Cyber Warfare and Organised Crime. A Regulatory Model and Meta-Model for Open Source Intelligence (OSINT)

Chapter
Part of the Philosophical Studies Series book series (PSSP, volume 124)

Abstract

OSINT stands for Open Source Intelligence, (O)SI for (Open) Social Intelligence, and PbD for Privacy by Design. The CAPER EU project has built an OSINT solution oriented to the prevention of organized crime. How to balance freedom and security? This chapter describes a way to embed the legal and ethical issues raised by the General Data Reform Package (GDRP) in Europe into security and surveillance platforms. It focuses on the indirect strategy to flesh out ethical principles through Semantic Web Regulatory Models (SWRM), and discusses the possibility to extend them to Cyber Warfare. Institutional design and the possibility to build up a Meta-rule of law are also discussed.

Keywords

OSINT Social Intelligence Privacy Security Semantic Web Regulatory Models 

References

  1. Albrecht, P. 2015. EU general data protection regulation: The outcome of the negotiations (“trilogues”) and 10 key points. Lead European Parliament Committee: Committee on Civil Liberties, Justice and Home Affairs (LIBE). 17 December. http://www.janalbrecht.eu/fileadmin/material/Dokumente/20151217_Data_protection_10_key_points_EN.pdf Accessed 21 May 2016.
  2. Aldrich, J.H. 2010. Elinor Ostrom and the “just right” solution. Public Choice 143: 269–273. doi:10.1007/s11127-010-9630-9.CrossRefGoogle Scholar
  3. Aligica, P.D., and P. Boettke. 2011. The two social philosophies of Ostroms’ institutionalism. The Policy Studies Journal 39(1): 29–49. doi:10.1111/j.1541-0072.2010.0000395.x.CrossRefGoogle Scholar
  4. Aliprandi, C., J.A. Irujo, M. Cuadros, S. Maier, F. Melero, and M. Raffaelli. 2014. CAPER: Collaborative information, acquisition, processing, exploitation and reporting for the prevention of organised crime. HCI 26: 147–152.Google Scholar
  5. Arquilla, J. 2011. From blitzkrieg to bitskrieg: The military encounter with computers. Communications of the ACM 54(10): 58–65. doi:10.1145/2001269.2001287.CrossRefGoogle Scholar
  6. Arquilla, J. 2013. Twenty years of cyberwar. Journal of Military Ethics 12(1): 80–87. doi:10.1080/15027570.2013.782632.CrossRefGoogle Scholar
  7. Arquilla, J., and D. Ronfeldt. 1993. Cyberwar is coming! Comparative Strategy 12(2): 141–165. Rand Corporation. http://www.rand.org/pubs/reprints/RP223.html. Accessed 21 May 2016.
  8. Arquilla, J., and R. Nomura. 2015. Three wars of ideas about the idea of war. Comparative Strategy 34(2): 185–201.CrossRefGoogle Scholar
  9. Article 29 Working Party. 2014a. Joint statement of the European data protection authorities assembled in the Article 29 working party, November 25th (adopted on 26th). http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp227_en.pdf. Accessed 21 May 2016.
  10. Article 29 Working Party. 2014b. Working document on surveillance of electronic communications for intelligence and national security purposes, adopted on December 4th, 2014. http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp228_en.pdf. Accessed 21 May 2016.
  11. Article 29 Working Party. 2016. Article 29 Data protection working party, Opinion 01/2016 on the EU – U.S. Privacy Shield draft adequacy decision, adopted on 13 April 2016. http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2016/wp238_en.pdf Accessed 21 May 2016.
  12. Backfried, G., C. Schmidt, M. Pfeiffer, G. Quirchmayr, M. Markus Glanzer, and K. Rainer. 2012. Open source intelligence in disaster management. 2012 European Intelligence and Security Informatics Conference, EISIC. IEEE Computer Society 254–258.Google Scholar
