Introduction

High-tech crime, also known as e-crime, cybernetic or cybercrime, includes a set of criminal acts that involve the use of the Internet, computers or some other electronic devices, and various forms of criminal acts can be subsumed under this term. "In a broader sense, it is a criminal activity in which a computer or a network is the source, means, object, goal or space of a criminal act" (Romi ć et al, 2012). Certain forms of e-crime are directly related to computers, such as the spread of dangerous electronic viruses or the launch of DoS attacks (Denial of Service Attacks) that disable the computer system so that it refuses to perform any  service of the authorized user, when the computer becomes the object attacks, while in other forms of e-crime that include fraud, hate speech, crimes against intellectual property, as well as the production, possession and distribution of disputed material, devices and the Internet are a means of attack. In this type of crime, in addition to the object and the means of attack, the place of execution is also specific, which is a parallel, virtual space created by connecting several computers in networks suitable for searching for information or for electronic business, which we call cyber space, where the word is cyber (syber). of Greek origin and means invisible, inconspicuous and unlimited management. It is this almost invisible space and the absence of its limitations that complicates the fight against criminal activities that are undertaken (Bjelajac, Filipović, 2021). These specificities affect the difficult legal regulation of the matter and the problem in prosecuting the perpetrators, because cybercrime most often exceeds the borders of one country, that is, the valid territorial legislation. Perpetrators of this type of illegal activities benefit from weak protection and generally low awareness of users on the networks, but also difficulties in detecting the commission of the act and in gathering evidence. For this reason, in recent decades, the intention of the largest number of countries to undertake joint actions through various bilateral and multilateral agreements to jointly oppose cybercrime is noticeable. The regulation of cyber security at the national and international level contributes to the more efficient work of competent bodies in the detection of committed acts and perpetrators, but also to preventive action and prevention of incriminated acts. In order for states to adequately oppose this threat, it is necessary to connect them and strengthen cooperation and exchange of information, but also to strengthen cooperation between different sectors within the state. At the same time, it is important to protect the rights of individuals to privacy (Perović, 2018). Only after that can one approach the discovery of perpetrators of criminal acts and the imposition of adequate sanctions for those responsible, regardless of whether they are natural or legal persons.

The first document that comprehensively attempted to solve the problem of cybercrime was the Convention on Cybercrime (ETS 185), adopted on November 23, 2001 by the Council of Europe. The adoption of the Convention was preceded by the adoption of a number of recommendations warning the members of new threats and challenges and demanding their joint action. The Convention has prescribed criminal offenses directed against the confidentiality, integrity and availability of computer data and systems, providing precise definitions of criminal offences, which enable the conduct of criminal proceedings and eliminate the danger of double prosecution in several countries. The first steps in that procedure are the discovery of the act and the collection and securing of evidence (Bada & Nurse, 2019). This sets the framework for individual national legislations to more precisely determine the features and characteristics of individual criminal acts related to computers and cyberspace, their basic, lighter or more serious forms, and to prescribe criminal sanctions for their perpetrators, regardless of whether they are physical or legal entities. Serbia has signed the Council of Europe Convention on Cybercrime. Along with the Convention, in Strasbourg on January 28, 2005, the Supplementary Protocol on the prohibition of acts of a racist and xenophobic nature committed through computer systems was adopted. Its importance is also reflected in the fact that countries that are not in Europe joined it, such as the USA, Canada, Japan, the Dominican Republic, Panama, Mauritius, Australia, Israel, Sri Lanka and the Republic of South Africa (Bejatović, 2012).

The United Nations also worked to connect countries. The various bodies of this organization, in accordance with their powers, acted in the direction of raising awareness and connecting members in opposing the threats posed by high-tech crime. Resolution no. 55/2 of the UN General Assembly of September 18, 2000, also known as the Millennium Declaration, lists the safe and accessible sharing of new technologies among the goals for the coming millennium. In addition, the General Assembly adopted a number of resolutions related to the fight against misuse of information technologies and international Internet security.

the task of passing national legislation in the field of high-tech crime and cyber security to the International Telecommunication Union (ITU), its agency for the issue of information and communication technologies (ICT). In May 2007, the ITU presented a document called A Global Cybersecurity Agenda (GCA), which listed the main problem and recommendations for improving security (Newbury, 2017).

