Saturday 19 June 2021

Cybercrime Treaty Could Be Used to Go After Cyberespionage

(IPS) – Governments of countries that engage in large-scale electronic espionage, like the United States, and companies that develop spying software could theoretically face legal action for violating the Convention on Cybercrime.

The Convention, adopted in Budapest in 2001 and in force since 2004, is the first international treaty seeking to address Internet cyberspaceand computer crime, and has a provision that aims to protect the right of privacy of data communication from unauthorized interception.

The treaty, also known as the Budapest Convention, requires member states to criminalize four kinds of conduct against confidentiality or the integrity and availability of computer systems or data: illegal access, illegal interception, data and system interference, and misuse of devices for the purpose of committing these offences.

- Advertisement -

These are precisely the practices engaged in by the U.S., British and other governments, according to documents leaked to the media in June by former U.S. National Security Agency (NSA) contractor Edward Snowden.

Cyber surveillance “violates the Convention, and perpetrators can be sued” under the Cybercrime Convention Committee, Lorena Pichardo, a law school professor at the National Autonomous University of Mexico (UNAM), told IPS.

The Convention was adopted by the Council of Europe, which was set up to promote democracy and protect human rights and the rule of law in Europe. But the treaty has also been signed by non-member states, like Canada, the United States and Japan. The United States ratified it in 2006.

So far, 51 states have signed the Convention and 40 have ratified it.

- Advertisement -

It is possible to file a complaint with the Cybercrime Convention Committee, but any action taken is based on the national laws that its members must approve in order to live up to the Convention. Complainants can also turn to the European Court of Human Rights.

A complaint “can be successful, but it would be partial, because among the countries that are party to the Convention, there are interests at stake. The law can be bent and accommodated to national legislation,” Enoc Gutiérrez, a professor of information and communications technology (ICT) at the Autonomous University of the State of Mexico, told IPS.

In a 2012 study that analysed Mexican, U.S. and EU laws, Gutiérrez and his colleagues Lucio Ordóñez and Víctor Saucedo argued the need for special legislation and a special court on computer crime.

The problem is that the Convention does not take into account that cybercrimes can include espionage by a state. The general impression is that when a government seeks cross-border access to computer data, it is doing so to investigate crimes and pursue criminals.

Article 32b of the Budapest Convention introduced an exception to the principle of territorial sovereignty:

“A Party may, without the authorisation of another Party [..] access or receive, through a computer system in its territory, stored computer data located in another Party, if the Party obtains the lawful and voluntary consent of the person who has the lawful authority to disclose the data to the Party through that computer system.”

- Advertisement -

The Cybercrimes Convention Committee held its ninth full session Jun. 4-5 – one day before the Guardian and the Washington Post published the first leaks by Snowden. In the meeting, the Committee did not debate anything related to cyber espionage.

But in a recent report, the Committee’s ad hoc sub-group on jurisdiction and transborder access to data said that new developments, such as cloud storage of data and the activities of law enforcement authorities, made it necessary to revise the reach of article 32b.

“Current practices regarding direct law enforcement access to data as well as access via Internet service providers and other private sector entities…illustrate that law enforcement authorities of many States access data stored on computers in other States in order to secure electronic evidence. Such practices frequently go beyond the limited possibilities foreseen in Article 32b and the Budapest Convention in general,” the sub-group says.

This poses risks to human rights, they warn.

“Personal data are increasingly stored by private entities, including cloud service providers. Access by law enforcement to, or the disclosure to law enforcement authorities of personal data stored in a foreign jurisdiction by such private sector entities may violate data protection regulations,” they add.

The NSA and other intelligence agencies use software that enables them to intercept private communications around the world.

Mexico, for example, acquired software from U.S. and European companies to monitor telephone calls, email, chats, Internet browsing histories and social networks.

Of the at least 95 corporations that develop and distribute this kind of software worldwide, 32 are in the U.S., 17 are British and the rest come from some two dozen other nations, according to confidential documents from intelligence contractors published by Wikileaks in December 2011.

The list mentions 78 different products, including Trojan viruses, audio transmitters, audio and video recorders, and tracking tools.

“Any technology with such a huge potential for the violation of fundamental rights should be the focus of the highest level of legal protection, especially if it’s in the hands of private corporations that operate according to purely business objectives,” two officials from Spain’s Interior Ministry, Miguel Ángel Castellano and Pedro David Santamaría, wrote in a December 2012 article, “El control del ciberespacio por parte de gobiernos y empresas” (“Control of cyberspace by governments and companies”).

Pichardo, the law professor, said national legislation tends to take precedence in cases that invoke international principles.

“If we already have a charge of espionage, the serious problem of asking for data from other states is redundant,” she said.

Gutiérrez believes the existing international legal frameworks do not protect citizens, and specific laws are necessary. His studies focus on how to move from ICTs to technologies of learning and communication.

“When citizens are active in a social network like Facebook, by the simple act of accepting the terms of the contract they are saying their information can be shared with banks or government institutions,” he said. “They steal information from us and we don’t even realise it.”

- Advertisement -

FACT CHECK:
We strive for accuracy in its reports. But if you see something that doesn’t look right, send us an email. The Q reviews and updates its content regularly to ensure it’s accuracy.

Ricohttp://www.theqmedia.com
"Rico" is the crazy mind behind the Q media websites, a series of online magazines where everything is Q! In these times of new normal, stay at home. Stay safe. Stay healthy.

Related Articles

[BLOG] Costa Rican Electric Company – General Maintenance Procedures

During my fifteen plus years of living in Costa Rica, I...

Heliport, Money and Weapons in Costa Rica

Following reports by residents of Las Asturias de Pococí about flyovers...

MOST READ

Diseases, weather and low prices hit the orange sector in Costa Rica

HQ - The appearance of pests and diseases, in particular the 'dragón amarillo' (yellow dragon), the impact of the weather and a sharp drop...

Should the vaccination against covid-19 be opened?

QCOSTARICA - Six months after the start of vaccination against covid-19, will it be time to open the campaign to those who want to...

Tourism sector depends on political will for recovery

QCOSTARICA - The future of tourism operators in Costa Rica depends on the political will to approve a package of bills that favors the...

College of Physicians negotiates donation of a million and a half vaccines against covid-19

QCOSTARICA - This week there could be very good news for the country in the fight against the coronavirus pandemic if the College of...

Companies covered up defective asphalt

QCOSTARICA - The judicial file of the Cochinilla Case, on alleged corruption in road works, exposes how three companies would have covered up the...

The “rebound” effect boosted growth in Costa Rica’s economic activity

QCOSTARICA - Costa Rica's economic activity registered in April 2021 a year-on-year growth of 8.8%, a figure affected by a “base” or “rebound” effect,...

On Monday the vehicle restriction will change, again

QCOSTARICA - In times of pandemic, things change constantly, especially when it is necessary to tighten the belt to reduce the contagion of covid-19. The...

Rainy afternoons and nights this week in most of the country

QCOSTARICA - Characteristic of the rainy season, we will see rain in the afternoons and nights in the Central Valley, the entire Pacific coast,...

The Best Sports To Play On A Beach

Costa Rica has some of the best beaches in the world. The coastline is blessed with golden sand, beautiful palm trees, and perfect blue...

WANT TO STAY UP TO DATE WITH THE LATEST!

Get our daily newsletter with the latest posts directly in your mailbox. Click on the subscribe and fill out the form. It's that simple!

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.