Zoe Berg, Photo Editor

On Feb. 18, the Yale Cyber Leadership Forum hosted a virtual discussion titled “Criminal Law Enforcement Across National Borders.” 

The session, open to the general public on Zoom, was the second of seven biweekly Thursday webinars this semester meant to bridge the divide among law, technology, policy and business communities on the most critical cybersecurity challenges. Each webinar focuses on a different challenge related to the theme of sovereignty in the digital age. 

Thursday’s session featured Bruce Swartz ’75 LAW ’79, a deputy assistant attorney general and the counselor for international affairs at the United States Department of Justice, and Richard Boscovich, an assistant general counsel at Microsoft’s Digital Crimes Unit leading the Unit’s Malware and Cloud Crime Team. Professor of International Law and Yale Cyber Leadership Forum director Oona Hathaway LAW ’97 moderated the discussion, along with Edward Wittenstein ’04 LAW ’12, the deputy director for leadership programs and a lecturer at the Jackson Institute for Global Affairs. 

“Each of the sessions, and this one is no exception, aims to air the challenges that we face in the cyber context and give a glimpse of how those challenges might be solved,” Hathaway wrote in an email to the News. “As with many of our panels, we have one panelist from government and one from the private sector. We will try to bring out the ways in which both are working to overcome the difficulties that are posed by legal authority that is geographically bounded and criminal actors who can operate throughout the world via the internet.”

Swartz began the talk by explaining three basic dimensions of cybercriminal issues: state-sponsored cyber intrusions, cybercrime involving computers and electronic evidence stored on servers in the United States and elsewhere, which contributes to the transnational nature of evidence. 

An overarching topic of his discussion was the importance of global cooperation between the public and private sectors when dealing with cybercrime across national borders. He cited Europol, the law enforcement agency of the European Union, as an example of a global partner.

“When you have not just the United States doing a prosecution or a series of arrests, but around the world, servers being seized and individuals being taken into custody or trial, that does send a clear signal that you cannot expect that you have impunity for these defenses,” Swartz said. 

Swartz also emphasized the importance of building an international legal framework to establish a common understanding of the range of cyber criminality. Due to the nature of digital data and privacy, there is a delicate balance between ensuring an open internet, conducting investigations of cybercrime issues and protecting civil liberties.

Then, Boscovich detailed how the Digital Crimes Unit at Microsoft operates in coordination with countries and private partners around the world to take down or disrupt malicious infrastructure. According to Boscovich, Microsoft differs from a nation-state or the DOJ in that its objective is to detect current threats and stop the harm rather than find evidence of attribution.

The talk was followed by a Q&A session led by Wittenstein with questions from the forum’s affiliated fellows and students. During the session, Swartz emphasized the importance of finding “points of commonality” to recognize and move toward a set of behavioral norms when it comes to cybersecurity.

The Yale Cyber Leadership Forum was established in 2017 in a collaborative effort between the Yale Law School’s Center for Global Legal Challenges and Yale’s Jackson Institute for Global Affairs. In previous years, the forum hosted an annual in-person conference spanning two and a half days.

The 2020 conference was canceled due to the pandemic and replaced by this series of virtual webinars featuring the same panelists that were originally scheduled for last year’s conference. 

“[The online format] doesn’t allow us to have the informal and continuous conversations that we can have in the course of a conference—where we have the same group of about 75 people in the room together,” Hathaway wrote in an email to the News. “But using this format allowed us to open it up to anyone who wants to participate, which we considered a real plus. Our first session had nearly 300 virtual participants, which was terrific.”

Hathaway also emphasized that a key part of the Yale Cyber Leadership Forum is the involvement of the fellows — a group of competitively-selected practitioners — and affiliated Yale students. This year, there are 32 students and 17 Fellows associated with the forum. 

In addition to attending the virtual discussions, the students write reaction papers that will be posted on the forum’s website. Fellows and students also engage in their own organized discussions as a way to reproduce some of the conversations that would have occurred during the in-person conference. 

The next virtual discussion, titled “Defending Forward? Implications for Safety, Security, and Sovereignty in Cyberspace,” will take place on March 4. The session will feature Colonel Gary Corn, the director of the Technology, Law and Security Program and adjunct professor of cyber and national security law at the American University Washington College of Law, and Suzanne Spaulding, the senior advisor for Homeland Security and director of the Defending Democratic Institutions project at the Center for Strategic and International Studies. 

Session recordings and registration forms for upcoming discussions are available on the forum’s website

Chloe Jensen | chloe.jensen@yale.edu

Kerui Yang | kerui.yang@yale.edu

CHLOE JENSEN
KERUI YANG