  13. Best, C. 2008. Open source intelligence. In Mining massive data sets for security: advances in data mining, search, social networks and text mining, and their applications to security, ed. F. Fogelmann-Soulié et al. 19: 331–344. Amsterdam: IOS Press.Google Scholar
  14. Best, R., and A. Cumming. 2008. Open Source Intelligence (OSINT): Issues for Congress, CRS Report for Congress, Order Code RL34270, Updated January 28 2008. https://www.fas.org/sgp/crs/intel/RL34270.pdf. Accessed 21 May 2016.
  15. Bradbury, D. 2011. In plain view: Open source intelligence. Computer Fraud & Security 4: 5–9. Elsevier https://www.cse.msu.edu/~enbody/CFS_2011-04_Apr.pdf. Accessed 21 May 2016.
  16. Burdon, M. 2010. Privacy Invasive Geo-mashups. Privacy 2.0 and the Limits of First Generation Privacy Law. University of Illinois Journal of Law, Technology and Policy 1: 1–50.Google Scholar
  17. Burke, C. 2007. Freeing knowledge, telling secrets: Open source intelligence and development. CEWCES Research Papers. Paper 11. http://epublications.bond.edu.au/cewces_papers/11. Accessed 21 May 2016.
  18. Cameron, K. 2005. The laws of identity …as of 5/11/2005. Microsoft Corporation, http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf Accessed 21 May 2015.
  19. Casanovas, P. 2013. Agreement and relational justice: A perspective from philosophy and sociology of law. In Agreement Technologies, ed. Sascha Ossowski, LGTS 8, Springer Verlag, 19–42, Dordrecht/Heidelberg: Springer. doi:10.1007/978-94-007-5583-3.
  20. Casanovas, P. 2014. Open source intelligence, Open social intelligence, and privacy by design. European conference on social intelligence. Proceedings of the European Conference on Social Intelligence (ECSI-2014), eds. Andreas Herzig and Emiliano Lorini, 174–185. Barcelona, Spain, November 35, 2014, CEUR http://ceur-ws.org/Vol-1283/ Accessed 21 May 2016.
  21. Casanovas, P. 2015a. Semantic web regulatory models: Why ethics matter, special issue on information society and ethical inquiries. Philosophy & Technology 28(1): 33–55. doi:10.1007/s13347-014-0170-y.CrossRefGoogle Scholar
  22. Casanovas, P. 2015b. Conceptualisation of rights and meta-rule of law for the web of data. Democracia Digital e Governo Eletrônico 1(12): 18–41. http://buscalegis.ufsc.br/revistas/index.php/observatoriodoegov/article/view/34399. Accessed 21 May 2016. Reprinted in Journal of Governance and Regulation 4(4): 118–129.
  23. Casanovas, P., Casellas, N., Tempich, C. et al. 2007.Artificial Intelligence and Law 15: 171. doi:10.1007/s10506-007-9036-2Google Scholar
  24. Casanovas, P., and J. Zeleznikow. 2014. Online dispute resolution and models of relational law and justice: A table of ethical principles. In AI approaches to the complexity of legal systems IV. social intelligence, models and applications for law and justice systems in the semantic web and legal reasoning, ed. P. Casanovas et al., LNAI 8929, 55–69. Heidelberg/Berlin: Springer.Google Scholar
  25. Casanovas, P., E. Teodoro, R. Varela, J. González-Conejero, and A. Roig, et al. 2014a. D 7.8 EAG ethical report code. Final ethical audit on system development and deployment, EU F7 CAPER, FP7-SECURITY-2010-1.2-1, 24/10/2014.Google Scholar
  26. Casanovas, P., J. Arraiza, F. Melero, J. González-Conejero, G. Molcho, and M. Cuadros. 2014b. Fighting organized crime through open source intelligence: Regulatory strategies of the CAPER project. In Legal knowledge and information systems. JURIX 2014: The twenty-seventh annual conference, Foundations on artificial intelligence, 271, ed. Rinke Hoekstra, 189–199, Amsterdam: IOS Press.Google Scholar