Many other organizations, such as N ATO, OSCD, OECD, ICANN, AU, ASEAN, OA, have dealt with solving the problems of high-tech crime and threats to modern society with their internal documents (Pernik, 2014).

The objectives of the work and the methodology used

The aim of the paper is to answer the question of what are the legal aspects of the fight against high-tech crime in the European Union (EU), because the fight against high-tech crime includes various areas, factors and aspects. In order to answer that question, it was necessary to define the basic terms, collect data through research, classify and analyze them. In that process, three basic questions arose:

1.     What are the documents of the European Union that govern the legal aspects of the fight against high-tech crime?

3.     To what extent is the domestic legal system harmonized with the European one?

Scientific research is the initial step by which existing knowledge is verified and new knowledge is acquired, because the description of previous activities is the first step in which the initial state is completely, objectively and systematically determined, that is, the facts are established, while the analytical method was used to determine their mutual conditioning and reveal new facts, their relations or consequences. Content analysis implies research and consideration of a large number of legal sources, bearing in mind the various bodies of the Union and their powers to enact binding acts as well as documents which, although not binding, have significance for the creation of the policy of the Union and its members. In addition to acts adopted by its bodies, the European Union signs and accedes to international agreements that are adopted under the auspices of other international organizations, primarily the United Nations and the Council of Europe (Woschke et al., 2017). All these rules form the legal framework for the fight against high- tech crime. In this sense, for the purposes of writing this paper, the following texts were analyzed:

-        Communiqué on creating a safer information society by improving the security of information infrastructure and combating computer crime, (COM (2000) 890 final)

-        Framework Decision on combating fraud and counterfeiting of non- cash means of payment, 2001/413/JHA

-        Communication on Network and Information Security: Proposal for an EU Policy Approach (COM (2001)298 final)

-        Communication on a strategy for a secure information society (COM (2006)251 final)

-        Communication on combating spam, spyware and malware (COM (2006)688 final)

-        Regulation EU/460/2004 establishing the European Network and Information Security Agency (ENISA)

-        EU Framework Decision 2005/222/JHA on attacks on information systems,

-        Directive 2002/58/EC on the processing of personal data and protection of privacy in the electronic communications sector,

-        Decision 2001/413/JHA on the fight against fraud and counterfeiting of non-cash means of payment,

-        EU Framework Decision 2004/68/JHA on the sexual exploitation of children and child pornography in relation to child pornography published using information systems

-        EU Framework Decision 2008/913/JHA Decision on the fight against racism and xenophobia,

-        Directive 2006/24/EC on the retention of data in connection with the provision of public electronic communication services,

-        Framework Decision 2005/222/JHA on attacks on information systems,

-        European Security Strategy "The European Internal Security Strategy in Action: Five Steps to a Safer Europe",

-        Directive 2013/40/EU on attacks on information systems,

-        European Security Strategy "A Safer Europe in a Better World"

-        Proposal for a Regulation on ensuring access to and preservation of evidence COM(2018) 225 final- 2018/0108(COD) and

-        Proposal for the Directive on the appointment of legal representatives COM/2018/226 final - 2018/0107 (COD),

-        Directive EU/ 019/713 about the fight against fraud and the facsification of non-cash means of payment

-        Regulation EU/2019/881 on ENISA (European Agency for Cyber Security) and information and communication technologies on cyber security certification and amendments to Regulation EU/526/2013.

After determining the starting points, classification of data according to nature or properties was started. The synthesis of the collected knowledge and the presentation of the research results are given in the form of the conclusion that the Union, in accordance with its powers, is working to create a coherent legal framework that obliges various actors to act.

