The Council of Europe's Convention on Cybercrime
Introduction | Summary of Convention | EPIC's Position | Treaty Documents | News | Government Resources | NGO Resources | Industry Comments | Papers/Law Review Articles | Conferences
EPIC Opposes Council of Europe Convention on Cybercrime. In a statement (pdf) to the Committee on Foreign Relations, EPIC has urged the United States Senate to oppose ratification of the Council of Europe Convention on Cybercrime. EPIC cited the sweeping expansion of law enforcement authority, the lack of legal safeguards, and the impact on US Constitutional rights. (July 26, 2005)
- EPIC Opposes Cybercrime Convention. In a statement to the Committee on Foreign Relations, EPIC has urged the United States Senate to oppose ratification of the Council of Europe Convention on Cybercrime. EPIC cited the sweeping expansion of law enforcement authority, the lack of legal safeguards, the impact on US Constitutional rights, and the fact that few European governments have themselves agreed to be bound by the treaty's provisions. See the Cybercrime Convention web page. (June 17, 2004)
- Senate Hearing on Convention on Cybercrime. On June 17, the US Senate Committee on Foreign Relations will hold a hearing to consider ratification of the Convention. (June 14, 2004)
In 1997, the Council of Europe (CoE) formed a Committee of Experts on Crime in Cyber-space, and met in secret for several years drafting an international treaty entitled the "Convention on Cybercrime," (the Convention) that was released in final form in June, 2001. Although thirty-four countries participated in the ceremonial act of signing the Convention in November, 2001, only six have actually ratified the Convention. No major European country has agreed to be bound by the Convention. The only countries which have ratified it are Albania, Croatia, Estonia, Hungary, Lithuania, and Romania.
On November 17, 2003, President Bush transmitted the Convention, along with the State Department's report on the treaty, to the US Senate with a view to receiving its advice and consent to ratification. To become binding on the US, the treaty requires approval of two-thirds of the Senate. When the Senate considers a treaty, it may approve it as written, approve it with specified conditions, reservations, or understandings, reject and return it, or prevent its entry into force by withholding approval. The Senate's consideration of a treaty is usually expedited, and generally takes one or two years. Now, the Senate Committee on Foreign Relations has scheduled a hearing on the Convention for Thursday, June 17.
Summary of Convention
According to the preamble, the main aim of the Convention is to pursue "a common criminal policy aimed at the protection of society against cybercrime, inter alia by adopting appropriate legislation and fostering international co-operation."
The Convention includes a list of crimes that each signatory state must transpose into their own law. It requires the criminalization of such activities as hacking (including the production, sale, or distribution of hacking tools) and offenses relating to child pornography, and expands criminal liability for intellectual property violations. It also requires each signatory state to implement certain procedural mechanisms within their laws. For example, law enforcement authorities must be granted the power to compel an Internet Service Provider to monitor a person's activities online in real time. Finally, the Convention requires signatory states to provide international cooperation to the "widest extent possible" for investigations and proceedings concerning criminal offenses related to computer systems and data, or for the collection of evidence in electronic form of a criminal offense. Law enforcement agencies will have to assist police from other participating countries to cooperate with their "mutual assistance requests."
Independent legal experts and human rights activists have continually posited objections to the Convention because it threatens core civil liberties protections currently afforded to US Citizens. Common criticisms are that the treaty fails to provide meaningful privacy and civil liberties protections, and that its scope is too broad and covers much more than computer-related crimes. The treaty also lacks a "dual criminality" provision, under which an activity must be considered a crime in both countries before one state could demand cooperation from another. Thus, the treaty would require US law enforcement authorities to cooperate with foreign police forces even when such agencies are investigating an activity that, while constituting a crime in their territory, is perfectly legal in the US. Furthermore, the drafting of the treaty has been conducted in a very secretive and undemocratic manner, and did not take human rights' groups concerns into account. For this reason, the treaty seems more like a law enforcement "wish list" than an international instrument truly respectful of human rights already enshrined in many international conventions, such as the 1948 Declaration of Human Rights and the 1950 European Convention of Human Rights. Again, no major European country has ratified this treaty at this time. The US government's support for the ratification of the Convention on Cybercrime - a treaty very controversial in Europe - appears like an attempt to obtain more powers than what it could obtain with the USA PATRIOT Act after September 11, 2001.
- Full text of the Convention.
- Council of Europe's Explanatory Report on the Convention.
- Council of Europe's Convention on Cybercrime Resource Page.
- Council of Europe's list of states which have signed and ratified the Convention.
- Declan McCullagh, Fuzzy logic behind Bush's cybercrime treaty, News.com, Nov. 28, 2005.
- Declan McCullagh, Bush pushes for cybercrime treaty, CNET News.com, Nov. 18, 2003.
- Kevin Murphy, CSIA Looks Overseas for Members, Cooperation, Computer Business Review Online, July 5, 2004.
- Cyber-Crime Laws Hurt More Than They Help, eWeek, May 10, 2004.
- Kevin Poulsen, U.S. Defends Cybercrime Treaty, Security Focus, April 23, 2002.
- Declan McCullagh, Beefed-Up Global Surveillance?, Wired, February 20, 2002.
- Mike Godwin, Watch Out: An International Treaty on Cybercrime Sounds Like a Great Idea, Until You Read the Fine Print, IP Worldwide, April, 2001.
- President Bush's letter of transmittal asking the US Senate to ratify Convention on Cybercrime.
- US State Department Memo summarizing the essential legal issues and recommending ratification of the treaty.
- US Department of Justice's FAQs on the CoE Convention on Cybercrime.
- Treaties and Other International Agreements: The Role of the United States Senate, a study for the Committee on Foreign Relations prepared by the Congressional Research Service, Library of Congress.
- US Department of Justice's Computer Crime and Intellectual Property Section, International Aspects of Computer Crime.
- Privacy & Human Rights 2003.
- Privacy International's Cyber-Crime Page.
- Global Internet Liberty Campaign's Member Letter on Council of Europe Convention on Cyber-Crime Version 24.2.
- Center for Democracy and Technology's International Cybercrime Page.
- Comments by Americans for Computer Privacy: November 15, 2000, December 7, 2000.
- Comments from NetCoalition.
- Comments from the World ISPA Forum and European Telecommunications Networks Operators Association (ETNO).
- Comments from the Information Technology Association of Canada (ITAC).
- Comments from Internet Alliance.
Papers/Law Review Articles
- David Banisar & Gus Hosein, A Draft Commentary on the Council of Europe Cybercrime Convention, October 2000.
- David Goldstone & Betty Shave, International Dimensions of Crimes in Cyberspace, 22 Fordham Int'l L.J. 1924 (1999).
- Greg Taylor (Electronic Frontiers Australia), The Council of Europe Cybercrime Convention: A civil liberties perspective.
- Collecting and Producing Electronic Evidence in Cybercrime Cases, Cyber Tools On-Line Search for Evidence, May 2003.
- Conference on Cybercrime and Signing Ceremony of the Convention on Cybercrime, Council of Europe, November 2001.
- Giovanni Buttarelli's speech at the EPIC's Freedom 2.0 conference: “Promoting Freedom and Democracy: a European perspective”, May 21, 2004.
EPIC Privacy Page | EPIC Home Page
Last Updated: December 16, 2005
Page URL: http://www.epic.org/privacy/intl/ccc.html