Cybercrime
,
Fraud Management & Cybercrime
,
Standards, Regulations & Compliance
US to Advocate for Human Rights Safeguards from Supporting Member Nations
The Biden administration plans to back a United Nations cybercrime convention originally proposed by Russia despite mounting criticism from Western technology and cybersecurity firms over fears it could criminalize security research and expand police surveillance.
See Also: OnDemand | Strengthen Cybersecurity with a Multi-Layered 3-2-1-0 Data Protection Strategy
Negotiations on the UN cybercrime treaty, underway since 2017, concluded in July. The head of the Cybersecurity Tech Accord – which represented over 150 global tech and cybersecurity firms involved in the talks – said at the time that the United States and European Union were “failing to take on board many of the key concerns of the private sector or civil society” (see: Tech Orgs: UN Cybercrime Treaty Will Worsen Global Security).
Senior administration officials acknowledged concerns from industry but told reporters during a recent media briefing that the convention “has the potential to make some improvements in international law enforcement cooperation to fight cybercrime.” The officials added that the U.S. will continue supporting the convention while advocating for human rights safeguards from member nations and organizing further engagements with stakeholders to determine how “to mitigate the risks and address identified examples of misuse of the convention.”
In January, Human Rights Watch and over 100 international groups issued a joint statement ahead of the final negotiation round, urging member nations to reject the cybercrime convention “absent meaningful changes.”
The statement said the treaty “fails to incorporate language sufficient to protect security researchers, whistleblowers, activists and journalists from excessive criminalization” and remains “over-broad in the scope of the range of the activities it requires states to criminalize” (see: Tech Orgs Feel ‘Abandoned’ as UN Finalizes Cybercrime Treaty).
Russia initially proposed U.N.-led negotiations for a new cybercrime treaty in 2017 despite U.S. opposition and the presence of the Budapest Convention on Cybercrime, a treaty in force since 2004 and ratified by over 50 countries across Europe, North America, Japan, Australia, and much of South America. The U.N. General Assembly approved the start of talks in December 2019, as experts warned the proposal was part of Russia’s broader efforts to gain influence in cyberspace and international cybersecurity regulations.
Major tech companies like Microsoft submitted statements to the U.N. during negotiations stating that they remained “gravely concerned with the revised draft text” and were “disappointed” that key issues remain unresolved.
“After nearly three years of negotiations and with only one session remaining, states have not yet reached consensus on some of the most fundamental issues, including the very purpose and scope of the Convention,” Microsoft stated.
Security researchers have raised concerns that the cybercrime convention could result in children being charged with distributing child sexual abuse materials for sharing their own selfies. They also caution that provisions in the treaty could endanger security researchers, journalists, and their sources, leaving them vulnerable to prosecution. Experts have also previously told Information Security Media Group that existing international treaties, such as the U.N. Convention Against Organized Transnational Crime and the Council of Europe’s Budapest Convention, should be more effectively enforced worldwide to combat the growing threat of cybercrime.