Cyber Crime Conventions

The following international conventions and protocols are relevant in the field of cyber crime:

COUNCIL OF EUROPE

• Budapest Convention on Cybercrime (2001) – first international agreement which aims to reduce computer-related crime by serving as a guideline for any country wanting to develop national laws against cybercrime and aims at increasing international cooperation.
• Protocol on Xenophobia and Racism committed through computer systems. (2003) – follows the Convention.
• Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse (2007) – Contains relevant provisions restricting the use of computer technology to access child pornography (Article 21(1)(f)), to distribute child pornography (Article 30(5)) or to solicit children for sexual purposes (Article 23).

The following table provides for the countries who have signed and ratified the Budapest Convention:

Chart of signatures and ratifications of Treaty 185

Convention on Cybercrime

Status as of 13/03/2020

Title	Convention on Cybercrime
Reference	ETS No.185
Opening of the treaty	Budapest, 23/11/2001  – Treaty open for signature by the member States and the non-member States which have participated in its elaboration and for accession by other non-member States
Entry into Force	01/07/2004  – 5 Ratifications including at least 3 member States of the Council of Europe

State who signed State who ratified State who neither signed nor ratified State who suspended State who denounced

Members of Council of Europe
	Signature	Ratification	Entry into Force	Notes	R.	D.	A.	T.	C.	O.
Albania	23/11/2001	20/06/2002	01/07/2004				A.
Andorra	23/04/2013	16/11/2016	01/03/2017		R.	D.	A.
Armenia	23/11/2001	12/10/2006	01/02/2007				A.
Austria	23/11/2001	13/06/2012	01/10/2012		R.	D.	A.
Azerbaijan	30/06/2008	15/03/2010	01/07/2010		R.	D.	A.	T.
Belgium	23/11/2001	20/08/2012	01/12/2012		R.	D.	A.
Bosnia and Herzegovina	09/02/2005	19/05/2006	01/09/2006				A.
Bulgaria	23/11/2001	07/04/2005	01/08/2005		R.	D.	A.
Croatia	23/11/2001	17/10/2002	01/07/2004				A.
Cyprus	23/11/2001	19/01/2005	01/05/2005				A.
Czech Republic	09/02/2005	22/08/2013	01/12/2013		R.	D.	A.
Denmark	22/04/2003	21/06/2005	01/10/2005		R.		A.	T.
Estonia	23/11/2001	12/05/2003	01/07/2004				A.
Finland	23/11/2001	24/05/2007	01/09/2007		R.	D.	A.
France	23/11/2001	10/01/2006	01/05/2006		R.	D.	A.
Georgia	01/04/2008	06/06/2012	01/10/2012			D.
Germany	23/11/2001	09/03/2009	01/07/2009		R.	D.	A.
Greece	23/11/2001	25/01/2017	01/05/2017		R.	D.	A.
Hungary	23/11/2001	04/12/2003	01/07/2004		R.	D.	A.
Iceland	30/11/2001	29/01/2007	01/05/2007		R.		A.
Ireland	28/02/2002
Italy	23/11/2001	05/06/2008	01/10/2008				A.
Latvia	05/05/2004	14/02/2007	01/06/2007		R.		A.
Liechtenstein	17/11/2008	27/01/2016	01/05/2016		R.	D.	A.
Lithuania	23/06/2003	18/03/2004	01/07/2004		R.	D.	A.
Luxembourg	28/01/2003	16/10/2014	01/02/2015				A.
Malta	17/01/2002	12/04/2012	01/08/2012			D.
Monaco	02/05/2013	17/03/2017	01/07/2017				A.
Montenegro	07/04/2005	03/03/2010	01/07/2010	55	R.		A.
Netherlands	23/11/2001	16/11/2006	01/03/2007				A.	T.
North Macedonia	23/11/2001	15/09/2004	01/01/2005				A.
Norway	23/11/2001	30/06/2006	01/10/2006		R.	D.	A.
Poland	23/11/2001	20/02/2015	01/06/2015		R.		A.
Portugal	23/11/2001	24/03/2010	01/07/2010			D.	A.
Republic of Moldova	23/11/2001	12/05/2009	01/09/2009			D.	A.	T.
Romania	23/11/2001	12/05/2004	01/09/2004				A.
Russian Federation
San Marino	17/03/2017	08/03/2019	01/07/2019				A.
Serbia	07/04/2005	14/04/2009	01/08/2009	55			A.
Slovak Republic	04/02/2005	08/01/2008	01/05/2008		R.	D.	A.
Slovenia	24/07/2002	08/09/2004	01/01/2005				A.
Spain	23/11/2001	03/06/2010	01/10/2010			D.	A.
Sweden	23/11/2001
Switzerland	23/11/2001	21/09/2011	01/01/2012		R.	D.	A.
Turkey	10/11/2010	29/09/2014	01/01/2015
Ukraine	23/11/2001	10/03/2006	01/07/2006		R.	D.	A.
United Kingdom	23/11/2001	25/05/2011	01/09/2011		R.		A.
Non-Members of Council of Europe
	Signature	Ratification	Entry into Force	Notes	R.	D.	A.	T.	C.	O.
Argentina		05/06/2018 a	01/10/2018		R.		A.
Australia		30/11/2012 a	01/03/2013		R.		A.
Benin				4
Brazil				4
Burkina Faso				4
Cabo Verde		19/06/2018 a	01/10/2018				A.
Canada	23/11/2001	08/07/2015	01/11/2015		R.	D.	A.
Chile		20/04/2017 a	01/08/2017		R.	D.	A.
Colombia				4
Costa Rica		22/09/2017 a	01/01/2018			D.	A.
Dominican Republic		07/02/2013 a	01/06/2013			D.	A.
Ghana		03/12/2018 a	01/04/2019				A.
Israel		09/05/2016 a	01/09/2016		R.		A.
Japan	23/11/2001	03/07/2012	01/11/2012		R.	D.	A.
Mauritius		15/11/2013 a	01/03/2014				A.
Mexico
Morocco		29/06/2018 a	01/10/2018				A.
Nigeria				4
Panama		05/03/2014 a	01/07/2014				A.
Paraguay		30/07/2018 a	01/11/2018				A.
Peru		26/08/2019 a	01/12/2019		R.	D.	A.
Philippines		28/03/2018 a	01/07/2018				A.
Senegal		16/12/2016 a	01/04/2017				A.
South Africa	23/11/2001
Sri Lanka		29/05/2015 a	01/09/2015		R.		A.
Tonga		09/05/2017 a	01/09/2017				A.
Tunisia				4
United States of America	23/11/2001	29/09/2006	01/01/2007		R.	D.	A.

