The Freedom Online Coalition Advisory Network (FOC-AN) is an independent multistakeholder group composed of civil society, academia, technical community, and private sector representatives who provide advice on aims, objectives and activities of the Freedom Online Coalition, as well as support its mission of advancing Internet freedom and human rights online. The Freedom Online Coalition (FOC) is an intergovernmental coalition of 40 Member States committed to ensuring that the Internet and digital technologies reinforce human rights, democracy, and the rule of law.
The advice is developed independently by the the FOC-AN cohort, and is not a statement on behalf of FOC Member States.
On 8 August 2024, the members of the UN Ad Hoc Committee on Cybercrime (UN AHC) adopted by consensus the draft United Nations Convention against Cybercrime (the treaty). The draft was adopted despite serious concerns expressed by civil society, industry, and the United Nations Office of the High Commissioner for Human Rights. In this proactive advice, we would like to appeal to the mission of the FOC and commitments to fundamental rights and freedoms, which FOC member governments made under international human rights, and urge that your government vote “no” on the UN Cybercrime Convention.
Concerns:
The FOC-AN and its members have repeatedly expressed concerns about the possible outcomes of the UN AHC’s work, highlighting the fundamental flaws in the drafts of the convention. As the negotiations progressed and the UN AHC adopted the convention, most of the crucial issues raised by the FOC-AN or other nongovernmental stakeholders were not addressed.
In the past few weeks, we have seen various statements by some governments praising the new cybercrime treaty, its commitment to robust safeguards, and its ability to enhance cross-border cooperation against cybercrime. Yet there are serious reasons why civil society and business stakeholders have been united in opposing this treaty like never before.
- This is not a narrowly
scoped treaty on cybercrime. It enables most of its procedural powers to be used for any crime that requires electronic evidence. - The treaty does not have robust safeguards. Most of the human rights safeguards are left to the discretion of domestic law, creating substantial gaps in the role and importance of human rights in the treaty.
- This convention is not an agreement that would facilitate international cooperation on cybercrime. Its provisions on cooperation will allow States Parties to designate any crime – including crimes that oppress freedom of speech and target political dissent, as well as those relating to sexual identity, gender expression, and reproductive rights – a ‘serious crime’ by simply raising the punishment threshold, and request cross-border access to data or share such data legitimately between themselves.
It is a far-reaching global criminal justice treaty that would enable and legitimise serious human rights violations due to multiple flaws and lack of safeguards and fundamental rights protections.
More specifically: It will allow for prosecutions of security researchers, whistleblowers, and journalists for ‘cybercrimes’. It will also let countries put teenagers behind bars for consensually sharing self-generated sexual material. And, it will endanger employees of the tech industry, who could be kept hostage in authoritarian states and obliged to provide access to data or disclose encryption keys. These are only a few illustrations of how this treaty will affect the lives of real people. These are not abstract dangers – they take place constantly in some countries and now, they are legitimised through this treaty.
Not only does this treaty open countless possibilities for abuse in the future, it also legitimises abuse that is already happening around the globe.
There are multiple flawed provisions that civil society and industry leaders have repeatedly expressed concerns about through letters and statements, including the documents we have previously submitted for the FOC. We would like to highlight that the provision considered a remedy, a ‘catch-all’ protection against these abuses – Article 6.2 – does not constitute a sufficient safeguard, and as a whole, the treaty does not contain any realistic mechanism for the provision of remedy or accountability in cases where the treaty is misapplied.
The treaty represents a tectonic shift towards the digital authoritarian vision of power and control on the Internet. The damage it will do to human rights is imminent, unprecedented, and irreparable.
The adoption of this treaty will have broad impacts on criminal justice and access to data. The success of authoritarian regimes in using multilateral mechanisms to carry out and legitimise human rights abuses may also spill over to other intergovernmental processes and cause more far-reaching consequences. Although the treaty text has some parallels with the Council of Europe’s (COE) “Budapest Convention,” important distinctions in scope and substance remain. More importantly, the significantly larger number of non-democratic states likely to sign this new treaty, and its lack of accompanying institutional safeguards (i.e., the protections of the European Convention on Human Rights, the oversight of the European Court of Human Rights, etc.) make comparisons between the two inapt.
While damage has already been done, the best way to mitigate against further harm is to call a vote and marshall a strong, cross-regional coalition to vote no.
The moral weight and practical impact of the treaty will correlate directly with the number of rights-respecting states that approve and ratify it. The best way to limit those impacts is to organise a strong, broad coalition in opposition. The FOC should be at the centre of that block. If the treaty passes, the FOC and its members should commit to continuing to coordinate with each other and with civil society, industry, the technical community, and others to argue against ratification and further expansion through additional protocols. Our view is that democratic states’ ability to push back in such scenarios will be limited if they fail to take a principled position against the treaty based on legitimate human rights concerns.
Recommendations:
The mission of the FOC is to promote a rules-based, democratic, and inclusive world where human rights and fundamental freedoms are upheld in online and digital contexts. In order to uphold that mission, we strongly urge the FOC members to coordinate on calling for a vote on the treaty, reach out to other, non-FOC, like-minded governments, and vote against the treaty’s adoption at the UNGA.
Resources:
- Global Network Initiative, Statement on the UN Cybercrime Convention (19 July 2024)
- Fiona Alexander. UN Threatens Internet Freedom, Privacy, and Due Process (3 September 2024).
- ICC. Global business urges governments to reject new international cybercrime treaty (13 August 2024).
- Joint Open Letter. UN Cybercrime Convention – Open Letter to EU-Commission and Member States (17 July 2024).
- Joint submissions by multiple organisations. Urgent Appeal to Address Critical Flaws in the Latest Draft of the UN Cybercrime Convention (July 2024).
- OHCHR. Human rights and the draft Cybercrime Convention (25 July 2024).
- Frederico Links. UN Cybercrime Treaty Enables Threatening State Intrusion. Flawed treaty will provide cover for installing a highly problematic law in Namibia (5 September 2024).