Russian and US relations continue to be fraught, with confrontational rhetoric from both sides on a weekly basis. The tension between the two states is not limited to any one issue or arena of conflict, and encompasses potential war in Ukraine, traditional and cyber-espionage, disinformation campaigns and economic sanctions. One battlefield that has received less attention, however, is extradition: a formal legal process for achieving criminal justice, but too often abused by states to pursue political enemies or to further their domestic or foreign policy agendas. Sadly, this is almost always at the expense of fairness, transparency, and the rule of law.
From 2015, a new platform of proxy fighting emerged between Russia and the USA: extradition for cyber-crime. A Russian foreign national, domiciled in a third country would be charged in the US for committing an offence against US interests, such as money laundering or hacking. In the usual way, the US would issue an extradition request to the third country and legal proceedings would begin in that jurisdiction. However, the Russian authorities would then respond by issuing a ‘counter-request’ alleging that their citizen had committed a different, usually very minor, offence under Russian law and should, therefore, be returned to Russia instead. The Russian extradition request would appear to be a transparent effort solely intended to thwart the US. However, the Russian authorities would claim, without a trace of irony, that in fact it was the US extradition request that was a politically motivated pretext to round up Russians and obtain valuable intelligence under threat of prosecution and imprisonment. The third country would then have to decide between the competing extradition requests in accordance with its domestic law, which would usually include an element of political discretion at the end of a judicial process.
Competing extradition requests in the UK
The process for competing extradition requests in the UK is dealt with through the Extradition Act 2003 (‘EA 2003’). Section 44 governs competing Part 1 requests, for European Union Member States, in which case a District Judge (‘DJ’) must choose which request is deferred pending disposal of the other. Section 126 applies where there are competing Part 2 requests, covering non-EU States, such as the USA and Russia, and Section 179 applies where there is a Part 1 request and a Part 2 request. In either of these scenarios, the choice is for the Secretary of State (‘SoS’). In all cases, when making their decision, the DJ or the SoS must take into account the relative seriousness of the offences concerned; the place where each offence was committed (or was alleged to have been committed); the date on which each warrant was issued; and whether the person has not yet been convicted or is alleged to be unlawfully at large after conviction.
Example Extradition Hacking Cases: 2015-2021
- Vladimir Drinkman
In 2015, Russia unsuccessfully sought to block the extradition of Vladimir Drinkman, a Russian national, from the Netherlands to the US on charges of a data breach, resulting in significant financial loss over a seven-year period. Mr. Drinkman’s lawyers argued that the extradition ought to have been blocked, or his sentence commuted to the Netherlands. In 2018, Russia issued its own extradition request for Mr. Drinkman, in an attempt to delay or prevent Drinkman’s extradition. Despite lawyers for Mr. Drinkman publicly acknowledging the tension between Washington and Moscow, on February 17, 2015, Drinkman was extradited to the US, and in 2018, was sentenced to 144 months in prison.
- Yevgeniy Nikulin
In 2017, Yevgeniy Nikulin was detained in Prague, having been subject to a US extradition request for hacking of computer networks belonging to LinkedIn and Dropbox. At the time, there was no acknowledgment of a link between Nikulin’s offences and the hacking of Hilary Clinton’s presidential campaign, but his arrest came just three days prior to the Obama administration’s formal accusation against Russia of stealing emails from the Democratic National Committee and disclosing them through WikiLeaks. Russia’s response was to submit its own extradition request, whereby Nikulin faced allegations that he hacked a bank account and stole 111,000 roubles (£1,465). Once again, the US was successful. In 2018, Nikulin was extradited to the US, and in 2020, following Covid related delays in California, was sentenced to 88 months imprisonment
- Alexander Vinnik
Unusually, this case involved three competing requests. In 2018, a Greek court ordered Alexander Vinnik’s extradition to France, as opposed to US or Russia. Initially, Vinnik was detained at the request of the US, charged with running a Moscow-based Bitcoin exchange that laundered as much as $4 billion in illegal funds. The US request was then followed by a Russian counter-request for crimes committed in Russia, but which apparently had not been discovered until Vinnik was in Greece. However, it was the French request for Vinnik, charging him with money laundering, that the Greek authorities ultimately favoured. The final decision was made by the Greek justice minister Costas Tsiaras, who decided to send Vinnik to France first, and is reported to have stated that the US and Russia should be Vinnik’s second and third destinations, subsequent to necessary judicial proceedings. The precise basis of the decision to send Vinnik to France first remains unclear, however, although speculatively, it may have been the least diplomatically damaging outcome.