Total number of signatures not followed by ratifications	3
Total number of ratifications/accessions	64

Notes

• (55) Date of signature by the state union of Serbia and Montenegro.
• (4) Since 2013 the decision to invite a non-member State to accede to the treaty is valid five years as from its adoption. See the following Chart.

Key – a: Accession s: Signature without reservation as to ratification su: Succession r: Signature “ad referendum”.
R.: Reservations D.: Declarations, Denunciations, Derogations A.: Authorities T.: Territorial Application C.: Communication O.: Objection.

Source : Treaty Office on http://conventions.coe.int – * Disclaimer.

UNITED NATIONS

• United Nations Convention Against Transnational Organized Crime (2000)e. Palermo Convention – Creates obligations on state parties to enact domestic criminal offenses which target organized criminal groups and to adopt new frameworks for extradition, mutual legal assistance, and law enforcement cooperation. Although the treaty does not explicitly address cybercrime, its provisions are highly relevant.
• Convention on the Rights of the Child (1989) – Article 34 of the Convention provides that the state parties should protect children from all forms of sexual exploitation and abuse, including prostitution and pornography.
• Optional Protocol to the Convention on the Rights of the Child (2001) – This protocol follows the CRC Convention and addresses the sale of children, child prostitution, and child pornography. Article 3(1)(c) prohibits the production, distribution, dissemination, sale, and possession of child pornography.  The Preamble mentions the Internet as a means of distribution of child pornography.  The definition of child pornography, set forth in Article 2(3), is broad enough to encompass virtual images of children.

