Philippe Gerard, director general of the Information Society of the European Commission, said on Monday that member states of the European Union will agree within weeks to bring in common laws to combat cybercrime.
"There has been political agreement for this for more than a year but some member state have had reservations, but I understand that the framework objective could be adopted by the end of this month," Gerard told the Openwave Messaging Anti-Abuse conference in London.
Back in April 2002, the EC proposed that all the EU's members should bring in laws that explicitly outlawed a range of attacks on information systems. This included "unauthorised access to information systems", "disruption of information systems", "execution of malicious software that modifies or destroys data", "interception of communications", and "malicious misrepresentation".
Gerard declined to say which countries had held up the adoption of this framework proposal.
Some of these cybercrimes were already thought to be illegal through existing laws in many countries. However, the EC said that "significant gaps and differences in member states' laws in this area" were hampering the fight against organised crime and terrorism, and "acting as a barrier to effective police and judicial cooperation in the area of attacks against information systems."
Thanks to the global nature of the Internet, many malicious hacking and DoS attacks are thought to be carried out by someone in a different country from their victim. Once the framework decision is enforced in national law across Europe it should be easier for suspected cybercriminals to be extradited within the EU.
The UK government is currently working on an update to the Computer Misuse Act, which will almost certainly comply with the EU's framework policy.