Does the US target Russian Cybercriminals?
The fact that the US regularly charges and subsequently requests the extradition of Russian nationals involved in cybercrime is not in dispute. Unsurprisingly, Russia claims that the charges and associated extradition requests are politically motivated, and aside from the examples cited above, of Drinkman, Nikulin, and Vinnik, there is ample support for the proposition that the US is targeting Russians abroad.
In 2020, the US Department of Justice charged six Russian intelligence officers with worldwide deployment of destructive malware, and other disruptive actions in cyberspace. Assistant Attorney General for National Security John C. Demers stated that “no country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite… No nation will recapture greatness while behaving in this way.” FBI Deputy Director David Bowdich added that “the FBI has repeatedly warned that Russia is a highly capable cyber adversary, and the information revealed in this indictment illustrates how pervasive and destructive Russia’s cyber activities truly are.” In 2021, US Deputy Attorney General Lisa Monaco expressed an intention to increase action combatting ransomware and cybercrime through arrests and other actions, in response to the “steady drumbeat” of cyberattacks by Russian nationals.
However, the key question is not whether Russian protestations about the US targeting their nationals are well-founded, which they undoubtedly are, but rather, whether the US is justified in pursuing Russian hackers or are doing so merely as a political pretext in the context of a much wider geopolitical conflict?
These examples, and recent developments, suggests that US concerns about Russian cyber activities are indeed well founded, and entirely consistent with a general consensus shared amongst Western states about Russian conduct. In October 2021, Microsoft published a report which identified Russia as responsible for 58% of all cyberattacks against other States. A notable example is the December 2020 SolarWinds attack, which saw a commercial software application hacked by Russia in order to target over 150 US and foreign organisations. More recently, and in the context of the emerging NATO, Russia conflict in Ukraine, Norwegian and Ukrainian infrastructure were both targets of a Russian cyber-attack between 14-17th January 2022. The following week, the US Department of Homeland Security warned that Russia could launch a pre-emptive cyberattack against US and NATO allies, in anticipation of military engagement on the Ukrainian border.
Exceptions to the rule?
Notwithstanding the above, the tussle between Russia and the USA in the context of extradition has in some instances played out differently. Take the example of Aleksei Burkov. In 2015, Burkov was arrested in Israel at the request of US authorities. A Russian counter-request followed soon after, and an Israeli court ruled that Burkov should be extradited to the US in 2019. Following his extradition, in 2020, Burkov was sentenced to nine years imprisonment for identify theft and money laundering. This looked to be the end of the matter, but at the end of 2021 the US agreed to deport Burkov to Moscow to face charges of card fraud and trading of confidential data.
More recently, in 2021, Denis Kaznachev was detained in Germany, on the request of US authorities on charges of money laundering. Whilst Russia raised strong objections to his extradition, describing it as inadmissible, no actual counter request was submitted.
The same approach was taken by Russia in relation to Denis Dubnikov and Vladimir Dunaev. The former was initially detained in Mexico, and then sent to the Netherlands due to perceived inadequacies with the security of the Mexican criminal detention system. No counter requests for Dubnikov’s extradition were made, as was the case for Dunaev, who was arraigned in a US court in October 2021, having been extradited from South Korea.
The reason for the change in approach from Russia remains unclear. It may be that following a series of unsuccessful requests, Russian authorities no longer consider extradition requests to be a viable tactic in preventing their citizens from being sent to the USA or, more worryingly, may consider the risk of the US authorities apprehending Russian nationals engaged in State-sponsored cyber-crime simply as the cost of doing business. It may be that the Russia/US conflict has simply moved on to another proxy battlefield.