David Stanton (Cork East, Fine Gael) | Oireachtas source

I thank the House for giving its time and consideration to the matter. As I stated at the very start, and it has been acknowledged by colleagues, this is significant legislation. I thank the Senators for their contributions and their general support for the Bill. It is clear there is a shared determination to combat cybercrime. The Bill focuses on protecting information systems and the data they contain from unauthorised access or interference. This is vital to the interests of businesses, Government structures and individual citizens alike, given the central role information systems play in all our lives.

As technology advances and new forms of crime evolve, our legislative frameworks must also develop to counter these threats. Cybercrime activities come in many different forms and broadly involve criminal attacks on information systems and infrastructures themselves or on their associated data. Data are an increasingly valuable commodity in the economic world and personal information in particular carries a premium. Criminal gangs are aware of this and perpetrate large-scale pervasive attacks involving unauthorised access to, collection of and use of data for monetary gain. Some of the more common forms of cybercrime involve identity theft, online Internet scams or fraud, cybercrimes on business, cyber extortion, as was mentioned earlier, industrial espionage and online intellectual property theft. It is these crimes which cause the greatest impact economically in Ireland and around the globe. It has been estimated the cost of cybercrime to the Irish economy is €630 million per annum. Grant Thornton, the consultants who carried out this analysis, discovered the cost of traditional crimes, such as welfare and tax fraud, moving into the online environment is a significant threat to the Irish economy.

The legislation we are introducing seeks to protect information systems and important data from cyber attacks from within and outside the State. The Bill makes it an offence to engage in cybercrime activity and provides strong penalties for those found guilty of offences relating to information systems, including up to ten years imprisonment if the crime is sufficiently serious. Cybercrime is an international worldwide problem. It knows or respects no borders. There is a need, therefore, for international co-operation to counter the menace. Harmonisation of national laws is a very important way of doing this. By strengthening our laws throughout Europe and beyond we present a united front against cybercrime and counter its transnational dimension. The legislation before us will serve to transpose the EU directive on attacks against information systems and ensure Ireland can stand alongside our European partners in combatting criminality in this area and protecting vital infrastructure.

International co-operation is also necessary on a practical operational level through sharing information between police authorities to bring cyber criminals to justice and enforce our laws. A key aim of the EU directive, in addition to criminalising offences relating to information systems, is to improve co-operation with and between competent authorities, including the police and other law enforcement services such as Europol and the European Cybercrime Centre. For the purpose of exchanging information on cyber offences, member states are required to have an operational national point of contact, which is available 24 hours a day, seven days a week. The designated national contact point for Ireland is the Garda computer crime investigation unit, and its contact details have already been provided to the European Commission and can be made available to other member states' competent specialised agencies and bodies.

The Bill will ensure unlawful activities relating to information systems and their data are criminalised and strong penalties are in place to deter and punish offenders. In doing this it seeks to protect modern information and communication systems and maintain users' confidence in the safety and reliability of such systems. This is clearly important for business, the Government sector and individuals.

Senator Horkan mentioned the Law Reform Commission's report on harmful communications and digital safety published in September 2016. While noting the positive benefits to society of the interconnected digital world in which we live, the report also noted the negative aspects of the emerging trend to engage in online communications that cause significant harm to others. While the report identified the existing criminal law already addresses some of the harmful communications described, it also identified significant gaps that require legislation, particularly where new technologies are being used in new ways that could not have been previously anticipated. Colleagues have mentioned the importance of developing and moving on, and it is changing by the hour.

In December 2016 the Government gave its approval for the drafting of a general scheme of a Bill which would provide for new and amended criminal offences along the lines set out in the report. The Bill will address the criminal law aspects of the Law Reform Commission's report. Work is being undertaken to prepare the general scheme of the Bill which, when published, can be fully considered by the Oireachtas Joint Committee on Justice and Equality and the public at large.

As we know, there are proposals to reconfigure the Garda computer crime unit into the Garda cybercrime unit. I am not aware of whether many civilian staff will be involved. It strikes me that what will be involved are people who will really be on top of their game and really specialist people, not the number of people, as has been said, but people who really are specialised in these areas. The Garda has built up considerable expertise in this area. The former head of the unit heads up the European cybercrime unit.

Other questions were asked earlier and I will endeavour to get answers at a later stage, as has been requested.