost everyone from virtually every part of the world can participate in on-line auction, open an Internet bank or investment account, sell or buy stocks, or currencies. One can say that the Internet has evolved from limited military or academic network (see Adamski 2000: 2) into fully commercialized market place with multiplicity of opportunities and tools near at hand. However the Internet has a dark side too. There are some aspects, which may facilitate criminals to commit crimes. Which are they?
What attracts criminals to the Internet? Internet has a wide attraction to a huge variety of lawbreakers, differing in age, social background, jobs, sophistication and so on. Young people may be more inclined to violate intellectual property’ copyrights or commit computer crimes. They usually do it just for fun or to impress their colleagues at school or university. Older people may try to earn money by committing crimes in the Internet or are involved in e.g. child pornography. The only thing they have in common is that they abuse Internet and computers in their illicit activities. The first factor that has to be mentioned is the feeling of anonymity. The users of the Internet believe that they are anonymous. They can open an email account with a fake identity, access web sites with false names or communicate just using their nicknames. They think that they can hide among other users connecting the Internet. It is possible to “spoof” other user’s Internet Protocol (IP) address in order to take over its “identity” in the net (Grabosky 1998: 200). Another method is to use modem (telephone) connection to the Internet. In that case, the IP address is randomly and dynamically assigned to the computer, which enters the net. This address differs every time the computer is logging the Internet. All these measures have an aim to make it impossible (or very difficult) for law enforcement agencies or other involved entities (such as web masters, IAP, ISP) to track down and identify the user. It must be emphasized that the continuously evolving Internet technology provides new opportunities as well as threats regarding the fight against so called cybercrimes. For example the Wireless Fidelity technology (Wi-Fi) allows users to access the computer network (local or wide) via the wireless connection. The
2
computer needs special device – a Wi-Fi card – and has to be placed in the range of a broadcasting computer-server. Such places are called hot-spots and are present in many cities (parks, airports, restaurants, bars, shopping centers, and so on). Anyone can sit down with a laptop and access the net, free of charge or hack into the network. It gives great mobility for authorized users, but also hinders the efforts to locate the potential criminal – a hacker. The companies also rely on the wireless technology when building their own local networks. A similar case is the use of pre-paid mobile phones in order to access the Internet. Poland may serve as an example of a country where it is not required to identify the buyer of such phone (or service). A person purchases a telephone SIM card with a built-in number, which grants the access to the operator’s telephone network. He or she charges the card. Then the phone is connected to the computer (a laptop) and acts as a modem device – sends and receives packages of data. However it is relatively easier to trace and block the call or to locate the area from where the user is calling, comparing to the previous example. These are just two examples of how technology helps to become anonymous in the Internet.1 In the second place, the criminals abuse the globalization process (Williams 1998: 66-67). It has made the world to shrink. And the Internet is a key factor in this process. The distance between countries or companies has become irrelevant. Globalization means also an uncomplicated movement of people, goods, services as well as capital, and information. Entrepreneurs can establish close business relations with their counterparts from all over the world. They can invest their money wherever they want to. It is not a problem to make an electronic funds transfer to distant parts of the globe due to the new payment technologies and on-line financial services. It is easier to move and manage money across the globe from your personal computer connected to the network. If such facilities are available to the licit entrepreneur, so they are also to criminals. The latter can also run their illicit enterprises remotely, even if they were forced to live on the “exile”. The Internet helps to communicate between members of criminal network or group using e-mails or other techniques. It can be highly efficient when combined with encryption technology.2 The criminals have been always using some special languages known 1
2
One of other methods is to use proxy servers or Java Anon Proxy (JAP) services – see Anonimowość w sieci (The Anonymity in the Web), Hacker Guide, Enter Power 2003, No. 2, p 49. For more details on JAP see http://anon.infotudresden.de. Drug traffickers use this technology in order to protect themselves against law enforcement agencies. See 2001 International Narcotics Control Board Report, pp 6-7.