  27. Casanovas, P., M. Palmirani, S. Peroni, T. van Engers, and F. Vitali. 2016. Special issue on the semantic web for the legal domain guest editors’ editorial: The next step. Semantic Web Journal 7(3): 213–227. IOS Press. http://www.semantic-web-journal.net/system/files/swj1344.pdf. Accessed 21 May 2016.
  28. Casellas, N., M. Blázquez, A. Kiryakov, P. Casanovas, M. Poblet, R. Benjamins. 2005. OPJK into PROTON: Legal domain ontology integration into an upper-level ontology. On the Move to Meaningful Internet Systems 2005: OTM 2005 Workshops, ed. R. Meersman et al., LNCS 3762, 846–855. Berlin/Heidelberg: Springer.Google Scholar
  29. Castelfranchi, C. 2014. Minds as social institutions. Phenomenology and Cognitive Science 13(1): 121–143. doi:10.1007/s11097-013-9324-0.CrossRefGoogle Scholar
  30. Cavoukian, A. 2010. Privacy by design. The 7 foundational principles. Implementation and mapping of fair information practices. Information and privacy commissioner. Ontario, Canada. http://www.privacybydesign.ca/index.php/about-pbd/7-foundational-principles/. Accessed 21 May 2016.
  31. Cavoukian, A. 2012. Privacy by design. IEEE Technology and Society Magazine 4: 18–19. doi:10.1109/MTS.2012.2225459. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6387956. Accessed 21 May 2016.CrossRefGoogle Scholar
  32. Ciambra, A., and P. Casanovas. 2014. Drafting a composite indicator of validity for regulatory models and legal systems. In AI approaches to the complexity of legal systems IV. Social intelligence, models and applications for law and justice systems in the semantic web and legal reasoning, ed. P. Casanovas et al., 70–82. LNAI 8929, Heidelberg/Berlin: Springer.Google Scholar
  33. Colesky, M., Hoepman, J. H., Hillen, C. A. 2016. Critical Analysis of Privacy Design Strategies. IEEE Symposium on Security and Privacy Workshops, 33–40.Google Scholar
  34. de Hert, P. and Papakonstantinou, V., 2016. The new General Data Protection Regulation: Still a sound system for the protection of individuals?. Computer Law & Security Review, 32 (2): 179–194.Google Scholar
  35. Donohue, L.K. 2005-2006. Anglo-American Privacy and Surveillance. Journal of Criminal Law and Criminology93 (3): 1059–1208.Google Scholar
  36. EGE. 2014a. Ethics of security and surveillance technologies, Opinion no. 28 of the European Group on Ethics in Science and new Technologies, Brussels, 20 May 2014, http://ec.europa.eu/bepa/european-group-ethics/docs/publications/ege_opinion_28_ethics_security_surveillance_technologies.pdf Accessed 21 May 2016.
  37. EGE. 2014b. Press release on the EGE opinion 28, of 20 May 2014. http://ec.europa.eu/bepa/european-group-ethics/docs/publications/press_release_ege_opinion_28_.pdf. Accessed 21 May 2016.
  38. EU Commission. 2014. Progress on EU data protection reform now irreversible following European Parliament vote European Commission – MEMO/14/186 12/03/2014, http://europa.eu/rapid/press-release_MEMO-14-186_en.htm. Accessed 21 May 2016.
  39. Faioddt, J.T. 2012. Mixed reality: How the laws of virtual worlds govern everyday life. Berckeley Technology Law Journal 27 1/3: 55–116. doi:10.15779/Z38ST2W.Google Scholar
  40. Fleisher, C. 2008. OSINT: Its implications for business/CompetitiveIntelligence analysis and analysts, OSINT: Its implications for business/competitive intelligence analysis and analysts. Inteligencia y Seguridad 4: 115–141. http://www.phibetaiota.net/wp-content/uploads/2013/02/2008-Fleisher-on-OSINT-English-and-Spanish.pdf. Accessed 21 May 2016.Google Scholar
  41. Floridi, L., and M. Taddeo (eds.). 2014. The ethics of information warfare, LGTS 14. Heidelberg/Dordrecht: Springer.Google Scholar
  42. Glassman, M., and M.J. Kang. 2012. Intelligence in the internet age: The emergence and evolution of Open Source Intelligence (OSINT). Computers in Human Behavior 28: 673–682. doi:10.1016/j.chb.2011.11.014.CrossRefGoogle Scholar
