The Crimes Are Virtual But The Damages Are Real: The World Gathers In Brazil For The Congress On Electronic Crimes And Protection

The Crimes Are Virtual But The Damages Are Real: The World Gathers In Brazil For The Congress On Electronic Crimes And Protection

Recently, our very own Fernando M. Pinguelo was able to sit down with Brazillian Cyber Law Attorney Opice Blum for a discussion on the Congress on Electronic Crimes and Protection.  Below is a partial transcript of their Question-and-Answer session:

Q: Thank you, Renato, for sitting down with me to discuss the latest developments in tech crimes and what experts like you are doing to help businesses and individuals prevent these crimes and address them when they hit home.  Tell me a little bit about your background and the composition of your law practice.

A: My name is Renato Opice Blum and I am a Brazilian Attorney and Economist who specializes in High Tech Law. I am CEO of Opice Blum Attorneys at Law, one of the most respected South American firms.  Opice Blum Attorneys at Law has many years of solid experience in the main areas of law, and is recognized as a pioneer for its work in law as it relates to technology, electronic and digital law, information technology, computer law, and their variations.  We handle mediations, arbitrations, oral sustaining in Court, crisis management, cybercrimes, and corporate matters. Opice Blum Attorneys at Law handles matters throughout the Brazilian territories and maintains close relationships with international legal correspondents in main financial centers, such as in New York and Miami.  More detailed information can be found on the Opice Blum website.

Q: What types of cybercrimes are your clients seeing on a regular basis?

A: Unfortunately, the cybercrime scenario in Brazil is in an exponential growth mode. Companies andindividuals are their main targets. Felonies vary from offenses in the social network context to theft of intellectual property. We have seen an increase in business security breaches involving both current and former employees and industrial espionage. Also, we see new techniques targeting financial institutions. Old schemes like regular phishing and simple malwares have been substituted with specialized scams and botnet controlled malicious software.  The consequences of such advanced cybercrime techniques can be disastrous to an unsuspecting business.

Q: What new techniques and enterprises are cybercriminals venturing into?

A: We have seen botnets being used to send more sophisticated phishing e-mail scams, called specialized phishing. The use of iFrames is also increasing, together with tabnapping methods. The growth of microblogging and social networks has brought fraud to URL shorteners; but crawler engineshave been collecting thousands of profiles that are then used to identify theft crimes. The proliferation of internet use in mobile devices is also creating a menace to privacy when it comes to geolocalizationservices – the real-world location of a device. We have even seen satellite channels being used to broadcast illegal TV signals captured over the Internet.

Q: When a company learns that its data-security has been breached, what should the general counsel immediately do or not do?

A: The first thing to do is try to leave the environment intact. Do not start turning off devices, trying to figure the problem out yourself, or otherwise tampering with the crime scene.  Leaving the crime scene, and treating it as such, enables trained professionals to collect adequately the chain of evidence. Much the same way an average person shouldn’t tamper with a bloody murder scene, the same investigative principles apply to cybercrimes.  For that, professionals with computer forensics knowledge are necessary and must be physically present at the crime scene. These experts will preserve the electronic data and all the equipment that can be used later to identify the source and as evidence in a judicial case.  Hence, the first thing to do is contact a reputable specialist with extensive experience in these matters. We have cases where millions of dollars have been spared to a client where proper measures had been taken – both preventative and reactive.

Q: Are you aware of any good examples of governments or laws demonstrating a new degree of flexibility regarding the growth of these criminal enterprises?

A: The Brazilian government has implemented some initiatives to deal with cyber menaces. The cyber approach to critical data infrastructures is a scenario that has been closely observed by our government. When it comes to laws, regulatory norms are being revisited and discussed publicly with the help of several levels of professionals, government officials, and business leaders, in a collaborative approach to these changing circumstances.  We are also seeing that legal decisions are being harmonized with the use of new technologies.