3
to them only. These days, the Internet may give them new opportunities. Once again it may hinder the efforts of law enforcement agencies to combat all sorts of criminal activities. The globalization process is strictly connected to another aspect of the Internet technology. It is hard to define the competent jurisdiction over the cyber crimes since there are too many potential places where the crime might be committed (Sowa 2002: 62). The so-called cyberspace knows no borders, although the users and their computers are located in the real world. Typical computer related crime modus operandi involves the use of computers located in different countries or jurisdictions. The perpetrators remotely control the storage and distribution of files or information from other places. The digital signal may cross borders very quickly. And it may take the form of a computer file with harmful or illicit content or virus, which attacks distant network (Adamski 2003(a): 70; Williams 1998: 62).3 They are aware of regulations concerning computer crimes (what is allowed and forbidden by national laws). The existing asymmetry in regulations concerning computer crimes makes easier for the criminals to find “shelter” (“a safe harbor”) – Williams 1998: 58-59. They store illicit files, data and information on servers in jurisdictions where there are no appropriate regulations at all or they are unsatisfactory. For example, if you are looking for a hacker’s tools, you can find the proper web site very quickly. However in order to download them, you are redirected to other web site (server) in a jurisdiction where it is not forbidden to have such software. This kind of behavior fits the definition of cross-border crime very well, as a conduct, which jeopardizes the legally protected interests in more then one national jurisdiction and which is criminalized in at least one of the jurisdictions concerned (Passas 2002: 13). In that case it is obvious that they take advantage of the differences between countries’ regulations concerning the criminal law as well as the mutual legal assistance.
The ways of abusing Internet Criminals use the Internet in two major ways. The first one concerns the exploitation of communication opportunities. Members of organized criminal groups or networks can contact each other. They make use of e-mails, SMS, instant messengers, or VoIP technology. The transmission of data 3
Much more about modi-operandi and jurisdiction problems in the (explanatory report of) the Convention on Cybercrime (ETS 185, 23-11-2001.
4
might be encrypted to conceal its content (Grabosky 1998: 196). There are shareware programs, which can very easily encode messages with 128-bit key which is difficult to break. They are pretty sure that even if law enforcement agencies intercept such message, it would take a lot of time to decipher it.4 The Internet can be utilized to disseminate orders, as well as to manage the whole organized criminal group or criminal network. Its members contact their representatives in other countries or other branches of criminal enterprise. Just like law-obeying enterprises, new telecommunication technology may be employed to make the organization work more efficiently. However it takes a lot of knowledge and security measures. The criminals use the Internet to arrange deals, fix prices, amount of goods, and so on.5 The web acts as special communication tool, which helps to commit “typical” crimes. Using the well-known concept of e-commerce, it can be described as the criminal-to-criminal (C2C) sector of illegal markets. It involves or describes business-like arrangements or trade between different criminals (individuals, criminal groups or networks), rather than between a criminal and other persons. The Internet is the place where the forces of demand for illegal goods or services can meet the forces of supply. The potential “customers” can manifest their needs more freely, or look for them on their own and contact the “right people”. They use anonymity as a shield to protect their identity. However, when they receive such goods or services, they also commit an offence. The “customers” may want goods or services which are completely illegal (such as child pornography, sexual exploitation of children, hiring a hit man), or to which access is limited or under strict governments’ supervision (such as trade in arms, drugs, rare or endangered species). Sometimes such illegal (black) market offers goods or services at the lower price than the official one, since they have been obtained in an illegal manner (such as 4
5
The speed of decryption depends on how “fast” is the computer we are using to decipher the encrypted message as well as on the type of coding algorithm: symmetrical or asymmetrical or the decoding method (for example so called “brute force”). It may take hours, days or months to encode messages. There are few standards of encryption available in the Internet, e.g. RSA (Rivest-ShamirAdleman) in PGP (Pretty-Good-Privacy) or SSH and SSH2 (Secure Shell) software, or SSL (Secure Socket Layer). For more details see http://www.rsasecurity.com, http://www.pgp.com, http://www.ssh.com, http://www.openssl.com. There is even a description: Internet drug sell. The e-mail or SMS communication is used by drug traffickers to contact their clients, receive orders or to fixed prices on drugs. They use pre-paid phones as well as “internet cafes” to do it. See. 2001 International Narcotics Control Board Report, p. 3 and 2003 International Narcotics Control Board Report, pp 4 and 20. See also silicon.com, Stop the illegal internet drug sellers at
5
smuggled and untaxed cigarettes or alcohol). In many cases, the Internet has boosted the magnitude and the value of some illegal markets, e.g. childepornography, computer crimes, illegal gambling, sport wagering or the stock exchange, as illustrated by the following examples. In one criminal case a security broker and other players at the Warsaw Stock Exchange abused on-line financial services provided by brokerage house and placed a sort of unreasonable order to open or close position on futures market. They earned million Polish zlotys in less then 5 seconds. There were also cases where investors coordinated their orders of selling or buying stocks using chat-rooms or newsgroups in order to manipulate the security’s rate. They were coming from different parts of Poland and used on-line services to place such orders in different brokerage houses. In another example, circumvented the identification regulation by opening accounts on their relatives or corrupted person. They abused on-line services of brokerage houses since nobody checks the true identity of person placing order but the necessary: log-in and password.. There is also other sector of this market. Once again using the concept of ecommerce, it can be describe as criminal-2-victim (C2V) sector. It involves