The roots of the so-called and controversial "hacker-paragraph" in the German criminal code (§ 202c StGB) and of "telecommunications data retention", which both created quite a stir in the hacker community, can easily be traced to the European Union's Council Framework Decision 2005/222/JHA of 24 February 2005 on attacks against information systems, the Council of Europe Convention on Cybercrime (CETS No. 185) and the Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC. But this has not been Europe's last word: A new Directive on the fight against Cybercrime is to be proposed early 2010, a European Investigation Order extending to cybercrime investigations and other Regulations loom around the corner. Finally, the European Union negotiates a new Anti-Counterfeiting Trade Agreement (ACTA) which is to include provisions relating to criminal law protection of intellectual property. As it is important to put these proposals into focus, I will first provide a broad overview of the Europeanization of substantive criminal law relating to cybercrime, of mutual legal assistance between the member states, and of truly Europeanized cybercrime investigations. Based on this groundwork, I will report about the current state of play relating to the aforementioned new proposals on the European level and their implementation in Germany. What do the proposed rules really mean to a hacker and to a cracker? How will they interact with fundamental rights, which gained a new normative status in the European Union in December 2009? What are the risks to an open-source approach to software and cyberspace? On the other hand, the new proposals and the European framework might also offer new chances for open-source software, for example in terms of its own legal protection. Policing the Internet -- by the police, not by vigilantism -- requires some well-paid, safe job opportunities for computer experts. Furthermore, citizens are more aware than ever of the need for software which focuses on security, reliability and data protection -- such as open-source software usually does. After a final evaluation of the proposed EU legislation I want to invest about 15 minutes for a discussion about the risks, dangers and opportunities of the Europeanization -- and Internationalization -- of criminal law relating to cybercrime.
Über den Autor Dominik Brodowski: Dominik Brodowski is a graduate student of law at the Eberhard Karls Universität Tübingen, Germany and a graduate of the University of Pennsylvania Law School. His professional activities focus on cybercrime law, cybercrime investigations and digital forensics. In his spare time, he develops Linux kernel code related to notebooks. He lives in Tübingen, Germany and enjoys spending much time outdoors, with or without a notebook in his backpack.