Cybercrime consists of criminal acts committed online by using electronic communications networks and information systems. The EU has implemented laws and supports operational cooperation through non-legislative actions and funding. Cybercrime is a borderless issue that can be classified in three broad definitions: crimes specific to the internet, such as attacks against information systems or phishing (e.g. fake bank websites to solicit passwords enabling access to victims' bank accounts) online fraud and forgery: large-scale fraud can be committed online through instruments such as identity theft, phishing, spam and malicious code illegal online content, including child sexual abuse material, incitement to racial hatred, incitement to terrorist acts and glorification of violence, terrorism, racism and xenophobia Many types of crime, including terrorism, trafficking in human beings, child sexual abuse and drugs trafficking, have moved online or are facilitated online. As a consequence, most criminal investigations have a digital component. EU laws and actions aim to: improve the prevention, investigation and prosecution of cybercrime and child sexual exploitation build capacity in law enforcement and the judiciary work with industry to empower and protect citizens E-evidenceCrime leaves digital traces that can serve as evidence in court proceedings. That is why effective and common EU mechanisms to obtain digital evidence should be established.EncryptionThe European Commission explores options how to support law enforcement authorities in overcoming challenges posed by encryption in the context of criminal investigations. EU law on cybercrime EU rules on cybercrime correspond to and build on different provisions of the Council of Europe Convention on Cybercrime.2020: Proposal for Interim Regulation on the processing of personal and other data for the purpose of combatting child sexual abuse2019: Directive on non-cash payment fraudThe directive updates the legal framework, removing obstacles to operational cooperation and enhancing prevention and victims’ assistance, to make law enforcement action against fraud and counterfeiting of non-cash means of payment more effective.2018: Proposals for Regulation and Directive facilitating cross-border access to electronic evidence for criminal investigations2013: Directive on attacks against information systemsThe directive aims to tackle large-scale cyber-attacks by requiring EU countries to strengthen national cyber-crime laws and introduce tougher criminal sanctions.2011: Directive on combating the sexual exploitation of children online and child pornographyThe directive includes measures that better address new developments in the online environment, such as grooming (offenders posing as children to lure minors for the purpose of sexual abuse). Coordination and agency support EU level: The European Cybercrime CentreSet up by Europol, acts as the focal point in the fight against cybercrime in the Union, pooling European cybercrime expertise to support Member States' cybercrime investigations and providing a collective voice of European cybercrime investigators across law enforcement and the judiciary.The Commission ensures alignment of EC3's work with the EU cybercrime policy, ensures that EC3 has sufficient resources, and promotes its work.Public-private cooperation: WePROTECT Global Alliance (child sexual exploitation online)Internet governance: Public Safety Working Group (PSWG) of the Governmental Advisory Committee of the Internet Corporation for Assigned Names and Numbers (ICANN)International level: Council of Europe Convention on Cybercrime Documents Directive on attacks against information systemsReport assessing the actions taken by the EU countries to Implement Child Sexual Abuse DirectiveDirective on non-cash means of paymentReport assessing the measures against websites containing child pornographyReport: Internet Organised Crime Threat Assessment (IOCTA) 2020Study on data retention Related links EU Cybersecurity StrategyEU Security Union StrategyResilience, Deterrence and Defence: Building strong cybersecurity for the EUEuropean Cybercrime CentreCouncil of Europe Convention on CybercrimeICANN Governmental Advisory Committee - Public Safety Working Group
E-evidenceCrime leaves digital traces that can serve as evidence in court proceedings. That is why effective and common EU mechanisms to obtain digital evidence should be established.
EncryptionThe European Commission explores options how to support law enforcement authorities in overcoming challenges posed by encryption in the context of criminal investigations.
EU rules on cybercrime correspond to and build on different provisions of the Council of Europe Convention on Cybercrime.2020: Proposal for Interim Regulation on the processing of personal and other data for the purpose of combatting child sexual abuse2019: Directive on non-cash payment fraudThe directive updates the legal framework, removing obstacles to operational cooperation and enhancing prevention and victims’ assistance, to make law enforcement action against fraud and counterfeiting of non-cash means of payment more effective.2018: Proposals for Regulation and Directive facilitating cross-border access to electronic evidence for criminal investigations2013: Directive on attacks against information systemsThe directive aims to tackle large-scale cyber-attacks by requiring EU countries to strengthen national cyber-crime laws and introduce tougher criminal sanctions.2011: Directive on combating the sexual exploitation of children online and child pornographyThe directive includes measures that better address new developments in the online environment, such as grooming (offenders posing as children to lure minors for the purpose of sexual abuse).
EU level: The European Cybercrime CentreSet up by Europol, acts as the focal point in the fight against cybercrime in the Union, pooling European cybercrime expertise to support Member States' cybercrime investigations and providing a collective voice of European cybercrime investigators across law enforcement and the judiciary.The Commission ensures alignment of EC3's work with the EU cybercrime policy, ensures that EC3 has sufficient resources, and promotes its work.Public-private cooperation: WePROTECT Global Alliance (child sexual exploitation online)Internet governance: Public Safety Working Group (PSWG) of the Governmental Advisory Committee of the Internet Corporation for Assigned Names and Numbers (ICANN)International level: Council of Europe Convention on Cybercrime
