Each day we hear about different forms of fraud and theft on the Internet. Someone in America gets phished from a computer in the UK that is controlled by another computer in Switzerland, that is controlled by an individual in Italy, and their bank account emptied to a mule in America, and the money ends up with some gang in Russia.
Even if you found the individual in Italy you have to answer this question: where was the crime committed? The Convention on Cybercrime of the Council of Europe addresses this very question, and fosters cooperation amongst cooperating societies. Extradition is so rare that it is worth pointing out when it happens. On the 30th of July a UK Court refused to block extradition to someone who is accused of having caused many hundreds of thousands of dollars to US government systems. While in this case the government was a victim, something that happens all too often, far more often it’s individuals who are harmed. In this case the person sounds a bit disturbed. Let’s hope that next time they extradite people who do this sort of thing to make money, and demonstrate to them that it is not worth the risk.
Because the risk of getting caught is so small, this is an instant where the penalties should be very high when intent on theft, fraud, or disruption of services is clearly evident.