Cybercrime Investigation and Prosecution: The Jurisdictional Challenge and Way Forward

By 0
Cybercrime Investigation and Prosecution: The Jurisdictional Challenge and Way Forward


The mass explosion of technology and high rate of adoption of internet and technology have resulted in the growing and modernization of cybercrime activities-which are threats to national, organization and personal security. Almost every form of criminal’s act has a technology aspect in it. As mentioned in our previous papers, organizations lose millions of US dollars to cybercrime investigations, but most of the investigations do not lead to the prosecution of the criminal. Ghana Police Cybercrime directorate has revealed that Ghana loses 166 million dollars due to cybercrime each year. In 2018, McAfee released a report on the economic impact of cybercrime that estimated the likely annual cost to the global economy was nearly $600 billion, up from $45 billion in 2014. Crime researchers have said global cybercrime costs over four billion US dollars yearly.

Like the traditional crime, cybercrime also has a devastating effect on the health, safety, and psychological well-being of the victims. Investigators and prosecutors struggle to find enough evidence for cybercrime prosecution. One of the factors making modern day cybercrimes investigations complex is multiple jurisdictions involved in a single cybercrime act. Multi-jurisdictional challenge makes cybercrime prosecution almost impossible. This paper discusses cybercrime investigations challenges caused by multiple jurisdictions.

 Jurisdictional Challenge

The jurisdictional limitations in investigating and prosecuting cybercrime is yet another challenge law enforcement agencies are facing.  Dozens of jurisdictions involving hundreds of law enforcement agencies may be involved in one act of cybercrime. Multiple jurisdictions in cybercrime investigations brings extradition challenge. When criminal lives in a country which is different from the country where the cybercrime proceedings are held, it can be possible for that person to be extradited to stand a trial. However, the process involved in the prosecution could be very daunting because a lot of money and time could be involved. Moreover, the process may require a common agreement signed between the affected nations. If charges are brought to the country in which the criminal is living, then the challenge of extradition is avoided. Another challenge is that though the affected countries could have the legal right to prosecute criminals. The cases are not even investigated because of several legal protocols the affected countries would go through.

Another difficult problem which arises from multiple jurisdictions is when it comes to seeking permission to conduct searches remotely.  Conducting search remotely is considered illegal in most countries. This is a challenge to transnational cybercrime investigations which requires coordinated efforts from multiple jurisdictions.

Moreover, conducting investigations over multiple national borders delays the prosecution process and increases costs especially when investigators need to contact various groups of investigators in different countries. The need to translate documents to another language; and the need seek help from interpreters are some of the factors that increase the cost and time needed to carry out investigations.

Every country has its own priorities. When cybercrime incident involves multiple countries, it is important that the affected countries get involved in the investigation and prosecution process. However, cybercrime incidents may not be of importance to some of the affected jurisdictions there by slowing down the process.

The jurisdictional challenge affects states (local) and governments’ level prosecution. Prosecution requirement at higher levels of the court system may limit government’s involvement in some cybercrime offenses. For example, lawyers (at government level) may decline to prosecute minors because the higher court system does not handle juvenile cases. Cases involving adults are also declined if the monetary amount of loss is not enough to meet supreme and high court prosecution requirement.

Adoption of International Legal Framework

It appears cybercrime rate has outpaced global efforts to combat cybercrime. Individual countries are making efforts to come out with their own cybercrime legal framework, but they are not making progress. United Nations and other countries have also made several attempts to develop their legal framework for cybercrime in the past, but these efforts have not worked out. The faster growth of global cybercrime rate and multi-jurisdictional challenge requires that various nations adopt an existing legal framework for cybercrime.

The adoption of an existing legal framework, in my opinion, is the simplest way of addressing the jurisdiction challenges of cybercrime.  The Convention on Cybercrime, also known as the Budapest Convention on Cybercrime or the Budapest Convention, is an existing framework which must be adopted by the United Nations or every country. Budapest Convention is the first international treaty developed to handle cybercrime. It seeks to harmonize national laws, improve investigative techniques, and increase cooperation among nations. It was drawn by the Council of Europe in Strasbourg, France, with the active participation of the Council of Europe’s observer states Canada, Japan, Philippines, South Africa and the United States.

Ghana’s adoption of the convention is a step in right direction because the adoption brings several benefits: Its adoption harmonizes the efforts of combating cybercrimes at national and international levels. The adoption also reduces the amount of time spent for developing new frameworks. Looking at the growth rate of international cybercrime and the challenge posed by multi-jurisdiction, adoption of the Budapest Convention is immediate solution to addressing Jurisdictional Challenge of cybercrime. The United Nations must therefore encourage member countries to adopt this convention.


Samuel O Aduafo – Cybersecurity Specialist, AdvancedEvidenceDiscovery Ltd; Institute of Cybersecurity, Ghana, (Member of Institute of ICT Professionals Ghana)

For comments, contact author:;