  43. González-Conejero, J., R. Varela-Figueroa, J. Muñoz-Gómez, and E. Teodoro. 2014. Organized crime structure modelling for European law enforcement agencies interoperability through ontologies. In AI approaches to the complexity of legal systems. AICOL IV-V, ed. P. Casanovas, U. Pagallo, M. Palmirani, and G. Sartor, 217–231. LNAI 8929. Heidelberg, Dordrecht: Springer. doi: 10.1007/978-3-662-45960-7_16.
  44. Gottschalck, P. 2009. Information sources in police intelligence. The Police Journal 82: 149–170. doi:10.1350/pojo.2009.82.2.463.CrossRefGoogle Scholar
  45. Gutwirth, S., R. Leenes, P. de Hert (eds.). 2015. Reforming European data protection law, LGTS, Dordrecht/Heidelberg: Springer. doi:10.1007/978-94-017-9385-8.
  46. Hoepman, J.H. 2014. Privacy design strategies (extended abstract). In ICT systems security and privacy protection. 29th IFIP TC 11 International Conference, SEC 2014, Marrakech, Morocco, June 2-4, Proceedings. IFIP Advances in Information and Communication Technology, ed. N. Cuppens-Boulahia et al., 446–459. Heidelberg: Springer.Google Scholar
  47. Jardines, E.A. 2015. Open source intelligence. In The five disciplines of intelligence collection, ed. Mark M. Lowenthal and Robert M. Clark, chapt.2, L.A., Washington: CQ Press.Google Scholar
  48. Keane, J., and P. Bell. 2013. Confidence in the police: Balancing public image with community safety. A comparative review of the literature, International Journal of Law, Crime and Justice 41: 233–246. doi:10.1016/j.ijlcj.2013.06.003.
  49. Kilovaty, I. 2014. Cyber warfare and the Jus Ad Bellum challenges: Evaluation in the light of the Tallinn manual on the international law applicable to cyber warfare. National Security Law Brief 5(1): 91–124. http://digitalcommons.wcl.american.edu/cgi/viewcontent.cgi?article=1066&context=nslb. Accessed 21 May 2016.Google Scholar
  50. Kim, Y., M. Glassman, M. Bartholomew, and E.H. Hur. 2013. Creating an educational context for open source intelligence: The development of internet self-efficacy through a blogcentric course. Computers & Education 69: 332–342. doi:10.1016/j.compedu.2013.07.034.
  51. Koops, B.-J., J.H. Hoepman, and R. Leenes. 2013. Open-source intelligence and privacy by design. Computer Law & Security Review 29: 676–688. doi:10.1016/j.clsr.2013.09.005.CrossRefGoogle Scholar
  52. Koops, B-J., and R. Leenes. 2014. Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’ provision in data-protection law. International Review of Law, Computers & Technology 28(2): 159–171. doi:10.1080/13600869.2013.801589.
  53. Kornmaier, A., and F. Jaouën. 2014. Beyond technical data -a more comprehensive situational awareness fed by available intelligence information. 2014 6th International Conference on Cyber Conflict, ed. P. Brangetto, M. Maybaum, and J. Stinissen, 139–156, NATO CCD COE Publications. https://ccdcoe.org/sites/default/files/multimedia/pdf/d0r0s2_kornmeier.pdf. Accessed 21 May 2016.
  54. Kshetri, N. 2010. The global cybercrime industry. Economic, institutional and strategic perspectives. Heidelberg/Dordrecht: Springer.Google Scholar
  55. Lessig, L. 2006. Code and other laws of cyberspace (2001), Code 2.0 (2006). Crowdourced version. http://codev2.cc/ Accessed 21 May 2016.
  56. Lin, P., P. Allhoff, and K. Abney. 2015. Is warfare the right frame for the cyber debate? In The ethics of information warfare, ed. L. Floridi and R. Taddeo, 39–57. LGTS, Dordrecht/Heidelberg: Springer. doi:10.1007/978-3-319-04135-3.
