Tag Archive for: CrossBorder

Ransomware sentence indicative of cross-border cooperation in enforcement of white-collar crimes

/in


A United States court recently sentenced a Canadian citizen to 20 years in prison for his participation in the NetWalker ransomware attacks. The case displays the coordination of law enforcement units across borders in response to the threat of attacks that similarly transcend borders.

Background

Following a request from the U.S. Federal Bureau of Investigation for assistance identifying a Canadian suspect in their investigation into NetWalker, the RCMP arrested Sebastien Vachon-Desjardins, a former Government of Canada employee, in January 2021. After his arrest, the RCMP searched his home and seized 719 bitcoin (worth approximately $35 million at the time of the seizure) and $790,000 cash. He was charged in Canada with mischief in relation to computer data, unauthorized use of a computer, extortion and participating in a criminal organization. In January 2022, he pleaded guilty to three of the four charges, and was sentenced by an Ontario court to seven years in prison. In addition, he was ordered to forfeit the bitcoin, most of his seized computing devices and all of the cash seized by the RCMP, as well as to pay more than $2.6 million in restitution to the businesses affected by the attacks.

Following his Canadian sentencing, Vachon-Desjardins was extradited to the United States, where he was charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, intentional damage to a protected computer and transmitting a demand in relation to damaging a protected computer. Vachon-Desjardins pleaded guilty to all four charges. On October 4, 2022, a U.S. District Judge in Florida sentenced him to 20 years in prison, and ordered him to forfeit US$21.5 million. Restitution will be ordered by the U.S. court at a later date.

Ransomware attacks

As discussed in a previous post, ransomware is a form of malicious software designed to block access to data or a computer system. Ransomware often encrypts data or programs on information technology systems in an effort to extort ransom payments from victims in exchange for decrypting the information and restoring system access. These types of attacks have increased in frequency, severity and sophistication in recent years —…

Source…

The UN Security Council must reauthorize lifesaving UN cross-border response in one month’s time

/in


Source…

China approves more cross-border e-commerce pilot zones_英语频道_央视网(cctv.com)

/in


BEIJING, Feb. 8 (Xinhua) — China’s State Council has approved setting up more cross-border e-commerce pilot zones in 27 cities and regions as the government seeks to stabilize foreign trade and foreign investments.

The new pilot zones, including those in Erdos in Inner Mongolia and the city of Yangzhou in Jiangsu Province, will replicate and advance the experience learned from the previous five batches of pilot zones, according to a statement released by the State Council.

While trying to promote the high-quality development of trade, the cabinet also stresses efforts to ensure national security, internet security, data security, and biological security to foster an amicable business environment for market entities.

China’s cross-border e-commerce has been expanding much faster than overall foreign trade, and its share in overall foreign trade has gone up significantly.

Since 2015, China’s State Council has established 105 cross-border e-commerce pilot zones in five batches. The new business model has become a vibrant force driving China’s foreign trade growth.

Official data shows that China’s total trade in goods moved up another notch in 2021, exceeding 6 trillion U.S. dollars for the first time, despite the pandemic continuing to weigh on global trade.  

Source…

China’s New Draft Measures for Data Cross-border Transfer

/in


On October 29, 2021, the Cyberspace Administration of China (“CAC”) published the Security Assessment Measures of Data Cross-border Transfer (Draft for Comments) (the “New Draft Measures”) for public comments.

The New Draft Measures intends to set up clear implementation rules for the general principles of data cross-border transfer set forth in the Cyber Security Law, the Data Security Law and the Personal Information Protection Law. Although the current draft may be subject to further revisions before finalization, the following potential impacts of the New Draft Measures are worthy of attention:

  1. Possibility to trigger assessment by the PRC government may impact the daily operations of many multinational companies.

Article 4 of the New Draft Measures specifies five scenarios under which data cross-border transfer will trigger safety assessment by the central CAC or the relevant provincial branch of CAC (as applicable):

(1) Cross-border transfer of personal information (“PI”) or important data collected or generated by the operators of critical information infrastructures;

(2) Cross-border transfer of data containing important data;

(3) Cross-border transfer of PI by a processor who has processed PI of one million or above;

(4) Cumulative cross-border transfer of PI of 100,000 or above or sensitive PI of 10,000 or above;

(5) Other scenarios as specified by CAC.

Among the abovementioned five triggers, for many multinational companies in the PRC, the third and the fourth ones are most relevant to their daily operations, where these multinationals might need to transfer PI of its users, customers, suppliers and employees to their overseas headquarters or global data processing centers.  For compliance purpose, these multinationals might need to start to closely audit and monitor existing, ongoing and future transfer and storage of PI from the PRC, and assess and prepare for possible application of safety assessment by the PRC authorities.

Please note that the current formulation of the triggers under Article 4 still need further clarification.  For example, (i) the definition of “important data” needs to be further specified; (ii)…

Source…