or describes direct damage made by a criminal to his/her victim during communication via Internet. Many people are unaware of the potential risk of exploring the resources of the World Wide Web, meeting new people, receiving and sending e-mails, exchanging files, and so on. This ignorance may lead to the situation when they would become victims of unlawful activities conducted by criminals who want just to enrich themselves. The situation of small enterprises is a good example. They are aware that their local networks or Intranets need protection. However a proper hardware and software solution might be too expensive for them. They have to cut costs in order to be more competitive on the market. As a result they computers networks become vulnerable to virus infections, hackers’ activities or commercial espionage. It concerns also all sorts of frauds. There is millions of email’s being sent a day offering fraudulent investment opportunities or advertising such products or services. Along the typical crimes where the Internet is just the new instrument or modus operandi, there are some illegal activities which can be committed only in the virtual reality (in so called cyberspace). They have appeared and grown simultaneously with the Internet (Adamski 2000: 3). It is strictly connected with the fact that information has become one of the most valuable
http://www.silicon.com/networks/webwatch/0,39024667,39118857,00.htm
6
goods in both national and global economy. The computers are responsible for gathering, storing and analyzing data. In this regard crimes committed in the Internet concerns the information, which might be illegal because of its content or because of the way it was acquired (e.g. “sniffed” passwords, counterfeited DVDs).
Examples of the Internet as illegal market place According to the existing definition, “an illegal market is a place or principle within which there is an exchange of goods and services, the production, selling and consumption of which are forbidden or strictly regulated by the majority of states and/or by international law” (Arlacchi 1998: 7). In other words, there are participants, goods (commodities) and principles, which make the whole thing working. As was mentioned above, there are two major groups of participant. The first one acts as both “sellers” and “buyers” of information (data) but they also commit crimes at the same time. There are the “wholesalers” and “retailers” just like in the legitimate market. Some of them work alone others are gathered in groups or networks. The second one consists of victims, people who suffer from the illegal activities of the first group. The existence of this group is an inevitable result of the criminal activities. There is also a third group – the government agencies (law enforcement) or non-governmental organizations – they act as the market “regulators” (supervisors). This group is responsible – not for supporting – but for disrupting the existence of all sorts of illegal markets, including the one on the Internet. It can be achieved by awareness rising among potential victims, warning them against risks and informing them how they should protect themselves while browsing the World Wide Web, by interrupting the supply of goods and by tracking down criminals (cutting down the supply side). There is only one type of goods that are the subject of trade in the Internet – the information (data) in the digital form. It means usually files, records on different types of local or removal disks, firmware or memory sticks, as well as a stream of data – in case of the Internet communication. Here the same principles apply that rule every other market – the forces of supply and demand. The prices of goods and services depend on how much of something is being sold and how many people want to buy it. The difference is that demand always exceeds the supply. Plus, there are other costs of doing business in illegal market, which makes market prices higher
7
such as the activities of law enforcement (Arlacchi 1998: 8). The criminals undertake only these activities, which are profitable. Pornography The Internet is a perfect place to spread pornography.6 It can be abused in several ways. Photos or movies can be made using digital camera and then downloaded to a computer. You can put them on the website, exchange them with other users hooked up to the local and wide network via peer-to-peer communication software, and send them to newsgroups or via e-mails. Another method is to receive a live transmission from a web cam (Adamski, 2003(a): 60; Górski and Sakowicz, 2004: 25). The use of pre-paid cellular phone is very promising to the pornographic industry. The files of illicit or harmful contents can be sent and received using MMS7 or forthcoming UMTS8 technology. At the same time the user can remain anonymous since it is not required to reveal his/her identity while buying such phone. The resources can be browsed by WAP9 technology, too. Of course, the Internet can be exploited to distribute some typical commodities for this industry, such as: video tapes, DVD’s, CD-ROM’s, erotic equipment, magazines, and so on. The access to the servers with illicit content is limited. Usually the customer has to pay up front in order to be granted admission to such resources. It can be done by several ways. It is possible to use a credit card number, online banking services, or the message service by cell phone.10 At the same time, there are numerous fake web sites offering promises to enter a “realm of billions photos and high quality movies” (Chmielewska 2004). They are only used to steal the credit card number and to deceive the user (Adamski 2000: 95-96). The criminals advertise these fraud services by sending billions of e-mails (which are considered as SPAM), by forging the IP address of the most visited web sites or by using banners (so called pop-ups). There is a great demand for pornography, which can be noticed in the Internet (Pawlicki 2004: 24). According to Internet Filter Review report of 6
7
8 9
According to Article 202 para. 1 Polish criminal code of 1997, it is a crime to present pornographic contents (whatever the type it is: adult, hardcore, childe pornography) in the way that it might be seen by someone who does not wish to do that. There is also an aggravated type of such crime if perpetrator presents such contents to minor under the age of 15 (Article 202 para. 2 Polish criminal code of 1997). It is relatively easy to become a victim of such crime as far as browsing the Internet is concerned. MMS is the abbreviation for Multimedia Message System which allows the users to send and receive graphic files, such as pictures (sometimes along with sounds). UMTS is the abbreviation for Universal Mobile Telecommunication Service. WAP is the abbreviation for wireless application protocol. It allows connecting to the Internet via the cellular phone.