  57. McCary, M. 2013. Sun Tzu’s battle for our footnotes: the emergent role of libraries in juridical warfare. University of Miami National Security & Armed Conflict Law Review 3(Fall): 46–103. http://www.m2lawpc.com/index_htm_files/McCary-Sun%20Tzu%20Footnotes-UM-NSAC%20L%20Rev-Vol-III-2013.pdf Accessed 21 May 2016.
  58. Moshirnia, A.V. 2012. Valuing speech and open source intelligence in the face of judicial deference. Harvard National Security Journal 4(2012-3): 385–454. http://harvardnsj.org/wp-content/uploads/2013/05/Vo.4-Moshirnia-Final.pdf. Accessed 21 May 2016.Google Scholar
  59. Murkens, J.E.M. 2007. The future of Staatsrecht: Dominance, demise or demystification? The Modern Law Review 70(5): 731–758. doi:10.1007/978-3-540-73810-7_2.CrossRefGoogle Scholar
  60. Noriega, P., and M. d’Inverno. 2014. Crowd-based socio-cognitive systems. In Crowd intelligence: Foundations, methods and practices. European network for social intelligence, ed. M. Poblet, P. Noriega, and E. Plaza, Barcelona, January 2014, http://ceur-ws.org/Vol-1148/CROWD2014 Accessed 21 May 2016.
  61. Noriega, P., J. Padget, H. Verhagen, and M. d’Inverno. 2014. The challenge of artificial socio-cognitive systems. In AMMAS 14’ Proceedings. http://aamas2014.lip6.fr/proceedings/workshops/AAMAS2014-W22/p12.pdf. Accessed 21 May 2016.
  62. O’Connor, T.R. 2006. Intelligence-led policing and transnational justice. Journal of the Institute of Justice & International Studies 6: 233–239.Google Scholar
  63. Orend, B. 2014. Fog in the fifth dimension: The ethics of cyber-war. In The ethics of information warfare, ed. L. Floridi and R. Taddeo, 1–23. Dordrecht/Heidelberg: Springer. doi:10.1007/978-3-319-04135-3.Google Scholar
  64. Ostrom, E. 2010. Institutional analysis and development. Micro workshop in political theory and political analysis. Proceedings of the policy studies organization, New series 9, 851–878 http://www.ipsonet.org/proceedings/category/volumes/2010/no-9/ Accessed 21 May 2016.
  65. Palombella, G. 2009. The rule of law beyond the state: Failures, promises, and theory. International Journal of Constitutional Law 7(3): 442–467. doi:10.1093/icon/mop012.CrossRefGoogle Scholar
  66. Palombella, G. 2010. The rule of law as institutional ideal. Comparative Sociology 9: 4–39. doi:10.1163/156913210X12535202814315.CrossRefGoogle Scholar
  67. Phythian, M. 2009. Intelligence analysis today and tomorrow. Security Challenges 5(1): 69–85. doi:10.1080/13619462.2014.987530.Google Scholar
  68. Poblet, M. (ed.). 2011. Mobile technologies for conflict management. Online dispute resolution, governance, participation. LGTS, Dordrecht/Heidelberg: Springer. doi:10.1007/978-94-007-1384-0.Google Scholar
  69. Poblet, M. 2013. Visualizing the law: Crisis mapping as an open tool for legal practice. Journal of Open Access to Law 1. Ithaca, Cornell: https://ojs.law.cornell.edu/index.php/joal/article/viewFile/12/13 Accessed 21 May 2016.
  70. Poblet, M., E. García-Cuesta, and P. Casanovas. 2014. Crowdsourcing tools for disaster management: A review of platforms and methods. In AI approaches to the complexity of legal systems IV. Social intelligence, models and applications for law and justice systems in the semantic web and legal reasoning, ed. P. Casanovas et al., 262–276. LNAI 8929, Dordrecht, Heidelberg: Springer. doi: 10.1007/978-3-662-45960-7_19.
  71. Ratcliffe, J.H. 2003. Intelligence-Led policing. Trends and issues in crime and criminal justice, 248. Canberra: Australian Institute of Criminology.Google Scholar
  72. Ratcliffe, J.H. 2008. Intelligence-led policing. Cullompton: Willan Publishing.Google Scholar
  73. Risch, J.M. 2009. Virtual rule of law. West Virginia Law Review 112(1): 1–50.Google Scholar
