The United Nations has finalized a draft for a new cybercrime convention, marking the first multilateral anti-crime treaty in over 20 years and the first UN Convention against cybercrime. This draft, expected to be adopted by the General Assembly later this year, aims to become the first global legally binding instrument on cybercrime. The convention has been developed over five years with input from UN Member States, civil society, academic institutions, and the private sector, with the United Nations Office on Drugs and Crime (UNODC) serves as the negotiations’ secretariat.
The convention addresses the growing threats in cyberspace, such as terrorism, drug trafficking, and other criminal activities facilitated by technology. It aims to enhance international cooperation, law enforcement efforts, technical assistance, and capacity-building related to cybercrime.
The Ad Hoc Committee established by the UN General Assembly led the development of the convention, holding multiple sessions to negotiate the text. However, the negotiation process has been contentious, with disagreements over the treaty’s scope and concerns about balancing security with human rights.
Several civil society organizations, like Access Now and the Electronic Frontier Foundation (EFF), have raised concerns that the treaty could potentially infringe on human rights and be used to suppress political dissent if not adequately safeguarded. According to Access Now the current draft cybercrime convention has serious flaws that could legitimize harmful surveillance, undermine human rights, and hurt security researchers and whistleblowers around the world
Despite these well-known challenges, states desire to reach a consensus and finalize the treaty, although some parties have already expressed that the current text may not be fit for purpose.
Main area of focus
The critical provisions of the new United Nations cybercrime treaty, as outlined in the draft text, include several vital areas of focus:
Substantive Cybercrime Provisions: The treaty aims to establish clear definitions and categories of cybercrime, distinguishing between cyber-dependent crimes (those that can only be committed using information and communication technologies) and cyber-enabled crimes (traditional crimes that the use of ICTs has transformed)
International Cooperation: A significant component of the treaty is enhancing international cooperation and coordination between states to tackle cybercrime. This includes facilitating cross-border investigations and prosecutions, sharing of information, and mutual legal assistance.
Access to Digital Evidence: The treaty includes provisions for law enforcement authorities to access potential digital evidence across borders. This is intended to aid in the investigation and prosecution of cybercrimes.
Human Rights and Procedural Safeguards: There is an emphasis on ensuring that measures to combat cybercrime do not infringe on human rights, including privacy and freedom of expression. However, this is the main area of discussions and concerns as there is definitly the potential for the treaty to be too broad, which could lead to abuses of power by states.
Technical Assistance and Capacity Building: The treaty seeks technical assistance and builds capacity in states, particularly developing countries, to counter cybercrime effectively. This involves addressing global resource disparities and developing the skills to tackle such crimes.
As cyber threats continue to evolve, the treaty for sure has the – heavily needed – potential to provides a mechanism for identifying and addressing new and emerging threats through an intergovernmental and multi-stakeholder process.
But for sure there is a big risk for misuse with regards to human rights and privacy, as some provisions could lead to intrusive surveillance and data access. Therefore, balancing security measures with human rights safeguards will be for sure crucial in the treaty’s implementation.