8
2004, there are 68 million requests send by the Internet users to the biggest web-browsers (e.g. Yahoo, Google) every day. They are searching for pornographic web sites. There are around 1,5 billion downloads of photos or movies of illicit content monthly all over the world. 78 million people visit porno-sites on regular bases yearly. Where is a demand, there is a supply. There are 4,2 million of IP addresses offering access to over 372 million porn-sites. This is a huge industry. According to some estimates, the whole porno-business is worth around 57 billions of US dollars. Among others the child pornography is the most disturbing phenomenon (Bendyk 2004: 66). The abuse of Internet has become a very important instrument for criminals or whole groups. It is exploited to find potential victims, to exchange files of illicit content, to manage the whole ring (network) of offenders. How does it work? A paedophile can contact a victim in the chat rooms where he pretends to be a child who is looking for a friend. After that he sends e-mails in order to seduce the victim and to meet him in the “real world”. Then he kidnaps the victim. Subsequently that child can be de subject of paedophile’s sexual behaviour. The criminal may make digital photos or movies, which he can exchange with other criminals via network. There are around 100.000 web sites containing child pornography content. There is a special issue or modus operandi connected with this phenomenon. It is called virtual-child pornography.11 The paedophile forges a photo of people in sexual intercourse by pasting child’s face using special graphic processing software. So in fact there was no sexual offence, but the picture gives false impression that there was one (Warylewski 2002: 57). The internet has certainly boosted the magnitude and range of pornography. Computer crimes As the computers and the Internet have become more and more important for every day living, the computer crimes have emerged (Adamski 2000: 1-4). In this case the computer is the target as well as the instrument to commit crime (Grabosky 1998: 195). The Internet is the realm where these crimes are being committed. The offenders are searching for valuable data, information, which can be used or sold. It has become the subject of commercial and illegal trade at the same time. Computer crimes may violate the following interests protected by legal system (Adamski 2000: 41-42):
10
11
In this case, user has to send a SMS (or MMS) message to a special number, which is charged extra in order to receive a password, photo or a movie clip. See “Virtual Child” Pornography on the internet at http://www.law.duke.edu/journals/dltr/articles/2002dltr0019.html.
9
� availability for authorized user to process the information whenever and wherever he wants to; � integrity of computer records in the form of files, transmissions, software; no changes can be made without the permission of authorized person, and � confidentiality – only authorized users have an access to certain information, and no one else can get to know or copy it. Beside some common or “popular” computer crimes such as hacking, cracking, denial-of-service attacks, computer sabotage, virus infections, and so on, there are quite new examples. One of them is commercial espionage. The offender hacks into company’s local network and steal some secret data or information, which can be sold to the rival company. On the other hand the criminal can also blackmail the victim-company that he will reveal his data or spread around how easy is to overcome its securities measures. This might be of devastating consequences for e.g. financial or credit institution. The company’s customer’s personal data is also very valuable commodity, especially their credit card’s numbers (Woźniak 2001). It poses a threat to wide range of institutions such as banks, financial institutions or other credit cards’ issuers, internet shops, etc. etc. Then a criminal would use it to pay for goods or services in the Internet (e.g. in order to get paid access the porn-sites). Also private users are at risk of loosing their personal data. The new technology gives new tools for hackers as well as new targets. Many companies switch their local network to Wi-Fi technology. Every a computer within the range of broadcasting server can access such net, but it needs proper log-in and password. Of course the criminal can hack his way into the company’s network with a laptop computer sitting somewhere in the office or in close proximity of the building. The only difference is that he needs a Wi-Fi card. Other area potentially exposed to criminal misuse is the pay-per-view technology. It allows its customer (subscribers) to view only those movies or hear music they desire (Adamski 2003(b)). For example, he/she pays for a movie, connects to the server, downloads encrypted file, and using special software or special electronic device can see it on the television set or monitor. The other possibility is to pay for transmission directly to the computer or television set. It is also encrypted so an unauthorized person would not see something he/she hasn’t paid for. How the criminals can commit crimes? They can prepare special software or produce electronic device with that kind of software, which encrypts broadcasted digital signal. The Internet is the place where they can find potential buyers (people who wants to e.g. see a movie without paying for it). The criminals can intercept and encrypt
