[ISN] US defends cybercrime treaty

From: InfoSec News (isn@private)
Date: Sun Apr 25 2004 - 23:33:30 PDT

  • Next message: InfoSec News: "Re: [ISN] TCP, BGP, DoS, and BS"

    http://www.theregister.co.uk/2004/04/24/us_defends_cybercrime_treaty/
    
    By Kevin Poulsen, SecurityFocus
    Published Saturday 24th April 2004 
    
    Critics took aim this week at a controversial international treaty
    intended to facilitate cross-boarder computer crime probes, arguing
    that it would oblige the US and other signatories to cooperate with
    repressive regimes - a charge that the Justice Department denied.
    
    The US is one of 38 nations that have signed onto the Council of
    Europe's "Convention on Cybercrime," but the US Senate has not yet
    ratified the measure. In a letter to the Senate last November,
    President Bush called the pact "the only multilateral treaty to
    address the problems of computer-related crime and electronic evidence
    gathering." The treaty, "would remove or minimize legal obstacles to
    international cooperation that delay or endanger U.S. investigations
    and prosecutions of computer-related crime," he said.
    
    Drafted under strong US influence, the treaty aims to harmonize
    computer crime laws around the world by obliging participating
    countries to outlaw computer intrusion, child pornography, commercial
    copyright infringement, and online fraud.
    
    Another portion of the treaty requires each country to pass laws that
    permit the government to search and seize email and computer records,
    perform Internet surveillance, and to order ISPs to preserve logs in
    connection with an investigation. A "mutual assistance" provision then
    obligates the county to use those tools to help out other signatory
    countries in cross-border investigations: France, for example, could
    request from the US the traffic logs for an anonymous Hushmail user
    suspected of violating French law.
    
    Dual criminality. Not
    
    That worries civil libertarians. The treaty is open to any country,
    with the approval of those that have already ratified it, and some
    fear that it could put the United States' surveillance capabilities at
    the disposal of foreign governments with poor human rights records,
    who may be investigating actions that are not considered crimes
    elsewhere.
    
    "There is no requirement that the act that is being investigated be a
    crime both in a nation that is asking for assistance, and the nation
    that is providing assistance," said the ACLU's Barry Steinhardt,
    speaking at the Computers Freedom and Privacy Conference in Berkeley,
    California on Thursday. The US and other countries will be asked to
    use the electronic snooping powers mandated by the treaty to track
    political dissidents, he said.
    
    Betty Shave, who heads the Justice Department's international computer
    crime division, admitted that the treaty mostly lacks so-called "duel
    criminality" provisions, but she countered that other language in the
    pact would prevent abuses. One clause in the treaty allows a country
    to refuse to cooperate in an investigation if its "essential
    interests" are threatened by the request: Shave says that would allow
    the US to bow out of a probe targeting free speech or other actions
    protected by the U.S. Constitution. Moreover, political offenses are
    specifically excluded from some types of mutual assistance requests
    available under the treaty.
    
    The treaty is necessary because "crime and terrorism, like everything
    else, are moving onto the Net and are increasingly difficult to
    investigate, and a lot of crime is international," said Shave. "Many
    crimes are deliberately staged through various countries just to make
    it difficult to investigate."
    
    Privacy International's Gus Hosein argued the international community
    should have produced model legislation to harmonize computer crime
    laws, instead of a treaty with mutual obligations. "You create a
    treaty, suddenly you have all these interests come in."
    
    Thirty-four European nations, plus Canada, Japan, South Africa and the
    United States have signed onto the treaty, but only five have thus-far
    ratified it: Albania, Croatia, Estonia, Hungary and Lithuania.
    
    If ratified, no new domestic laws would be have to be passed to bring
    the US into line with the treaty, according to the Justice Department.  
    Steinhardt was skeptical. "The treaty is already being used as a
    pretext in some developing nation to pass some pretty draconian laws,"  
    he said. "I wouldn't be surprised to see it used in the US that way."
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Mon Apr 26 2004 - 06:03:07 PDT