Results of work with discussion

The development of the information society and new technologies have contributed to competitiveness, economic growth and easier employment within the Union, but they have also exposed legal and natural persons to the risk of cyber attacks. And, while the Council of Europe and the United Nations worked rapidly to define high-tech crime and develop a methodology to combat it, the European Union did not show any interest in this area, as if it was waiting to see the outcome of the activities that took place under the auspices of the aforementioned two organizations (Savić et al., 2021). It is only later that it begins to adopt legislation that has as its theme the fight against high-tech crime. Over time, the work of the EU to regulate the framework for the safe use of computers and virtual space is becoming more and more important because a safe Internet space is of key importance for the functioning and development of the internal market (De Hert et al, 2006). The basis for this is found in Article 16 of the Treaty on the Formation of the EU (TFEU), also known as the Treaty of Lisbon, which introduces a special legal basis for the adoption of rules related to the protection of individuals with regard to the processing of personal data by the institutions of the Union, by the states member states when performing activities that fall within the scope of Union law, and the rules relating to the free movement of such data. Since the Union has above all a political-economic character, its basic areas of action are the cooperation of police and judicial bodies in that fight and the development of international cooperation, but also the adoption of domestic legal norms in the member states that will create adequate and effective legal instruments for combating cybercrime, which will be applicable, rational, efficient and fair (Bejatović, 2012).

The first document adopted in 2001, entitled "Communiqué on the creation of a safer information society by improving the security of information infrastructure and combating computer crime", proposes cooperation in many areas, and in particular the amendment of the legislation, which would cover high-tech crimes and harmonize the criminal policy of the members regarding those actions, as well as mutual recognition of pronounced judgments. This was an important, first step, because until then in many countries crimes related to high-tech crime did not exist (Harris & Patten, 2014). The importance of the cooperation of all interested parties in the collection and preservation of evidence was also mentioned, because it is not an issue that only concerns the judicial authorities, but also the economy and individuals. The communiqué set in this way led to the initiation of a series of activities and the adoption of new documents, the first of which was the Framework Decision on the fight against fraud and the fasification of non-cash means of payment, which protected all payments within the Union.

The EU Agency for the Cooperation of Judicial Institutions of the Member States in Criminal Matters (EUROJUST) was established to fight against cross-border crime and organized criminal groups. As part of the mandate of EUROJUST, a unit for cooperation between prosecutor's offices was established to combat various forms of crime, including cybercrime. An agreement was reached on the issuance of the European Arrest Warrant (EAW). The mechanism for issuing and responding to the European arrest warrant is one of the most important instruments that accelerates and enhances European judicial cooperation. Among the crimes for which an EAW can be issued are cybercrime, fraud during non- cash payments and forgery (Wennerström, 2010).

The Communication on Network and Information Security (COM (2001)298 final) is the first formulated proposal for EU policy. Cybersecurity policy has since been developed through a series of actions, representing a strategy for a secure information society, combating spam, spyware and malware and leading to the creation of the European Network Security Agency (ENISA) in 2004. In addition to the concrete solutions that were offered for the observed problems, the importance of these activities was in raising awareness of the importance of Internet security problems, cooperation and more responsible use of information technologies. The communications were the basis for the adoption of new documents that were created to prevent the commission of the act or to prevent the occurrence of significant consequences.

EU Framework Decision 2005/222/JHA on attacks on information systems of February 24, 2005 sets as its main goal the improvement of cooperation between judicial and other competent authorities, including the police and other specialized law enforcement services, through the convergence of national rules of criminal law in areas of attacks on information systems. The decision provided for a deadline of two years for its implementation, thus highlighting the urgency in the actions of the competent authorities of the member states in order to improve cooperation and begin to exchange all relevant information and establish operational contact points that work non-stop. It represents an attempt to overcome significant gaps and differences in national laws, which hindered police and judicial cooperation in the fight against organized crime and terrorism. The decision follows the approach taken by the Council of Europe Convention, and requires EU member states to criminalize intentional, illegal access to information systems, illegal interference with the system and illegal downloading of data. Such acts must be punished by effective, proportionate and dissuasive criminal penalties, and a criminal offense in the context of a criminal organization, which causes significant loss or affects important interests, must be considered an aggravating circumstance.

The EU addressed spam for the first time in its Directive 2002/58/EC on privacy and electronic communications relating to the processing of personal data and the protection of privacy in the electronic communications sector, stating that the single market requires a harmonized approach in this area because the volume of spam mail can cause difficulties for electronic communication networks and equipment. In doing so, it is not relevant whether subscribers of websites or electronic bulletin boards are violated by unsolicited communication for direct marketing purposes, by means of automated calling machines, faxes and e-mails, or SMS messages. In parallel with data protection and the fight against fraud and counterfeiting of non-cash means of payment, the European Union fights against sexual exploitation of children and child pornography published using information systems and against any form of racism and xenophobia.

