Editors Note: Caroline Horton Rockafellow is a member of the Research Triangle Park law firm of Daniels Daniels & Verdonik, P.A.With much fanfare, 38 nations, including 34 European countries, Canada, Japan, South Africa and the United States, signed the Council of Europe’s Convention on Cybercrime in November of 2001. Almost three years later, on July 1 of this year, the Cybercrime Treaty limped into effect swirled in controversy. Even though the Treaty is technically “in force,” there are still some significant road blocks to making this a fully effective international law
The goal of the Cybercrime Treaty is to create a major roadblock for criminals who operate in the international cyber world. To achieve this the Treaty puts into place a framework to harmonize, on a world-wide basis, the laws related to computer crimes, including those related to online child pornography, computer intrusion, commercial copyright infringement and online fraud. It also provides for coordination in the investigation of relevant computer crimes by requiring passage of compatible laws permitting seizure of e-mail and computer records, internet surveillance, and preservation of ISP logs.
The US Department of Justice heralded the Cybercrime Treaty as an important tool in stopping cybercrimes which are being deliberately staged through several countries in order to make the crimes difficult to investigate and stop. Organizations such as the American Civil Liberties Union claim, however, that the Cybercrime Treaty will “expand police powers and require American authorities to conduct surveillance on individuals whose actions violate the laws of foreign countries but not US law.” The Electronic Privacy Information Center (“EPIC”), a watchdog organization for privacy rights, asserts that the Treaty lacks adequate safeguards for privacy and threatens core legal rights established by our Constitution, referencing the obligation for countries to enact legislation to compel individuals to disclose decryption keys in order to permit law enforcement officials to access computer data. EPIC also reiterates the point that the mutual assistance provision of the Cybercrime Treaty would require U.S. law enforcement official to cooperate with foreign law enforcement, even if the offense being investigated is not illegal in the United States.
A second level of debate circles around the ratifications process. The Treaty only becomes binding on each signatory country after it has been ratified by that country. So while the Treaty was able to become effective because its terms specified it would enter into force three months after ratification by at least five countries, three of which needed to be member states of the Council of Europe, ratification by Albania, Croatia, Estonia, Hungary, Lithuania and Romania hardly makes for a worldwide consensus. Consequently, while technically in force, the Treaty has very limited significance. Treaty opponents contend that, until there is further support by major world powers, the United States should not consider binding itself to the Treaty’s obligations.
Certain European countries may take a step closer to ratification in September when the Treaty will be the subject of a major European conference and the Council of Europe will meet to discuss its merits. It is the hope of certain key European officials that this meeting will help to move EU countries forward in the ratification process. In fact, the Secretary General of the Council of Europe, Walter Schwimmer, has stated that ratification of the Cybercrime Treaty should be a priority for those member states where it has not yet been ratified.
The Cybercrime Treaty is also strongly supported by the Bush Administration. In a November 17, 2003, message to the Senate, Mr. Bush stated that the Cybercrime Treaty is “the only multilateral treaty to address the problems of computer-related crime and electronic evidence gathering.” He went further to state that “The Convention promises to be an effective tool in the global effort to combat computer-related crime . . . By providing for broad international cooperation in the form of extradition and mutual legal assistance, the Cybercrime Convention would remove or minimize legal obstacles to international cooperation that delay or endanger U.S. investigations and prosecutions of computer-related crime. As such, it would help deny ‘safe havens’ to criminals, including terrorists, who can cause damage to U.S. interests from abroad using computer systems. At the same time, the Convention contains safeguards that protect civil liberties and other legitimate interests.”
The Foreign Relations Committee of the US Senate, which is charged with reviewing treaties signed by the Administration and then making recommendations to the Senate, met last month to hear testimony on the Cybercrime Treaty. Richard Lugar, Chairman of the Foreign Relations Committee, noted that the Cybercrime Treaty “establishes a number of substantive crimes that parties agree to prohibit under their domestic law; it requires parties to adopt improved procedures for investigating computer crimes; and it provides for international cooperation in the investigation of such crimes.” He has urged quick ratification as a means of helping the United States to play a leadership role in international law enforcement as well as improving the security of Americans in the United States and abroad.
Despite the strong support of certain current governments, the Cybercrime Treaty will remain a controversial subject in both the United States and Europe for some time to come. The opposition to the Treaty will likely become more vocal as it moves closer to ratification in the United States and in major European countries. The significance of the Cybercrime Convention as the first international treaty to focus on computer related fraud and violations of network security will only materialize when (or perhaps if) the major world powers ratify the Treaty. As the world, and particularly the wired world, grows smaller and more interconnected, fighting cybercrime has become an increasingly international problem. Regardless of whether the United States ratifies the Cybercrime Treaty, international cybercrime and related enforcement issues will remain a hot topic in this and other countries for years to come.
Daniels Daniels & Verdonik, P.A. has been serving the legal needs of entrepreneurial and high technology clients for more than 20 years. Caroline Horton Rockafellow is a licensed patent attorney who works primarily in the areas of technology deals and licensing. Questions or Comments can be sent to email@example.com