[ccwg-internet-governance] Fwd: [Internet Policy] ITU circumventing Budapest Convention?

Carlos Raul carlosraulg at gmail.com
Mon Nov 28 11:45:08 UTC 2016

Thank you very much Tatiana for this very comprehensive overview of that
rather complex issue!!!

*Carlos Raúl Gutiérrez*
+506 8837 7176
Skype carlos.raulg
Apartado 1571-1000

On Mon, Nov 28, 2016 at 1:55 AM, Dr. Tatiana Tropina <t.tropina at mpicc.de>

> Dear all,
> I have not written to this list yet though I am reading it :-) as someone
> who has been working in the field of cybercrime legislation for quite a
> number of years and is well aware of the ITU-EU projects, I feel like I
> need to bring my 2c.
> While I am a big supporter of the CoE cybercrime convention and in general
> I do oppose the ITU-EU developed model laws (I was myself participating in
> one of those project in Caribbean and frankly speaking I don't see the
> value in such "hamronsiation" and rather see it as further fragmentation of
> approaches), I find this article about Vanuatu provided in the email very
> alarmist and to some extent incorrect.
> Just some background - while cybercrime convention is very important, many
> countries are not a party of it. It would be completely unfair to say that
> they - or ITU or UN for that matter - are circumventing the convention. ITU
> is certainly out of play in the cybercrime field now. The lost the mandate
> on the legislative help on cybercrime to UNDOC in 2010 after trying hard
> (they even published a model legislative language for developing countries
> that later was taken down from the web site) and UNODC later in 2013 failed
> to push forward the Comprehensive Study on Cybercrime that called for
> global convention - failed because of the strong support of the Council of
> Europe Convention from the states that are a party of it and that strongly
> opposed the UN-led solution. It has been a deadlock and the Council of
> Europe is the only body that has a long-term existing and working solution
> that is constantly being worked on. Neither ITU nor UN can really
> circumvent it or create something meaningful in response.
> ITU-EU sponsored projects were meant to enhance connectivity and security
> and ICT policy in different regions like Caribbean or small countries in
> Asia-Pacific. I do find it a failed attempt because they do not really
> contribute to the real legal cooperation in cybercrime. However, they were
> launched well before it was clear that UNODC or ITU can't push for a global
> solution and that this "help" will be so patchworked. So it's not something
> ITU is plotting now, the ITU-EU projects are being carried out from 2010
> and frankly speaking I don't think anyone really believes they would be as
> successful as planned. Many people realised that it was better to push for
> meaningful solution like Budapest convention instead of creating competing
> approaches that do not give real instruments for international cooperation
> and mutual legal assistance.
> I am very well aware of the content of model laws and from this point of
> view the article about Vanuatu law is misleading, e.g. in terms of what
> "illegal devices" mean in the ITU/EU laws. This might get
> misinterpretations on the national level during adoption, but the
> cybercrime model laws for the ITU/EU projects were drafted quite closely to
> the Budapest convention actually though with some strange novelties such
> illegal remaining. But illegal remaining does exist in some laws and has
> been widely discussed in professional circles as one of the possible forms
> of criminalisation. The model laws were drafted by the academics that at
> times were at the forefront of cybercrime legal discussions.
> I am not defending the ITU laws, I never liked them and was against some
> of the provisions, but at the end they were not that bad, just mostly
> useless from practical point of view. There are some lessons learnt since
> then - and for many of us one of them that there is nothing better that
> Budapest convention yet, however, the process with ITU/EU model laws
> started well before we lawyers learnt this.  At the end of the day - and
> article (unknowingly, I think) confirms it - the laws are adopted on the
> national level and sometimes are narrowed down, sometimes expanded. ITU has
> no control on this process and it's only national jurisdictions and
> legislators who are responsible for drafting them. Shifting this debate to
> the ITU that has not done much in this area of legislating crime for quite
> a long time - and frankly speaking - I don't see it taking over in this
