Incyder news

 

16 April 2013


Subscribe

Council of Europe Giving Guidance on the Budapest Convention on Cybercrime

The Cybercrime Convention Committee (T-CY) of the Council of Europe (CoE) is giving States guidance on interpreting the Budapest Convention on Cybercrime.

The CoE Budapest Convention is one of the best known frameworks for States in the fight against cyber crime. It was adopted in 2001 and has by now been ratified by 39 States (the most recent ratifications have been by the Dominican Republic and Australia) and signed, waiting to be ratified, by another 11 States.

The Cybercrime Convention Committee (T-CY) represents the State Parties to the Budapest Convention and consists of the representatives of the States that have ratified or signed the Convention, or have been invited to join the treaty, as well as other Member States of the Council of Europe as observers. Representatives of the African Union Commission, the European Union, ENISA, EUROPOL, the International Telecommunication Union, Interpol, the OECD, the Organisation of American States, the OSCE and UNODC also attend as observers.1

The T-CY Committee offers a platform for interested parties to consult periodically regarding: the facilitation of the effective use and implementation of the Convention; the exchange of information on significant legal, policy or technological developments pertaining to cybercrime and the collection of evidence in electronic form; and consideration of possible supplementation or amendment to the Convention.2

Among other tasks undertaken in 2013, T-CY has decided to publish guidance notes in order to help parties to address new cybercrime-related challenges through the Budapest Convention. These guidance notes focus on: Article 1.a Budapest Convention on Cybercrime and the notion of a ‘computer system’ (T-CY Guidance Note # 1);3 provisions of the Budapest Convention covering botnets (T-CY Guidance Note #2);4 Article 32 regulating transborder access to data (T-CY Guidance Note # 3);5 and on Identity theft and phishing in relation to fraud.6 The text of some of these notes is still in draft format and for the consideration of the 9th Plenary of the CoE T-CY, to be held in June 2013.

The guidance notes focus on timely aspects of cybercrime in the context of the Convention on Cybercrime. For example, the notes confirm that ‘modern generation mobile phones or “smart” phones, PDAs, tablets, and others that produce, process or transmit data’7 should be considered as ‘computer systems’ in the context of Article 1.a and ‘how different Articles of the Convention apply to identity theft in relation to fraud and involving computer systems.’8

CoE