Despite controversy, cybercrime treaty endures

As the Budapest Convention hits 10 years old this week, proponents say it is crucial in fighting cybercrime

Delegates from around the world are meeting in France this week to discuss the only international treaty dealing with cybercrime, a treaty that has come under fire from some countries but defended by others as a crucial tool in fighting electronic crime.

Wednesday marks the 10th anniversary of the Convention on Cybercrime, also known as the Budapest Convention. The treaty, which was opened for signatures in November 2001, sets guidelines for laws and procedures for dealing with Internet crime.

The treaty has formed a foundation for global law enforcement of cyberspace, requiring countries who abide by it to have uniform anti-cybercrime laws and law enforcement contacts available around the clock, among other requirements.

The Convention is overseen by the Council of Europe, an organization founded in 1949 that also oversees the European Convention on Human Rights.

Council of Europe member countries can sign the treaty, and once their national laws conform with the treaty, their national legislatures can ratify it. Countries outside the council are invited to accede to the treaty.

So far, 32 countries have either ratified or acceded, and 15 other countries have signed the treaty but not ratified yet. Another eight have been invited to accede. The pace over the last 10 years has been slow, but not unheard of for an international treaty.

Some countries, such as Russia, have not signed the treaty, with officials there expressing concern over provisions they allege violate international law norms and countries' sovereignty.

Russia, along with China, Russia, Tajikistan and Uzbekistan sent a letter in September to the U.N. asking for a resolution on a code of conduct in cyberspace, which could include provisions intended to stop terrorists' use of the Internet.

Countries including the U.S. have viewed that proposal with suspicion, believing it may be motivated by an intent to create a legal instrument that could be invoked to unfairly crack down on Internet-based dissent.

The call by Russia, however, isn't necessarily at odds with the Budapest Convention, said Alexander Seger, head of data protection and the cybercrime division of the Council of Europe.

The Budapest Convention focuses on crime, not cyberissues between nation states at a national security level, so "maybe a code of conduct will need to be negotiated," he said.

It would likely be nearly impossible to negotiate a treaty such as the Budapest Convention today because the negotiations would be too difficult, Seger said. The convention is one of the best tools available to tackle the cybercrime threat, he said.

The treaty has been essential in laying down uniform ground rules for dealing with cybercrime, which nearly always involves perpetrators in another country, said Pedro Verdelho, a prosecutor who investigated cybercrime for 11 years and taught computer crime and penal law at the Centro de Estudos Judiciarios in Lisbon.

For prosecutions to work, a computer-related offense in one country also needs to be illegal in another, which is one of the aims of the convention, Verdelho said. The treaty also dictates what kind of investigative procedures are allowed, such as data interception or computer searches.

"If you don't have the legal tools, you cannot cooperate," Verdelho said.

Cybercrime incidents in Australia almost all originate with attacks from outside the country, said Neil Gaughan, an assistant commissioner and national manager of high-tech crime operations for the Australian Federal Police (AFP).

The AFP speak "pretty much on a daily basis" with law enforcement agencies outside Australia on cybercrime issues, which the treaty has helped facilitate. Australia is expect to accede to the treaty soon after amending its law to conform with the treaty.

"It's all about international engagement," Gaughan said.

This year's conference on the treaty, which runs through Tuesday in Strasbourg, will include U.S. White House Cybersecurity Coordinator Howard Schmidt, the U.K.'s Home Office Minister for Crime and Security, James Brokenshire, and Robert McLelland, Australia's Attorney General.

Seger said the cybercrime convention's committee is expected to discuss whether to start work on recommendations for clearer rules for how data can be accessed in data centers, also known as data "in the cloud."

"The fact today with cloud computing is that law enforcement doesn't even know where the data is located," Seger said.

The discussions could revolve around issues such as how other parties should be informed and if electronic evidence obtained will be admissible in court, Seger said.

The committee could eventually issue non-binding recommendations, known as a soft-law instrument. It could also decided to add provisions onto the treaty itself as a protocol, which would require ratification by nations, Seger said.

Nonetheless, the talks would show that proponents of the Budapest Convention "are not static," Seger said.

Send news tips and comments to jeremy_kirk@idg.com

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags no companysecurity

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?