10
(cracked) the signal or file, and then offer it for sale. These techniques could be applied to other services in the Internet relying on limited and paid access to different types of data bases or digital transmissions (such as cable television or attending courses or universities in the Internet) – Adamski 2003(b). Economic crimes Also the expansion of on-line financial services provides opportunities for criminals to abuse the Internet. Once again, in many cases this technology only modifies the criminals’ modus operandi. They use it as a modern channel to get to their victims (C2V sector of illegal market). Offering false investment opportunities or market manipulations12 may serve as examples (Grabosky 1998: 198), not mentioning “normal” frauds damaging on-line financial institutions such as banks, investment funds or brokerage houses (Wójcik 1996). Other examples are the functioning of “virtual casinos” in the Internet. The on-line gambling is another booming sector of illegal market (as well as on-line sports wagering sites13). The servers are located usually in remote jurisdictions (e.g. off-shore financial centres), but due to this new technology they are accessible from every part of the world. The casino applies for a special license from an offshore jurisdiction to lawfully conduct business. However in many cases it is a fully illicit activity. The customer has to give its credit card’s number or transfer money in order to buy chips. Even if a player wins (which happens very rarely), there is always a problem to get the money back. The Internet also gives occasion to launder money stemming from criminal activities. This is called cyberlaundering (Filipkowski 2003) and is closely connected to the development of electronic means of payment or funds’ movement – electronic funds transfers14. Cyberlaundering depends on the fast ways of communications, data computing and network use (also the Internet). There are several issues connected with cyberlaundering: 1. Access to the Internet and to on-line services is easy and common. This channel of the distribution of financial or investment products has become very important. These services will become even more significant for financial institutions in the near future. 2. There is no personal (face-to-face) contact between customer and the institution clerk. This is called the depersonalization of financial rela12
13
14
See Remarks of Richard Walker at the National Press Club Washington at http://ftp.sec.gov/news/speecharchive/1999/spch256.txt. See Illegal Internet Gambling Thriving at: http://dc.internet.com/news/article.php/2114311. For more on that technology see Malander, Mussington and Wilson (1997).
11
tion. Only computers communicate between themselves sending and receiving files, commands, etc. As a result, it would be harder to detect and hold up transactions related to money laundering activities. 3. Money laundering process would be less expensive and faster. New payment technologies permit to move funds more rapidly on long distances and make law enforcement work even more complicated (Wiliams 1998: 68-69). 4. All activities (cybercrimes) have been done in the cyberspace therefore the mutual legal assistance appears a major issue. There are usually several territories involved. The on-line service provider’s abode usually differs from the place where the servers are located in reality, from where these servers are administrated, or from where the client accesses the Internet. Violation of copyrights Another infamous sector of this illegal market concerns the violation of copyrights. Oftentimes young offenders make illegal copies of music, movies, and software. The rise and fall of the Napster web site is the best example how it works. In this case it is very easy to become a trespasser at home. Someone buys a CD with music and “rips” it using special software, which change audio file into .mp3 format. Then with a help of program downloaded from the Internet connect to the peer-to-peer type network. After that every one can download “ripped” .mp3 file from the member’s hard disk. Same thing could be done with DVDs – usually the movies are ripped into DivX format. There is a whole industry, which is engaged in manufacturing fake CDs boxes with music or DVDs boxes with movies for sale.15 Table No. 1 presents the situation in Poland between 1997 and 2002 (no present information are available) as far as the violation of copyrights are concerned (it does not include the software piracy). The number of cases increased from 1997 up until 2000. From that point of time it has been decreasing, but still it is around 1.700 criminal cases. Also the amount of secured cd’s, cd-rom’s or dvd’s containing MP3 files downloaded from the Internet or ripped at home has been changing. It started rapidly in 2000 probably due to the appearance of new technology, which allowed to rip music recordings into MP3 format as well as the fact that the Internet became more popular. The forth and the fifth columns show that the law enforcement agencies (e.g. Police, Custom Service) have been becoming more and more efficient in detecting and securing the evidences of violation of 15
See BBC NEWS, Global illegal CD market swells at: http://news.bbc.co.uk/2/hi/entertaiment/3053523.stm.
