Cloud Security, Threat Management, Network Security

Global cybercrime treaty rejected at U.N.

Share

A proposal for a treaty on global cybercrime was rejected this week by the United Nations. The proposal  was discussed for 10 days at the 12th pentennial UN Crime Congress in Salvador, Brazil, but ended up a stalemate as Russia, China and a number of developing countries could not reach agreement with the United States, Canada, the U.K. and the European Union.

As cybercrime develops into a major international scourge, efforts over the past 10 years among world powers have sought to broaden policing policies to allow law enforcement agencies to reach across national borders in pursuit of criminals.

Along with traditional concerns over computer fraud, child pornography and cyberwarfare, one new contentious issue discussed during the talks was the evolution of cloud computing, which can transfer digital data across national boundaries to be stored on servers in any location, thereby denying access to police from one country needing to collect evidence or investigate criminal activity in a foreign location.

While there's been much discussion over the need to integrate statutes and law enforcement efforts across the globe, reaching a consensus proved out of reach for the committee.

The proposal was stymied by disagreements over national sovereignty issues and concerns for human rights. As well, the EU and U.S. position was that a new treaty on cybercrime was not needed since The Budapest Convention on Cyber Crime has already been in place for 10 years. That agreement has been signed or ratified by 46 countries since it was drafted by the Council of Europe in 2001.

Further, the U.S. and U.K. delegates said any agreement for a UN treaty would take too long to resolve.

"The priority should be enhanced capacity building," the U.S. delegation was reported saying, "not further delay in favor of lengthy negotiations for a new and unproven treaty."

The Budapest Convention sanctions police to cross national boundaries, without consent from local authorities, in order to access servers – with the caveat that the owners of the network systems give permission. Russia has opposed this measure since 2000 when police from the United States gained access to computers owned by Russian men accused of defrauding U.S. banks.

For their part, legislators in the U.S. and EU insist on the need for privacy provisions that would protect users' data from police investigation when it is stored in another country via a cloud computing partner.

While an overall policy could not be settled on at the UN convention, there was agreement among the delegates that developed countries would step up assistance to help countries in need in their efforts to combat cybercrime.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.