Q: How are laws able to keep up with the financial ramifications posed by cybercrimes?

A: Although changes in the legal system can never keep pace with the speed of developments in technology and cybercrimes, many of the practices in the virtual world already have current laws applied to them. We say that in Brazil, 95% of cybercrimes are already addressed in our penal code. The financial ramifications can be dealt with in a similar fashion to the methodology applied to organized crimes. We have specific laws directed at organized crimes that address and even predict more severe practices that are different from regular felonies. The prosecution procedure is also different and can be applied to organized cybercrime and its financial repercussions.

Q: What are the most common barriers you are seeing when it comes to using the law to protect your clients from cybercriminals?

A: The laws are not the most common barriers.  It is the lack of specific technical knowledge and experience that is the greatest barrier.  Moreover, the novelty of these tech crimes alarms members of the bar and the judiciary because it is all so new and technical. But that is changing. We have more than 30,000 decisions addressing cybercrimes, and electronic law in general. Judges have become more aware of the financial and social impact of cybercrimes. Cases have arisen in our Supreme Court and high courts. But it will take more time to remove the barriers altogether.

Q: Tell me about the symposium The Second Congress On Electronic Crimes And Protection, its organizers, attendees, and panelists.

A: With all the resources and facilities that the virtual world offers, crimes arise. How do we deal with them? What should we do to take advantage of this world with security? How can we protect ourselves from cybercriminals? With questions like these, the Second Congress on Electronic Crimes and Forms of Protection will convene the most influential experts on matters concerning cybercrimes and electronic law. The results of an extensive research project on cybercrime in Brazil will be presented together with other topics such as regulation of the internet, threats on the internet to children, the future of cybercrime prevention, the technological challenges facing nations of the world, and a technological approach on the prevention of cybercrime and cyberwar.

The lectures and discussions will be given by professors, lawyers, engineers, and experts such as Fernando M. Pinguelo, from Norris McLaughlin & Marcus, P.A, USA; Gustavo Tanus, from TSKS-Tanús, Steinborn, Kaprielan e Saenz de Santa; Cedric Laurant from the European Union; Renato Opice Blum and Rony Vainzof, president and vice president of the Superior Counsel of Information Technology of the Commerce Federation of São Paulo.

More information is available at:

Comments (1):

  1. The world of CyberCrimes has left big businesses and corporations extremely vulnerable. Although, the perpetrator of a cyberattack on a company website or hacker of a company server may never be identified, the company that was a victim of this attack is now susceptible to fines and lawsuits. Data breaches are a company’s worst nightmare. This leaves them subjected to breach of privacy claims that often turn into class action lawsuits. The company is left with no recourse as the perpetrator is one that crosses jurisdictional boundaries and can invariably never be identified.

Leave a Reply

  • Find an eLesson

  • Register for Post Notifications

    Subscribe to receive updates whenever a new eLesson is published.

    Manage Subscriptions
  • Let Us Blog Your Event!

    eLessons Learned is fast becoming the site of choice for employers, employees, judges, lawyers, and journalists who are interested in learning more about these areas without being intimidated by the complexity of the topic. In fact, organizations and event coordinators often feature eLessons Learned as their official eDiscovery blog. Fill out our simple registration form to have eLessons Learned be the official blog of your organization or event.

    Register Now
  • Recent Praise

    The blog takes a clever approach to [e-discovery]. Each post discusses an e-discovery case that involves an e-discovery mishap, generally by a company employee. It discusses the conduct that constituted the mishap and then offers its ‘e-lesson’ — a suggestion on how to learn from the mistake and avoid it happening to you.

    Robert Ambrogi

    Legal Tech Blogger and creator of LawSites

    Although I may have missed some, yours is the first article that I have seen addressing Zubulake II. It is often the lost opinion amongst the others.

    Laura A. Zubulake

    Plaintiff, Zubulake v. UBS Warburg

    Click here to see more.