12
copyrights. The forth column also shows how much money has been taken away from music industry by criminals. The last column represents the amount of all sorts of devices secured by law enforcement agencies. It includes computer sets, cd- and dvd- recorders, VCR’s and so on. And the change in the value of such devices in 2002 is really dramatic. Table 1. The Data Concerning the Violation of Music Recordings’ Copyrights in Poland between 1997 and 2002.
1
Year:
2
3
4
5
Amount of conducted criminal cases
Amount of secured CD’s, CD-ROM’s, DVD’s containing MP3 downloaded from the Internet
Value of secured CD’s, CD-ROM’s, DVD’s, tapes with music (in Polish Zloty)
Value of secured devices used to record music as well as computers (in Polish Zloty)
1997
1.287
0
11.209.590
171.650
1998
1.252
0
13.652.677
273.001
1999
1.375
0
23.815.622
65.500
2000
1.873
6.303
25.374.046
66.300
2001
1.737
22.805
25.068.680
94.000
2002
1.659
15.490
23.594.443
26.099.138
Source: The Task Group on Preventing the Violation of Intellectual Property Rights, Report on the Violation of Intellectual Property Rights in Poland in 2002, Polish Ministry of Culture. See http://www.mk.gov.pl/autorskie/raport_2002pl.pdf.
All these cases concern the violation of the copyrights of authors, producers, and other actors involved in the legitimate distribution business. At virtually no cost (except the time needed for downloading) it is possible to get the possession of blockbuster movie weeks before it enters the cinemas. The internet and the digital technology allow obtaining software or books16 without paying for them. There are teams (networks) of “crackers” who make available to everyone latest versions of commercial software by breaking the security measures (Białkowski 2001: 47). Moreover, these teams compete with each other who will do it first and whose cracked program is more stable while using. For example, in the Internet there is available a crack-program to a very expensive legal com16
See for example JK Rowling’s Harry Potter & Its Illegal Market: Chinese Cases of Unauthorized Translation at: http://www.ip-boutique.com/harry_potter/harry11.html.
13
puter database called Lex Omega with Polish legislation and literature. This is a high-end product for lawyers or companies as far as the Polish law is concerned. Together with the crack-program one may download also an info-file signed by the DCR Team of crackers. From this file we can learn that the PBA Team had released the February of 2004 version of the Lex Omega database 6 days earlier. However they had not made available all options for illegal users like the DCR Team did. They accepted the gauntlet and are ready to compete with them who would crack newest version better and quicker.17 Other crimes There are also some other “normal” crimes that can be committed with a help of the Internet. The web is used to contact counterparts of unlawful transactions, place orders for certain commodities, and arrange deals. For example: � the illegal trade of Nazi songs18 (as .mp3 files) and other things like texts, papers or even entire e-zines, etc.; � the illegal trade in weapons, explosives (the armed traders have websites which show what is available); � the illegal trade of endangered or rare species (the trophies from rare animals can be found on e-auctions, as well as the medicines or aphrodisiacs made of endangered species)19; � the illegal trade of antiques, paintings, arts, etc; � trafficking of human beings – the Internet is exploited in order to contact victims (C2V sector) by offering them the job opportunities abroad20; � illegal market where a person can buy drugs (medicines) without prescription from abroad, or other pharmaceutics which are not allowed or prohibited in a home country.21
17
18
19
20
From this file we can also learn that according to their knowledge there were 27363 requests and downloads of their crack-program for Lex Omega in January 2004 along (from their website). This figure shows how “popular” this program is in Poland as well as how many people are willing to get access to it by illegal means. See German cracks down on Internet Nazi music trade at http://www.apologeticsindex.org/news1/an010411-01.html. See Orangutan Foundation International, eBay Internet Site Lists Illegal Orangutan Trophy Skull for Sale at: http://www.orangutan.org/press/news.php?id=35. Sometimes the trafficker makes pictures of potential victim and then he looks for a “buyer” – e.g. the owner of brothel in another country. Only when the deal has been fixed, he contacts the future victim once again and then smuggle this person cross border.
