Council of Europe Urges Adoption of Convention on Cybercrime

The Council of Europe is actively urging countries to sign in to law the Council of Europe Convention on Cybercrime. The Convention was signed in 2001 by 30 countries, but has since been ratified by only eight. Governments are said to be wary of potentially being required to make data on their citizens available to other governments.

The Council of Europe recently participated in the UN Consultation on the Working Group on Internet Governance, suggesting the Convention on Cybercrime is a model law that other countries should adopt nationally. They also held a high-level conference in Strasbourg to encourage ratification of the Convention. The Information Technology Association of America (ITAA) is pressing the U.S. Senate for its ratification, as is President Bush.  While interested in preventing cybercrime, governments are rightly concerned with many provisions of this Convention.

But while it is widely agreed that an international approach to combating cybercrime is necessary, this Convention would force US companies and law enforcement to investigate Americans for acts which are not illegal in this country - a significant provision of the agreement, but one which is unconstitutional in the United States. In addition, many point out that this treaty is extraordinarily invasive and lacks strong privacy protections, that it could actually promote insecurity of computer systems through required disclosure of decryption keys, and that the criminal liability is places on businesses could increase their surveillance of employees.

EPIC's Page on the Convention on Cybercrime »

October 2004