This was followed by the adoption of several recommendations to the members in different forms, the most significant of which was Directive 2006/24/EC on the retention of data in connection with the provision of public electronic communication services and amendments to Directive 2002/58/EC, which was an important step towards the establishment of a harmonized system for the collection and storage of traffic data in the EU, and Framework Decision 2005/222/JHA on attacks on information systems. The directive was adopted on the basis of the conclusions of the Council for Justice and Internal Affairs of December 19, 2002, in which it was particularly emphasized that, due to the significant growth of opportunities provided by electronic communications, data related to the use of electronic communications is a valuable tool in prevention, investigation, detection and prosecution of criminal acts, especially organized crime. The Framework Decision, on the other hand, was an attempt by the European Union to achieve a minimum level of convergence with regard to three computer crimes (illegal access to information systems, illegal interference of systems, illegal interference of data), the definitions of which are largely based on those of the Council Convention of Europe on cybercrime. However, it is surprising that the Framework Decision did not reach a higher level of convergence than the Council of Europe Convention in terms of applicable sanctions (Branicki, 2018). Article 6 of the Framework Decision foresees a series of "minimum-maximum" sanctions, which for illegal interference of the system and illegal interference of data must be between 1 and 3 years in prison. Member States were asked to implement these provisions by the end of 2007. Despite various documents and attempts to create a coherent system that would make it easier for members to connect, cooperate and harmonize activities in protecting individuals, companies and institutions from cyber attacks, significant results were absent due to the structure and organization of the European Community. With the adoption of the Treaty on the Functioning of the European Union (Lisbon Treaty - UFEU), the Union was given new powers and opportunities to act in the field of internal security. Immediately after the entry into force of the Lisbon Treaty, the Stockholm Program was adopted in 2009 and the Internal Security Strategy in early 2010 (Nikodinovska-Stefanovska, Đurovski, 2012). At the end of 2010, the European Commission, in cooperation with the European Parliament and the Council of the European Union, produced a document entitled "The European Internal Security Strategy in Action: Five Steps to a Safer Europe".

The most ambitious EU instrument adopted during that period is the Directive on attacks on information systems (2013/40/EU) of August 12, 2013, which strengthens network and information security (NIS) and introduces the obligation to report incidents for the private sector (including operators basic services and digital services). The directive prescribes measures to ensure a high common level of network and information security throughout the Union, which requires member states to develop a national strategy for network and information security (NIS), as well as a cooperation plan that enables the implementation of NIS. The members are obliged to form expert national teams, first of all a team responsible for computer incidents (Computer Emergency Response Team - CERT), which upon establishment cooperate with police agencies on the prevention, detection and response to cyber attacks, but also with the task of developing national plans for unforeseen situations. CERT-EU was established for EU institutions in 2012. The European information sharing and alert system (EISAS) is being developed as a network of contacts between members and other relevant bodies. In the member states, National Competent Authorities are formed, as the most important domestic institutions with the task of monitoring the implementation of the Directive at the national level and cooperating with the same bodies of other member states, security services and data protection bodies, as well as to act on received notifications of incidents that they are instructed by the public administration and public operators of telecommunication and information services. In addition to the two basic bodies, each member state can form: the Information Security Authority (IAA), the TEMPEST Authority (TA), the Cryptographic Solution Approval Authority (CAA) and the Cryptographic Material Distribution Authority (CDA).