14
Measures to control and combat the abuse of the Internet The Internet is both legitimate and illegitimate market place. This is a great instrument that has boosted the development of new branches of national economies as well as brought the world closer together. Its expansion was noticed by criminals, who want to take advantage of it for their own purposes. Sadly they are doing it very well. The fundamental issue is how to protect this technology from being a tool for crooks, and how to defend its users against becoming their undesirable victims. This is something of undeniable importance since the Internet has become vital element in our lives. It has to be emphasized that legislatures cannot restrict the Internet too severely since it has been responsible for the improvement of the financial and commercial services available on the legal market. Putting the damn to the availability of this communication tool may hinder the legal market and harm the law-abiding customers. Such efforts should consist of several types of measures, which depend on the type of crime we want to stop. The first issue is to raise awareness among the Internet users (Grabosky 1998: 201). Above all, it is important to inform users that the Internet might become dangerous to them.22 The goal is to decrease the number of potential victims (reduce the C2V sector of illegal market). Children should not browse the web sites without the adult’s supervision or see people they have met in the Internet without parents’ presence (Dendyk 2004: 67). It is safer not to use credit card number to pay for goods or services in suspicious web sites, and so on. The financial institutions have developed alternative methods to make payments and purchase items, such as credit-card backed payments systems especially for internet purchases (e.g. PayPal). There are plenty of guidelines in the Internet how to enjoy it in a safe way.23 There is
21
22
23
See Pharmaceutical Journal, The Implication of Pharmaceutical Trade Via The Internet at: http://medpharm.co.za/sapj/2002/march/implications_new.html and JS Online, Illegal prescription drug trade growing at: http://www.jsonline.com/alive/news/oct03/178437.asp. The Global Information Security Survey 2002 conducted by Ernest & Young among their clients showed that even such group awareness was considered as very important issue and at the same time less then 50% of them have an IT security and awareness program. That might put companies at risk of loosing confidential data. The Global Information Security Survey 2002, Ernst & Young, March 2002, pp 4 and 9. There are also non-government organizations or foundations, which search the Internet for harmful or illicit contents in order to protect children. See Bendyk 2004: 67.
15
available software which blocks the illicit or harmful content and watches over kids surfing, seeks-and-destroys viruses, Trojan-horses, spy-ware, spam in our computer, or guard it against unauthorized entry (Adamski 2000: 2425). The Internet attracts people because they believe they are nameless among others. They can write whatever they want to and try different things since no one would know about it. The criminals think the same way. In order to protect the Internet and its users, there should be less anonymity in the net. This means putting some legal obligations as well as some responsibility on telecommunication companies (including GSM operators), as well as IAP and ISP. They have to identify persons (their customers) who are using their services. It is impossible to unmistakably identify everyone in the Internet, but it is important to do as much as it is achievable. These companies control the entry-points to the network. Not in each case, they can give the name of their customer, although they might be able to record and analyze the phone number, time of connection, IP address, or trace the route – a special log-file (Adamski 2000: 197). After that, it is easier to locate a place, server, local network or computer-client, which was abused by a criminal. Then, the problem is to establish a person who was sitting in the front of computer or was talking on the phone. It has to be emphasized that this measure may make the Internet less attractive for other users, too. These companies should also be responsible for the illegal or harmful contents they “help” to introduce by their customers. Looking for criminals or tracing the illicit behaviour in the Internet is not similar to other law enforcement’s duties. It requires both equipment as well as knowledge (Grabosky 1998: 203). This is the reason why special police task forces are being set up with the aim of tracking down criminals. The members of such forces are specially trained and are equipped with proper tools. They also monitor the traffic in the network. It is important to have good relationships with telecommunication companies, IAP or ISP, to facilitate better cooperation. Since the Internet knows no borders, there is a need for close cooperation between the law enforcement agencies from different countries (Grabosky 1998: 204). It should cover all types of mutual legal assistance in criminal matters (Williams 1998: 70). The competent agencies should also exchange information regarding the activities of organised criminal groups or networks using Internet as a medium in order to commit crime. This means also the cooperation over some basic standard legal regulation against
16
crimes in the Internet24. It could make the legal asymmetric between countries smaller. The last three remarks concerns the reducing both C2C as well as C2V sector of illegal market. Probably, the importance of Internet will be growing continuously. It is essential to monitor the brand-new technologies, applications and trends in life which make use of the net. The criminals will do the same thing with the intention of abusing it. It would be better if the global society and governments were not surprised by the evolving situation.
