Convention on Cybercrime

The Convention on Cybercrime was adopted in 2001 by the Council of Europe, a consultative assembly of 43 countries, based in Strasbourg. The Convention, effective July 2004, is the first and only international treaty to deal with breaches of law “over the internet or other information networks.” The Convention requires participating countries to update and harmonize their criminal laws against hacking, infringements on copyrights, computer facilitated fraud, child pornography, and other illicit cyber activities.115 Although the United States has signed and ratified the Convention, it did not sign a separate protocol that contained provisions to criminalize xenophobia and racism on the Internet, which would raise Constitutional issues in the United States.116 The separate protocol could be interpreted as requiring nations to imprison anyone guilty of “insulting publicly, through a computer system” certain groups of people based on characteristics such as race or ethnic origin, a requirement that could make it a crime to e-mail jokes about ethnic groups or question whether the Holocaust occurred. The Department of Justice has said that it would be unconstitutional for the United States to sign that additional protocol because of the First Amendment’s guarantee of freedom of expression. The Electronic Privacy Information Center, in a June 2004 letter to the Foreign Relations Committee, objected to U.S. ratification of the Convention, because it would “create invasive investigative techniques while failing to provide meaningful privacy and civil liberties safeguards.”117 On August 3, 2006, the U.S. Senate passed a resolution of ratification for the Convention. The United States will comply with the Convention based on existing U.S. federal law; and no new implementing legislation is expected to be required. Legal analysts say that U.S. negotiators succeeded in scrapping most objectionable provisions, thereby ensuring that the Convention tracks closely with existing U.S. laws.118