The national security strategy represents the general programmatic standpoint of a state in the area of its security (Nedeljković, Forca, 2018). The EU adopted the European security strategy "A safer Europe in a better world" (A safer Europe in a better world, European security strategy) in 2013 with the aim of strengthening the cyber security of public administration and critical infrastructure, in which it emphasizes the need for the development of a strategic culture for early and quick interventions in situations where security is threatened in any way. The strategy has three chapters: analysis of the security environment, in which global challenges and key threats are presented; defining strategic goals and assessing political implications for Europe and aimed at fighting high-tech crime by focusing on partnership with the economy and building capacity within member states to counter cyber attacks (Carrapico, Barinha, 2018). In 2013, within the framework of the existing structures of EUROPOL, the Union established the Criminal Center for High Technologies (E/C3), through which member states and institutions of the Union build and improve operational and analytical capacities for conducting investigations and cooperation with international partners. The center cooperates with the European Network and Information Security Agency (ENISA) as well as the network of national teams for computer incidents (CERTs). The European Agency for Network and Information Security (ENISA) was established in 2004 by Regulation of the European Commission and the Council No. EC/460/2004 with a limited mandate that has been extended since that day. In April 2019, a new Regulation was adopted renaming ENISA to the European Cyber Security Agency and giving it new powers and adding new bodies. The headquarters of the Agency is in Athens, it has the status of a legal entity, and it is financed from funds from the European Union budget, funds from third countries that participate in the work of the Agency, as well as donations from member states in money or in kind. The original task of ENISA to carry out tasks for the purpose of establishing a high level of network and data security in the European Union, raising awareness of information security and developing and promoting a culture of network and data security for the benefit of citizens, consumers, businesses and public authorities of the European Union has been expanded in terms of cyber certification security. Since 2019, there is also a permanent body of National Liaison Officers, and ENISA is responsible for the cybersecurity certification scheme for products, services and processes to support the Digital Single Market.

The Council of the European Union, in June 2017, approved the Cyber Diplomacy Toolkit with the ultimate goal of strengthening EU activities and enhancing a coordinated response in case of cyber attacks against European targets. The most important actors in this area, according to that set, are: the European Network and Information Security Agency (ENISA), the European Police Office (EUROPOL) including the European Cybercrime Center (E/C3) and the European Defense Agency (EDA). The European Commission, the EU's executive body, is involved in the formulation of the Union's cyber security policy, priorities and objectives through the Directorate General for Home Affairs (DG Home) which is responsible for police and criminal justice cooperation and oversees the activities of Europol, while its part is in charge of DG Connect for the protection of critical infrastructure and supervises the activities of ENISA. The EDA is in charge of further developing the EU's cyber capabilities together with the EU Military Staff (EUMS). The Judicial Cooperation Unit (EUROJUST) has a role in the fight against cybercrime by facilitating cooperation between prosecutors. The two-year project COURAGE (Cybercrime and Cyberterrorism European Research Agenda) from the EU's Seventh Framework Program delivered a comprehensive research agenda and coordinated roadmap based on collaboration with 17 organizations from 12 European countries on the ground. The final results of the project published in May 2016 identified missing solutions for better application of existing rules and recommended their correction (Jerman-Blažič et al, 2016).

In 2018 the European Commission presented the basis for two sets of negotiations, with the United States (USA) and for the Second Additional Protocol to the "Budapest" Convention of the Council of Europe on cybercrime. Both documents provide for strong data protection and privacy measures, and concern the provision of cross-border access to electronic evidence in criminal investigations. In the negotiations with the USA, it is proposed to introduce a binding European production order and a European evidence preservation order.¹⁷ Both orders must be issued or certified by a judicial authority of the Member State. An order may be issued to request the retention or production of data stored by a service provider located in another country, which is required as evidence in criminal investigations or proceedings. The second act introduces the obligation for service providers to appoint a legal representative in the Union who will ensure the reception, compliance and execution of decisions so that competent national bodies can collect evidence in criminal proceedings. The resulting reduction of obstacles would ensure better functioning of the internal market in a manner consistent with the development of the common area of freedom, security and justice.

A significant step forward in the fight against cybercrime is Directive 2019/713/EU on fraud in non-cash payments, which updates the legal framework, removes obstacles to operational cooperation and increases prevention and assistance to victims, in order to actions to enforce the law against fraud and forgery of non-cash means of payment were more effective. The last in a series of acts related to internet security is the Temporary Regulation for regulating the processing of personal and other data with the aim of combating sexual abuse of children from September 10, 2020, created on the basis of Directive 2002/58/ EC.

