Home / Our news and views / EU struggling to connect the criminal dots across the “dark web”

EU struggling to connect the criminal dots across the “dark web”

By PATRICK STEPHENSON

BRUSSELS – Policymakers and experts tracking cyber-crime gathered in Brussels on 20 to discuss European policing in the digital era and to hear about the latest criminal developments. The news was not encouraging.

Rob Wainwright, Europol’s departing director, started off the debate by describing the results of a transatlantic sting launched in late 2016 that dismantled a huge international criminal infrastructure platform known as Avalanche. A stunning testament to organised crime’s increasingly automated and industrial nature, Avalanche launched botnet-led malware cyberattacks that caused EUR 6 million of losses in Germany, and hundreds of millions of euros worldwide. Yet in the operation that took it down, only five individuals were arrested.

“We had 3600 organised crime groups in Europe three years ago,” he said. “Now we have 5000.”

The main take-away of the debate: that national European police forces and their databases need to join forces and integrate their efforts if they are to arrest the rapid ascent of EU organised crimes.

The nature of criminality is changing, with small and mobile groups now using specialists in money-laundering, online trading in illegal goods through the anonymous so-called dark net, and document-forging for migrants.

“The modern-day bank robber doesn’t walk into a bank anymore,” observed Wainwright. Instead, the robber can steal millions from the convenience of his own living room. Terrorists groups are also fighting in the physical and virtual worlds for the first time, while benefitting from the Schengen Area’s cross-border freedom of movement, he added.

In response, supranational law enforcement organisations like Europol are adopting what Wainwright called the ‘Uberisation’ of police work. “Europol has no executive power but it can still have a role, like [that of] Uber which is the largest taxi company in the world but doesn’t own a single vehicle,” he said.

The idea here is to use Europol’s coordination powers to pool huge sources of data about criminality, find patterns and then use those patterns to locate the criminals. Wainwright called this the ‘data network effect’ that happens when many users – in this case, EU member state police forces – come together on a single platform. “The more people on your platform, the more data you can collect, the more you can improve your services, the more users you attract,” he said.

Europol’s task now is to make EU-wide databases more interoperable, and EU member-state police forces more connected with each other.

Jürgen Ebner agreed. Head of the Department of Central Information Management at Germany’s Federal Criminal Police Office (Bundeskriminalamt, or BKA), Ebner laid out the diverse but isolated databases that hold data of potential relevance to the police: the Schengen Information System that holds alerts for people or objects entering Schengen; the EU’s Visa Information System that contains visa data on third-country Schengen visitors; European Dactyloscopy, or EURODAC, that holds the fingerprints of asylum seekers and irregular migrants; and the European Information Exchange Model (also known as ‘Prüm,’ after the German town where its Convention was adopted) that lays down rules for exchanging DNA and fingerprint information of potential terrorists. “Each system was created for a special purpose, and mainly not for law enforcement,” Ebner said.

In most cases a policeman stops a potential criminal or terrorist in the street. The policeman runs a check on the suspect through SIS, but that system only stores alphametric data such as names and birthdates – information that a suspect can make up on the spot. Checking all the systems at once is neither practical nor possible, said Ebner.

“If you’re a police officer, and in the last two years you’ve been confronted with massives of asylum seekers, you’re under a lot of pressure to check all the databases,” he said. “We need a common European identity repository, but that’s really a long-term aim.”

And in the mid-term? “We’d need a single-search interface” to check all relevant databases, he said. “But that will still take years.”

The most important potential reform, Ebner said, would be to create the ability to search both nationality and biometric data such as fingerprints on an EU-wide scale. “Biometric data is the only relevant data for identifying people,” he said. “And we need to be better connected. Law enforcement needs to have easy access to EURODAC.” In the long-term, he said, police need to store even more precise biometric information such as facial recognition.

     THE UPSHOT: Like the EU itself, when it comes to policing, the Schengen area is superficially united but institutionally and technically divided, with each member state still holding its own criminal records. Fortunately, Europol is working hard to connect the technical dots and the databases they represent, which is good, because all that work needed doing in 2014 before the current migrant crises so fully exposed the shortcomings of European border control.
     But what’s really required is the ‘common European identify repository’ envisioned by the 7th Security Union report, released in May 2017. European police want a single, mobile portal they can use to identify a suspect immediately via alphanumeric or biometric methods – whether on the street, or at the border, while having access to whatever criminal record or warrant may apply to them. Establishing a common identity repository would be the first step in that direction.

     ps@securityeurope.info

Check Also

The EP pushes for international ban on the use of killer robots

By BROOKS TIGNER, with KYLE ATTAR
BRUSSELS – Members of the European Parliament (MEPs) are demanding a ban on weapons that have no “meaningful human control”.The resolution, passed overwhelmingly on 12 September by a majority of the MEPs (566)  is non-binding, however, on the 28 member states but is supported by Federica Mogherini, the EU’s policy chief for security and defence policy. She has already begun an international dialogue to try and bring the world into consensus as to the direction of autonomous warfare. The resolution notes that lethal autonomous weapons (LAWs) are machines without the ability or capacity to make human decisions and, as such, remote operators must take responsibility for life or death decisions. Much like drones, these weapons bring up strong ethical and moral dilemma regarding...