The draft United Nations cybercrime treaty does not incorporate human-centric principles and the prospect of it being adopted in its current form is gravely concerning
In September 2021, the CyberPeace Institute and the Cybersecurity Tech Accord brought together the multistakeholder cybersecurity community to sign a Multistakeholder Manifesto. This document outlined human-centric principles essential for developing an effective and rights-respecting criminal justice instrument and was endorsed by over 50 civil society and industry representatives.
The UN Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes (AHC) published the revised draft of the Cybercrime Convention in November last year. The text is expected to be finalised in early February and tabled to the UN General Assembly for ratification by member states.
The revised negotiating text is, however, concerning and disappointing. It does not reflect the principles advocated by the multistakeholder community or the input provided by the accredited organisations over the course of the two-year negotiation. This is why the CyberPeace Institute and the Cybersecurity Tech Accord are once again coming together to call for the prioritisation of human-centric principles ensuring that the focus remains on protecting individuals and their rights while combating cybercrime within the emerging treaty. Using our 2021 Multistakeholder Manifesto as a guide, we are assessing how the principles have been reflected in the UN deliberations.
Word from supporters:
Dr. Scott J. Shackelford, JD, PhD, Director at the Ostrom Workshop Program on Cybersecurity and Internet Governance:
“Multi-stakeholder governance is a vital component of a sustainable and secure cyberspace, along with an equitable cyber peace. This Manifesto is an important step forward by the community in underscoring these vital links that are so integral to international peace and security, both online and offline.”
Dr. Grace Githaiga, CEO at KICTANet:
“It is important for States to see the value of multistakeholder approaches, as inclusive engagement is fundamental to crafting effective, balanced, and globally accepted strategies against cyber threats. We therefore urge States to ensure that divergent stakeholders views, including those of civil society are reflected in the Cyber Convention.”
Michel Roberto de Souza, Public Policy Director at Derechos Digitales:
“We are extremely concerned that the current text empowers and enables States to justify the sharing of illegally obtained evidence in the prosecution of online and offline crimes.”
Paloma Lara Castro, Public Policy Coordinator at Derechos Digitales:
“We are particularly concerned that the latest draft of the Convention does not ensure effective gender mainstreaming to ensure that the Convention is not used to undermine people’s human rights on the basis of gender. We urge States to mainstream a gender perspective throughout the Convention as a whole and throughout each article.”
Melanio Escobar, Director ONG DDHH RedesAyuda / Humano Derecho Radio Estación:
“In these modern and changing times where the border between real and digital life is increasingly blurred, it is essential that Human Rights protection mechanisms direct their efforts to protect victims as a priority, creating safe spaces that local legislation do not provide to the people affected by cybercrimes.”
Ferdinand Ferroli, Director Policy & Research at Identity Valley:
“Identity Valley fully supports the joint statement of the CyberPeace Institute and the Cybersecurity Tech Accord. While trust in our digital ecosystems depends on a robust framework enabling states to combat cybercrime, the current draft for the United Nations cybercrime treaty conversely runs the risk of gravely damaging trust in cyberspace. Provisions on government access to personal data, a lack of safeguards against overreach of powers and an overly broad definition of cybercrime are not in the interest of a free and open digital world but rather the opposite.Trust is not about content but about process. The UN’s multistakeholder approach on the cybercrime treaty is laudable and could be seen as a role-model for modern policy-making were it not for the comprehensive disregard of its resulting recommendations. To be a meaningful instrument of inclusive change, voices from civil society need not only be heard but also understood and echoed in results.”
Read our statement in full below: