International Convention on Cyber Crime- Budapest Convention

Convention means an agreement between states covering particular matters, especially one less formal than treaty. International Convention means an agreement signed between countries of a particular matter. There are many conventions between many countries in the world out of which one is Budapest Convention.

The convention on Cybercrime also known as the Budapest Convention on Cybercrime or Budapest Convention, is the first international treaty seeking to address Internet and computer Crime (Cybercrime) by harmonising national laws, improving investigation techniques and increasing cooperation among nations. Budapest convention was drawn up by the council of Europe’s observer state Canada, Japan, Philippines, South Africa and the United States. At the 109th Session on 8th November 2001 the committee of Minister of the Council of Europe adopted the Convention and its Explanatory Report. On 23rd November 2001 it was opened for signature in Budapest and it entered into force on July 2004. Till march 2019, 63 states have ratified the convention, while four states had signed the convention but not ratified it. Countries like India and Brazil had declined to adopt the Conventions on the ground that they didn’t participate in its drafting.

International Convention on Cyber Crime- Budapest Convention

Russia opposed the Convention, stating that adoption would violate Russian sovereignty and had refused to cooperate in law enforcement investigations relating to cybercrime. Budapest Convention was the first multilateral legally binding instrument to regulate cybercrime. On March 2006, Additional Protocol to the Convention on cybercrime came into force. Those countries that have ratified the additional protocol are required to criminalize the dissemination of racism and xenophobia.

This convention was the first international treaty on crimes committed via the internet and other computer networks, dealing particularly with infringement of copyrights, computer-related fraud, child pornography, hate crimes and violations of network security.

The main objective of this convention is to pursue a common criminal policy aimed at the protection of society against cybercrime, especially by adopting appropriate legislation and fostering international cooperation.

It principally aims at: –

  • Harmonising the domestic criminal substantive law elements of offences and connected provisions in the area of cyber-crime
  • Providing for domestic criminal procedural law powers necessary for the investigation and prosecution of such offences as well as other offences committed by means of a computer system or evidence in relation to which is in electronic form
  • Setting up a fast and effective regime of international cooperation

Budapest Convention has defined following offences like Illegal access, Illegal interception, data interference, system interference, misuse of devices, computer-related forgery, computer-related fraud, offences related to child pornography and offences related to copyright and neighbouring rights.

International Convention on Cyber Crime- Budapest Convention

It also sets out such procedural law issues which expedited preservation of stored data, expedited preservation and partial disclosure of traffic data, production order, search and seizure of computer data, real-time collection of traffic data, and interception of content data. In addition, the Convention contains a provision on a specific type of transborder access to stored computer data which does not require mutual assistance (with consent or where publicly available) and provides for the setting up of a 24/7 network for ensuring speedy assistance among the Signatory Parties.

The Convention is the result of continuous work of four years by the European and international experts. It has been supplemented by an Additional Protocol making any publication of racist and xenophobic propaganda via computer networks a criminal offence, similar to Criminal Libel laws. Cyber terrorism is also being studied in the framework of the Convention.

Accession by the United States

Its ratification by the United States Senate by unanimous consent in August 2006 was both praised and condemned. The United States became the 16th nation to ratify the convention. On 1st January 2007 the convention entered into force in United States.

Bill First the Senate Majority Leader said:

“While balancing civil liberty and privacy concerns, this treaty encourages the sharing of critical electronic evidence among foreign countries so that law enforcement can more effectively investigate and combat these crimes”.

The common legal framework would eliminate the jurisdictional hurdles to facilitate the law enforcement of borderless cybercrimes, a complete realization of a common legal framework may not be possible. Transposing Convention provisions into domestic law is difficult especially if it requires the incorporation of substantive expansions that run counter to constitutional principles.

International Convention on Cyber Crime- Budapest Convention

For instance, the United States may not be able to criminalize all the offenses relating to child pornography that are stated in the Convention, specifically the ban on virtual child pornography, because of its First Amendment’s free speech principles. Under Article 9(2)(c) of the Convention, a ban on child pornography includes any “realistic images representing a minor engaged in sexually explicit conduct”.

According to the Convention, the United States would have to adopt this ban on virtual child pornography as well, however, the U.S. Supreme Court, in Ashcroft v. Free Speech Coalition, struck down as unconstitutional a provision of the CPPA that prohibited “any visual depiction” that “is, or appears to be, of a minor engaging in sexually explicit conduct”. In response to the rejection, the U.S. Congress enacted the PROTECT Act to amend the provision, limiting the ban to any visual depiction “that is, or is indistinguishable from, that of a minor engaging in sexually explicit conduct”.

Accession by other non-council of European states

On 23rd November 2001 the Convention was signed by Canada, Japan, United States, and South Africa in Budapest. The non-Council of European states Australia, Canada, Dominican Republic, Israel, Japan, Mauritius, Panama, Sri Lanka and United States ratified the treaty on July 2016.

On 21st October 2013, Colombia was invited by the Council of Europe to adhere to Budapest Convention. Colombia has not acceded to the convention.

Although Egypt has not signed off on the Convention, Egyptian President Al Sisi’s government in 2018 has legislated two major computer-crime related laws. Targeting Social networking such as Facebook and Twitter, the legislation criminalises fake news and terrorism, setting a flag on accounts which carry more than 5,000 subscribers or followers. The early legislation had been criticised by Amnesty International, thus websites can appeal to the courts within 7 days of blacklisting.

In fact, India too “was reconsidering its position on becoming a member of the Budapest Convention because of the surge in cybercrime, especially after a push for digital India.”