24
European Union efforts are focused on protecting users (especially children) against illegal content they may come across in the global network. See Decision No 276/1999/EC of The European Parliament and of the Council of 25 January 1999 adopting a multiannual Community action plan on promoting safer use of the Internet by combating illegal and harmful content on global networks (Official Journal of the European Communities L 33/1, 06/02/1999)
17
References
Adamski A., Karnoprawna ochrona dziecka w sieci Internet (The Criminal Law Protection of Childe in the Internet), Prokuratura i Prawo, 2003(a), No. 9, pp 59-75 Adamski A., Nowe regulacje prawne w dziedzinie bezpieczeństwa komputerowego i komercjalizacji dostępu do informacji (New legal measures in the field of computer security and commercialized access to information), paper presented at the VII Seminar „Computer Law. Legal framework of informative society”, 2003(b), 13th of February, Warszawa (unpublished) Adamski A., Prawo karne komputerowe (The Criminal Computer Law), C.H.Beck, Warszawa, 2000 Anonimowość w sieci (The Anonymity in the Web), Hacker Guide, Enter Power, 2003, No. 2, pp 46-49 Arlacchi P., The Dynamics of Illegal Markets, In: P. Williams and D. Vlassis (eds.), Combating transnational crime: concepts, activities and responses, Transnational Organized Crime, 1998, vol. 4, No. 3 and 4, pp 7-12 Bendyk E., Ciemna strona Internetu (The dark side of the Internet), Polityka, 2004, No. 31, pp 66-67 Chmielewska M., Raport: Przemysł fałszywych kart płatnicznych nie zna granic (The Report: The Forged Credit Cards Market Knows no Borders), Gazeta Finansowa from the 28th of April, 2004 – available at http://www.bankier.pl/wiadomości/print.html?article_id=1113896 Filipkowski W., Przypadki prania pieniędzy w Polsce i na świecie – diagnoza, metody i tendencje rozwojowe (The cases of money laundering in Poland and elsewhere – diagnosis, techniques and trends), paper presented at the Professional Seminar “The forfeiture of proceeds derived from crimes”, 2003, 11th-12th September, Szczytno (unpublished) Global Information Security Survey 2002, Ernst & Young, March 2002 Górski A., Sakowicz A., Pornografia dziecięca – skuteczna obrona w prawie karnym? (Chile-Pornography – Does Criminal Law Provide Efficient Protection?), Edukacja Prawnicza, 2004, No. 6, pp 25-27 Grabosky P.N., Crime in Cyberspace, In: P. Williams and D. Vlassis (eds.), Combating transnational crime: concepts, activities and responses, Transnational Organized Crime, 1998, Vol. 4, No. 3 and 4, pp 195-208 International Narcotics Control Board, Report, 2001
18
Malander R. C., Mussington D. A., and Wilson P. A., Cyberpayments and Money Laundering, Problems and Promise, RAND, Critical Technology Institute, Washington, 1997 Mitraszewska A., Wywrotowa technologia w natarciu (The subversive technology is charging), Gazeta Wyborcza of April 19th, 2004, p. 31 Passas N., Cross-border crime and the interface between legal and illegal actors, In: P.C. van Duyne, K. von Lampe, and N. Passas (eds.), Upperworld and Underworld in Cross-border Crime, Wolf Legal Publishers, Nijmegen, 2002, pp 11-42 Pawlicki J., 57 miliardów, Raport o rynku porno (The 57 billions, The Survey about the Porno Market), Gazeta Wyborcza of April 20th, 2004, p 21 Prengel M., Środki zwalczania przestępczości prania pieniędzy w ujęciu prawnoporównawczym (The measures to fight the crime of money laundering in different legal systems), Wydawnictwo TNOiK Dom Organizatora, Toruń, 2003 Report on Money Laundering Typologies 1999-2000, Financial Action Task Force on Money Laundering Report on Money Laundering Typologies 2000-2001, Financial Action Task Force on Money Laundering Report on the Violation of Intellectual Property Rights in Poland in 2002, The Task Group on Preventing the Violation of Intellectual Property Rights, Polish Ministry of Culture, http://www.mk.gov.pl/autorskie/raport_2002pl.pdf. Warylewski J., Pornografia w Internecie – wybrane zagadnienia karnoprawne (Pornography in the Internet – Selected Problems in Criminal Law), Prokuratura i Prawo, 2002, No. 4, pp 52-61 Williams P., Organizing Transnational Crime: Networks, Markets and Hierarchies, In: P. Williams and D. Vlassis (eds.), Combating transnational crime: concepts, activities and responses, Transnational Organized Crime, 1998, Vol. 4, No. 3 and 4, pp 57-87 Woźniak T., Hacking jako przestępstwo i zjawisko społeczne w Polsce (Hacking as a crime and sociological phenomenon in Poland), paper presented at the Conference „Security in the Internet, Cyberterrorism 2001”, 8th-9th of May, 2001, Warszawa, not published Sowa M., Odpowiedzialność karma sprawców przestępstw internetowych (), Prokuratura i Prawo, 2002, No. 4, pp 62-79
19