  74. Robson, T.A. 2009. A burning need to know: the use of open source intelligence in the Fire Service. Thesis. Monterrey: Naval School. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.387.6834&rep=rep1&type=pdf Accessed 21 May 2016.
  75. Rodriguez-Doncel, V., C. Santos, P. Casanovas, and A. Gómez-Pérez. 2016. Legal aspects of linked data – The Europeanframework, Computer Law & Security Review: The International Journal of Technology Law and Practice (2016), doi: 10.1016/j.clsr.2016.07.005Google Scholar
  76. Rugge, F. 2012. The case for NATO-EU cooperation in the protection of cyberspace. In Cybersecurity Summit (WCS), 2012 Third Worldwide, 1–10. IEEE.Google Scholar
  77. Schmitt, M.N. (ed.). 2013. Tallinn manual on international law applied to cyber warfare. Cambridge: Cambridge University Press.Google Scholar
  78. Schmitt, M.N. 2014. The law of cyber warfare: Quo Vadis. Stanford Law and Policy Review 25: 269–300.Google Scholar
  79. Schmitt, M.N., and S. Watts. 2014. The decline of international humanitarian Law Opinio Juris and the law of cyber warfare. Texas International Law Journal 50: 189–231.Google Scholar
  80. Schreier, F. 2015. On cyberwarfare. DKAF Horizon 2015, WP 7. http://docplayer.net/4159538-Dcaf-horizon-2015-working-paper-no-7-on-cyberwarfare-fred-schreier.html Acessed 21 May 2016.
  81. Solis, G. 2014. Cyberwarfare. Military law review, 219(Spring): 1–52. http://www.loc.gov/rr/frd/Military_Law/Military_Law_Review/pdf-files/219-spring-2014.pdf Accessed 21 May 2016.
  82. Steele, R.D. 2007. Open source intelligence. In Handbook of intelligence studies, ed. Loch Johnson, 129–147, New York: Routledge.Google Scholar
  83. Taddeo, M. 2012. Information warfare: a philosophical perspective. Philosophy & Technology 25.1(2012): 105–120. doi: 10.1007/s13347-011-0040-9.
  84. Tamanaha, B. 2011. The rule of law and legal pluralism in development. Hague Journal on the Rule of Law 3: 1–17. doi: http://dx.doi.org/10.1017/S1876404511100019.
  85. Tene, O. 2014. A new Harm Matrix for cybersecurity surveillance. Colorado Technology Law Journal 12(2): 391–426.Google Scholar
  86. Trottier, D. 2014. Police and user-led investigations on social media. Journal of Law, Information and Science 23: 75–96. AustLII: http://www.austlii.edu.au/au/journals/JlLawInfoSci/2014/4.html Accessed 21 May 2016.
  87. Usmani, Z-ul-H. 2014. Predictive modeling to counter terrorist attacks. Go-FigSolutions An Interview with Max Ernst, Pranav Sharma, and Neil Singh, Providence, RI, 9 February.Google Scholar
  88. Verfaille, K., and T.V.d. Beken. 2008. Proactive policing and the assessment of organised crime. Policing. An International Journal of Police Strategy and Management 31(4): 534–552. doi: 10.1108/13639510810910553.
  89. Zeadally, S., and A. Flowers. 2014. Cyberwar: The what, when, why, and how [commentary]. Technology and Society Magazine, IEEE 33(3): 14–21. doi:10.1109/MTS.2014.2345196.CrossRefGoogle Scholar
  90. Zimmeck, S. 2012. The information privacy Law of Web applications and cloud computing. Santa Clara Computer & High Technology Law Journal 29: 451–487.Google Scholar
  91. Zittrain, J.L. 2008. The future of the internet – And how to stop It. New Haven/London: Yale University Press & Penguin UK. Harvard University’s DASH Repository. http://dash.harvard.edu/bitstream/handle/1/4455262/Zittrain_Future%20of%20the%20Internet.pdf?sequence=1. Accessed 21 May 2016.Google Scholar

Copyright information

© Springer International Publishing Switzerland 2017

Authors and Affiliations

  1. 1.Institute of Law and TechnologyAutonomous University of BarcelonaBarcelonaSpain
  2. 2.Faculty of Business and Law, Data to Decisions Cooperative Research CentreDeakin UniversityGeelongAustralia

Personalised recommendations