Civil society and industry share concerns about the UN draft Cybercrime Convention

Stakeholders, including the UN High Commissioner for Human Rights and the Electronic Frontier Foundation, stress the need for more transparency and robust protections in the treaty.
Logo of the UN, United Nations, is depicted on a circuit board.

Civil society organisations and more than 150 tech companies within the Cybersecurity Tech Accord urged the United Nations to revise the final draft of the UN Cybercrime Convention. Non-state stakeholders share concerns that the current language of the convention could lead to human rights abuses and criminalise the work of penetration testers, ethical hackers, security researchers, and journalists.

The UN member states are currently in the final round of negotiations for what will become the first global treaty on cybercrime, with talks running from 29 July to 8 August. The current draft, published on 23 May, has seen some positive changes, but the Tech Accord, in particular, calls for further revisions. The office of the UN High Commissioner for Human Rights also noted that the revised draft of the UN Cybercrime Convention includes some welcome improvements, however significant concerns remain about many provisions that fail to meet international human rights standards. The Electronic Frontier Foundation (EFF) added that the proposed UN Cybercrime Convention mandates intrusive domestic surveillance measures and requires states to cooperate in surveillance and data sharing. It allows the collection, preservation, and sharing of electronic evidence for any crime deemed serious by a country’s domestic law, with minimal human rights safeguards, even with countries that have poor human rights records.

These shortcomings are particularly concerning given the already expansive use of existing cybercrime laws in some jurisdictions, which have been used to unduly restrict freedom of expression, target dissenting voices, and arbitrarily interfere with the privacy and anonymity of communications, according to the office’s analysis. A key concern of the Tech Accord is the need for more transparency in the convention’s current form, while the EFF calls to address the currently formulated highly intrusive secret spying powers without robust safeguards and insufficient protection for security researchers, among other concerns.