The Republic of Serbia adopted the Law on the Organization and Competence of State Authorities for the Fight against High-Tech Crime (VTK Law) in 2005, which established an institutional framework for the fight against cybercrime, as the Law provided for the formation of a specialized unit of the Ministry of Interior, as well as special judicial and prosecutorial bodies. for the fight against high-tech crime, the Special Prosecutor's Office for high-tech crime as part of the Higher Public Prosecutor's Office in Belgrade, the High Court as a first-instance court, and the Court of Appeal in Belgrade as a second-instance judicial body. The law was passed after the adoption of the Budapest Convention and the Additional Protocol was harmonized with them, which started the application of international standards important for this area. The Criminal Code of the Republic of Serbia, adopted in 2005, introduces computer crimes into the legal system. At the beginning of 2009, the National Assembly of the Republic of Serbia ratified the Budapest Convention and the Additional Protocol by means of special laws, but also adopted new and supplemented the existing legal and by-laws of importance. In the screening report for Chapter 24 "Justice, Freedom, Security" which was done in 2014, the European Commission found that Serbia is among the countries where the risk of cyber attacks is higher, which is why it is necessary to continue work on training competent bodies for combat against those attacks, but also on raising users' awareness of the risks they are exposed to (Krivokapić, Petrovski, 2016).

The Law on Electronic Communications regulates for the first time the conditions and manner of performing activities in the field of electronic communications, the competence of state authorities, as well as the protection of the rights of users and subscribers, the security and integrity of electronic communication networks and services, the secrecy of electronic communications, the lawful interception and retention of data, as well as other issues of importance for the functioning and development of electronic communications in the Republic of Serbia. The law was adopted with the intention of protecting users' privacy from unauthorized access to their digital records and data from their profiles (Darijević, 2021).

In addition to legal and by-laws, the Information Society Development Strategy 2010 - 2020 was adopted and the Serious and Organized Crime Threat Assessment (SOCTA) was carried out in 2015. The assessment is a strategic document that considers various forms of serious and organized crime, including cybercrime, which provides the basis for the operational work of the police in accordance with existing trends (Krivokapić, Petrovski, 2016; Đukić, 2018).

Conclusion

Information security is defined as a set of measures that enable data handled through computer systems to be protected from unauthorized access, as well as to protect the integrity, availability, authenticity and non-repudiation of that data, so that the system functions as intended, when intended. and under the control of authorized persons. Since the EU, unlike some other organizations, does not have the capacity to provide direct assistance to members under cyber attack, it acts as an intermediary to help share knowledge and experience and support the adoption of best practices for individual problems. The role that the EU has in terms of training, cooperation and connecting members in the fight against high-tech crime, as well as the private-public partnership that proves to be indispensable in the successful discovery, collection and preservation of evidence, which is the basic mode of action in the Union, increases the importance of the EU in the fight against cyber crime. Relying on the powers granted by the Treaty of Lisbon (TFEU), the Union systematically creates a unique legal framework that fully identifies those responsible for countering cyber attacks, harmonizes and complements the substantive and procedural criminal law of the members, and thus strengthens the internal security system of the Union as a whole.

Serbia has signed the Council of Europe Convention on Cybercrime and has largely harmonized its legislation with the 2013 Directive on Attacks on Information Systems. Amendments to the law are needed, especially in the part related to securing and collecting evidence and sanctions, so that the legislation is fully harmonized with EU regulations. In the Report on Serbia's progress in 2014 and 2015, the EU Commission pointed out that it is necessary to further harmonize the legal framework related to child pornography. One of the demands was the adoption of a strategy on high-tech crime. With the Action Plan for Chapter 24, the Government of Serbia has provided measures that will harmonize its laws with the legislation and standards of the European Union for the fight against high-tech crime through the analysis of the existing legal framework, the drafting of laws and other regulations based on the analysis in order to improve organizational, human and technical capacities authorities in charge of combating high-tech crime, and above all training of employees in the Special Public Prosecutor's Office and the police unit for high-tech crime. The action plan for Chapter 24 foresees additional specialized training in order to strengthen the capacities of state bodies responsible for the fight against high-tech crime. Within the High-tech Crime Department of the Ministry of Interior, specialized units for investigations of credit card abuse, internet commerce and internet banking and a unit for suppressing illegal and harmful content on the internet were established, which should contribute to better conducting investigations and gathering evidence. With the mentioned amendments to the legislation and the establishment of national bodies, Serbia has fulfilled the minimum conditions stipulated by the legal framework of the Union for combating cyber attacks.