UN cybercrime convention will ‘legitimize’ authoritarian nations’ cyber behavior, senators warn

Bruce Yuanyue Bi/Getty Images

Featured eBooks
Health Tech
Read Now

Next-Generation Computing

Read Now

Space Tech

Read Now
Insights & Reports
A Government Leader's Book of Best Practices: AI Readiness
Presented By Salesforce
Download Now
Strengthen Data Security: AWS Zero Trust for Government
Presented By Amazon Web Services
Download Now
David DiMolfetta By David DiMolfetta,
Cybersecurity Reporter, Nextgov/FCW

By David DiMolfetta

|

The proposed treaty has ignited debate among officials, as it may offer adversaries a stronger voice in international discussions about cybersecurity and surveillance.

A group of Democratic senators is sounding the alarm about U.S. participation in a forthcoming United Nations cybercrime treaty vote, fearing that America’s involvement could lend credibility to policies promoted by authoritarian regimes like China and Russia.

The missive, led by Sen. Ron Wyden, D-Ore., is addressed to top administration officials including Secretary of State Antony Blinken, Attorney General Merrick Garland, Commerce Secretary Gina Raimondo and National Security Advisor Jake Sullivan, arguing the U.S. “must not align itself with repressive regimes” that have carried out digitally-enabled human rights abuses.

The letter raises concerns about abuses by authoritarian nations, particularly around privacy, surveillance and censorship, arguing the finalized Cybercrime Convention allows for broad definitions of cybercrime and surveillance without strong safeguards for individual users. The lawmakers add that the treaty risks criminalizing good-faith cybersecurity and AI research.

Countries under the proposed treaty must adopt laws or procedures that permit their authorities to demand access to computer systems or stored data from individuals or companies. The senators warn this could erode access to encrypted communications services and give broad jurisdiction back to a country’s own legal standards.

“In Iran, for example, the lack of such requirements could provide international legal cover for the regime’s efforts to promote the widespread surveillance and policing of women and girls. Likewise, the Convention compels countries to collect and share private internet user data with other countries regarding a wide range of crimes,” they write.

The pact led by the global diplomatic and international political standards body has been in the works for years and has the potential to rewire how countries prosecute cybercriminals and track people suspected of engaging in cybercrimes against sovereign entities. Nation-state adversaries — namely Russia, China, North Korea and Iran — are among the greatest purveyors of cybercrime activity, the Cybersecurity and Infrastructure Security Agency says.

But the convention has become a lightning rod for debate among Western officials because it could allow foreign adversaries to have a bigger seat at the table when it comes to debating cross-border intelligence, cyber and surveillance issues. Russia has sought the creation of a cybercrime agreement in the UN as far back as 2017.

The White House National Security Council declined to comment on the letter. Both law enforcement and national security officials have been debating whether the treaty should get the green light from the U.S., Politico reported last month.

NEXT STORY: Biden admin issues restrictions on US investments into sensitive tech tied to China