Cisco wants the United Nations to review the Cybercrime Convention • The Register

Networking giant Cisco has said the first UN treaty against cybercrime is dangerously flawed and must be revised before it can be formally voted on.

The document Cisco doesn’t like is the United Nations Convention against cyber crime (PDF). The convention took five years to create and was drafted by a body called the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes.^*

The aim of the treaty is to “enhance international cooperation, law enforcement efforts, technical assistance and capacity-building in relation to cybercrime”. This is in recognition that digital technology has become a major factor in fostering transnational mischief.

If The register theregister.com reported that Russia was a major push for the document after the committee agreed on a draft text, and that human rights groups are unhappy about it.

For example, Human Rights Watch criticized the treaty as too broad, while the Electronic Frontier Foundation called the treaty “too flawed to adopt.”

These two organizations, and others, are concerned that the treaty does not provide a narrow definition of cybercrime and could give signatory countries legal cover to crack down on citizens who share views they do not like. They are also concerned about confidentiality provisions in the document that would allow countries to demand information from service providers without the individuals targeted knowing or having any recourse.

The British human rights organisation Article 19 also warns that the broad wording of the treaty could hinder legitimate infosec research, creating a legal environment in which cyber scientists do not feel safe doing their work, for fear of being labelled as criminals.

In a post Wednesday, Eric Wenger, senior director of technology policy at Cisco, supported some of these arguments.

“Rather than focusing specifically on hacking and cybercrime, it focuses broadly on the misuse of computer networks to disseminate offensive information,” he wrote. “This is a departure from the values ​​of free speech in liberal democracies that must be addressed through an amendment before the Convention is adopted by member states for approval.”

Note the reference to “liberal democracies.” Remember that Russia was a major driving force behind this treaty, and Cisco withdrew from Moscow in 2022.

Wenger wrote that Cisco is not opposed to a UN cybercrime treaty and stated that “we must ensure that law enforcement agencies have the necessary capabilities to prevent, investigate and prosecute transnational cybercrime.”

But he argued that Cisco’s position is that such instruments “must also uphold and protect the importance of fundamental human rights and the rule of law.

“Unfortunately, the UN Convention in its current form does not provide sufficient protection for fundamental human rights and poses a risk to the rule of law.”

Wenger wants the treaty amended. But in early August, the UN was enthusiastic about its likely adoption as is later this year, and the Biden administration reportedly believes the document strikes an appropriate balance between human rights and the need for international cooperation to curb cybercrime. ®

^* Footnote: No, we are not going to use the acronym “AHCTEACICOCTUOIACTFCP”. It is easier for all concerned to call it “the Committee”.