The UN's cybercrime treaty may enhance global cooperation in cybercrime prevention but faces criticism over human rights and innovation concerns.
On November 11, 2024, the United Nations approved a draft of their Convention Against Cybercrime, a treaty that was made for three purposes - to “promote and strengthen measures to prevent and combat cybercrime more efficiently and effectively; promote, facilitate and strengthen international cooperation in preventing and combating cybercrime; and promote, facilitate and support technical assistance and capacity-building to prevent and combat cybercrime, in particular for the benefit of developing countries." If the resolution can get a simple majority in the General Assembly in a vote taking place in December 2024, it will be ratified - which is a serious concern for many countries that believe the treaty still needs to be clarified.
Since its inception, the treaty has proved to be controversial. In November 2019, the first resolution to set up a convention to combat cybercrime, sponsored by Russia, Belarus, Cambodia, China, Iran, Myanmar, Nicaragua, Syria and Venezuela, passed. Human rights organizations like the Electronic Frontier Foundation (EEF) and the Digital RIghts Foundation then found issue with the proposal, and raised concerns about the possibility of it being used to undermine human rights. In May 2021, the proposal outlining the treaty was passed in a move that was criticized for being exclusive and not transparent enough.
Since the first negotiating session in December 2021, the cybercrime treaty has continued to sustain critiques about the broad definition of cybercrime - possibly allowing for human rights violations as some countries tried to position spreading misinformation and religious insults as cybercrimes. Even six Democratic senators sent a letter to the White House, requesting that the recently finalized convention not undergo more changes before being supported by the US.
In addition to the human rights concerns posed by the ambiguity of the treaty’s definition of a cybercrime, the resolution has raised concerns about stifling innovation and reducing security in the long run. The treaty prohibits anyone from intentionally getting access to a computer system “without right,” targeting malicious hacking. This measure appears to be unproblematic, but it may prevent security researchers and ethical hackers from doing their work, as many improve security systems by testing their defenses in a controlled setting. Without explicitly making exceptions for good-faith activities, the treaty may counterintuitively limit security.
Responding to concerns about the cybercrime treaty, the US released an explanation of its position on the resolution. The explanation emphasizes the strengths of the treaty (like building up the global community’s ability to stop cyber crime, stopping the nonconsensual sharing of intimate images, and limiting fraud), before addressing the biggest fears that people have about the convention: “Let us be clear: this Convention, by its explicit terms, does not permit Parties to misuse the Convention or any part of it to suppress human rights. We will be vigilant in demanding accountability if they seek to do so. Any attempt to misuse and abuse the Convention, particularly with regard to its human rights safeguards, would threaten its viability and thereby undermine any benefits from it…We will work to ensure that any future interpretations or explanatory documents of the Convention enshrine procedural measures to protect individual privacy and security, while also ensuring that such measures do not harm cybersecurity or empower the harassment of technology company employees.”
Even with this assurance, many are still skeptical of the convention - expecting governments to use the resolution for their own benefits. Karen Gullo, an analyst and senior media relations specialist at EFF has been encouraging people to vote against the convention because “it gives states a huge amount of leeway to decide whether or not to require human rights safeguards at all. Its underlying flaw is the assumption that, in accommodating all countries' practices, states will act in good faith. We know that is unlikely – the powerful global cooperation tools established by the convention will be abused.” While the US seems set in favor of the treaty, the only way to see if enough countries agree with our stance to ratify it will be to wait for the general assembly to vote.