issue (what?) the wsis declaration of principles recognizes that: “the management of the internet encompasses both technical and public policy issues …” one of the public policy issues which require careful consideration is security and crime. not surprisingly therefore the plan of action considers that: “confidence and security are among the main pillars of the information society.” as stated in the utive summary of a communication from the european commission titled network and information security: proposal for a european policy approach com(2001)298 final: “network and information security can be understood as the ability of a network or an information system to resist at a given level of confidence accidental events or malicious actions. such events or actions could compromise the availability authenticity integrity and confidentiality of stored or transmitted data as well as related services offered via these networks and systems.” such malicious cybersecurity intrusions therefore give rise to cybercrimes which are described in a 2000 mcconnell international report as “harmful acts committed from or against a computer or a network”[schneider and hyner page 6]. on accepting this definition it follows that the internet: global network of networks presents the main opportunity for cybercrimes. as described in the electronic frontier: the challenge of unlawful conduct involving the use of the internet a report of the president’s working group on unlawful conduct on the internet dated march 2000 cybercrime may be encountered with the computer used as a communications tool a storage device or as a target itself. storing pornographic material and physically damaging a computer are examples of the latter two mechanisms. illegal distribution of racist or sexually explicit materials intellectual property theft stealing credit card numbers and launching computer viruses are all examples of cybercrimes effected over the internet. the internet is heavily dependent on the public telecommunications infrastructure. in several countries multiple competitive operators provide inter-connected networks which increase the opportunities for security intrusions. examples of cybercrimes committed through cybersecurity intrusions into the telecommunications network are: illegal access of a pabx getting dial tone and then dialing for free to any part of the globe or listening to other people’s conversation. now some of these crimes such as fraud piracy and counterfeiting are really old crimes being committed in new ways. this has led vice president gore to state in 1999 that “unlawful activity is not unique to the internet – but the internet has a way of magnifying both the good and the bad this paper is a draft working paper reflecting the preliminary findings of the drafting team. it has been subject to review by all wgig members but it does not necessarily present a consensus position nor does it contain agreed language accepted by every member. the purpose of this draft is to provide a basis for the ongoing work of the group. it is therefore not to be seen as a chapter of the final wgig report but rather as raw material that will be used when drafting the report. this draft working paper has been published on the wgig website for public comment so it will evolve taking into account input from governments and stakeholders. 2 in our society … what we need to do is to find new answers to old crimes.” some people do not consider such offences to be ‘cybercrimes’ because they say it is like using a mobile phone in the course of a robbery and that does not make it a mobile phone offence! however some are distinctly new types of crimes such as hacking and the release of viruses into the network. schneider and hyner observed that “the scale scope and complexity of these problems …. seem to trigger and propel the growth of an array on new institutional arrangements and governance structures geared to deal with these kinds of security issues.” however the lack of effective coordination remains a challenge. another issue concerns the difficulty in detecting and prosecuting most offences committed in a global network. criminal law is generally limited to the jurisdiction of the state. for example the computer fraud and abuse act was created in the unites sates in1986 in response to increasing cybercrime while corresponding legislation was enacted in the united kingdom by way of the computer misuse act 1990. these statutes have improved the body of law available to deal with cybercrime. collecting evidence from and extraditing offenders from other states still remains a significant legal challenge. the council of europe convention on cybercrime is intended to harmonize laws across states and provide for greater international cooperation in this area. governments must therefore develop new expertise to deal with these new and complex issues. cybersecurity and cybercrime are huge problems. generally they “compromise the availability authenticity integrity and confidentiality of stored or transmitted data as well as related services offered via these networks and systems.” specifically these activities cost billions of dollars in losses to firms undermine consumer confidence in e-commerce damage people’s lives and reputation through privacy intrusions and threaten to disturb the stable and secure functioning of the internet.