Additional Initiatives of UN

• Member States called for an Un Convention on Cybercrime in the 11^th Crime Congress (Bangkok 2005) but it was decided to not initiate this process.
• It was in the 12^th Crime Congress (Salvador 2010) that Member States took a decision to undertake a comprehensive study of the problem of cybercrime along with responses to it.
• In 2010, Commission on Crime Prevention and Criminal Justice (CCPCJ) requested to conduct a comprehensive study of the problem of cybercrime along with responses to it. The General Assembly (GA) adopted a resolution (A/RES/65/230) on recommendation of Economic and Social Council (EcoSoc), where it requested the CCPCJ to establish an open-ended intergovernmental expert group to conduct such a study.
  • 1^st session of the group – Vienna from 17 to 21 January 2011 – it reviewed and agreed on a collection of topics as well as adopted a methodology for the study.
  • 2^nd session – 25 to 28 February 2013 – The group took note of the study which was prepared by the United Nations Office on Drugs and Crime (UNODC)
  • 3^rd session – Vienna from 10-13 April 2017

Global Programme on Cybercrime

According to General Assembly resolution 65/230 and Commission on Crime Prevention and Criminal Justice resolutions 22/7 and 22/8, the Global Programme on Cybercrime is mandated to assist Member States in their struggle against cyber-related crimes through capacity building and technical assistance. This programme follows the , UNODC’s open-ended intergovernmental expert group whose work was to exchange information on national legislation, best practice, technical assistance and international cooperation.

The Global Programme on Cybercrime is funded entirely through the kind support of the Governments of Australia, Canada, Japan, Norway, UK and USA.

• Objectives & Geographic scope

The Global Programme is designed to answer to the recognized needs in developing countries by supporting the Member States to help prevent and combat cybercrime in a holistic manner. The main geographic areas that this Cybercrime Programme in 2017 caters to are Central America, Eastern Africa, MENA and South East Asia & the Pacific with key objectives of:

• Increasing efficiency and effectiveness for the investigation, prosecution and adjudication of cybercrime, especially with reference to online child sexual exploitation and abuse, within a strong human-rights framework;
• Efficient and effective long-term governmental response to cybercrime, including national coordination, data collection and effective legal frameworks, which will lead to a sustainable response and greater deterrence;
• Strengthening national and international communication between governments, law enforcement and the private sector along with increasing public knowledge of cybercrime risks.

The African Union also has a convention on Cyber Security and Personal Data Protection.

• Link to the Convention: https://au.int/sites/default/files/treaties/29560-treaty-0048_-_african_union_convention_on_cyber_security_and_personal_data_protection_e.pdf
• Link providing Countries that have signed and ratified: https://au.int/sites/default/files/treaties/29560-sl-AFRICAN%20UNION%20CONVENTION%20ON%20CYBER%20SECURITY%20AND%20PERSONAL%20DATA%20PROTECTION.pdf

UN CONVENTION ON CYBERCRIME

In December 2019, the UN passed a Russian-led resolution on Cybercrime known as ‘Countering the use of information and communications technologies for criminal purposes’.

This draft was introduced in the 44^th meeting on 7^th November, 2019. A revised draft of this resolution was placed before the Committee on 18^th November, 2019 (50^th meeting) by the sponsors of the draft resolution along with other Member States (including India). The Committee adopted the resolution at this meeting aby a vote of 88 to 58, with 34 abstentions. (India was in favour).

The committee will review this resolution in August 2020 in order to proceed forward for passing a new convention on cybercrime. However, according to various articles, there are some serious concerns with this draft resolution including Human Right concerns. Some concerns are that the term Information and computer technologies is very vague and will be in favour of authoritative governments. In addition, the concerns regarding Budapest Convention should be focused on rather than passing a new treaty and stalling the progress of the already existing Convention.

Links to the articles:

https://www.cfr.org/blog/new-un-cybercrime-treaty-way-forward-supporters-open-free-and-secure-internet

https://www.euractiv.com/section/digital/news/un-backing-of-controversial-cybercrime-treaty-raises-suspicions/

There has also been a letter addressed to the UN General Assembly by various Ngo’s expressing their concerns over the same.

Link to the article: https://www.apc.org/en/pubs/open-letter-un-general-assembly-proposed-international-convention-cybercrime-poses-threat-human