> field in the nearest future because it has neither mandate nor real
> resources - it simply wrong. One either have to work on the national level
> or to put otherwise political pressure on the governments who adopt
> national laws like that.
> To really fight against poorly drafted solution one really needs good
> legal arguments related to the poor construction of cybercrime offences or
> poor oversight of investigatory powers (which frankly speaking is not only
> the case of Vanuatu - look at the current debate in the UK regarding the
> newly adopted legislation).
> If anyone on this list is interested in getting to know more of
> political/historical/legal context on this - happy to assist.
> Warm regards
> Tanya
> On 28/11/16 02:49, Sam Lanfranco wrote:
> Since there is a sense of urgency here I am quickly posting the following
> which may be additional useful information.
> It may be good counterpoint to what is proposed in Vanuatu... I will
> compare contents but that will take a day or so.
> Sam L.
> The European Union Agency for Network and Information Security (ENISA) is
> a centre of expertise for cyber security in Europe. It has just published a
> 60 page booklet Good Practice Guide on National Cyber Security Strategy.
> The booklet (in English) can be downloaded at:
> https://www.enisa.europa.eu/publications/ncss-good-practice-guide
> ENISA published its first National Cyber Security Strategy Good Practice
> Guide in 2012. Since then, EU Member States and EFTA countries have
> progressrf in developing and implementing their strategies. This guide is
> updating the different steps, objectives and good practices of the original
> guide and analyses the status of NCSS in the European Union and EFTA area.
> The aim is to support EU Member States in their efforts to develop and
> update their NCSS. Therefore, the target audience of this guide are public
> officials and policy makers. The guide also provides useful insights for
> the stakeholders involved in the lifecycle of the strategy, such as
> private, civil and industry stakeholders.
> On 11/27/2016 6:35 PM, Greg Shatan wrote:
> I am forwarding this email which is of considerable interest on several
> levels.
> Greg
> ---------- Forwarded message ----------
> From: Dan McGarry <dmcgarry at imagicity.com>
> Date: Sun, Nov 27, 2016 at 5:01 PM
> Subject: [Internet Policy] ITU circumventing Budapest Convention?
> To: "internetpolicy at elists.isoc.org" <internetpolicy at elists.isoc.org>
> As a media professional and technologist with over 2 decades' experience,
> I am deeply concerned about Vanuatu's proposed cybercrime bill, due to be
> voted on in the 2nd Ordinary Session of Parliament.
> I'm not the only one with concerns. This report for the Council of Europe
> raises concerns that the new bill is a step backward, not forward.
> <http://dailypost.vu/news/cybercrime-bill-unsafe/article_202
> 46b0c-7b6f-5bba-b766-41dd3de32b80.html>
> This is one of dozens of engagements between ITU-funded consultants and
> small states in the developing world. The report suggests that the ITU's
> offer of 'technical assistance' is effectively an attempt to subvert the
> Budapest Convention, to poison the well where international cooperation on
> cybercrime is concerned, and to use 'child protection' as a lever widen the
> ITU's own mandate and powers.
> The effects on the ground are worrying to say the least. As near as I can
> tell, the proposed bill (linked on the article's page above) knocks holes
> in human rights protections, and creates alarming search & seizure and
> surveillance powers for the state. Effectively, we're one bad magistrate
> away from having a secret police if this becomes law.
> I'm happy to fight my own battles of course, but I'm raising the issue
> here because it appears that this is part of an international campaign
> against a free and open internet as those of us on this list might imagine
> it.
> I'd encourage anyone with technical/legal expertise to take a look at the
> link above, and the cybercrime bill itself, and either to raise any issues
> here or contact me directly.
> The CoE report on which the story is based can be found here:
> <https://www.coe.int/t/dghl/cooperation/economiccrime/Source
> /Cybercrime/TCY/2014/3021_model_law_study_v15.pdf>
> --
> Dan McGarry      dmcgarry at imagicity.com
> Photos:          http://humansofvanuatu.com/
>                  http://imagicity.com/
> _______________________________________________
>   <content deleted>
> --
> ------------------------------------------------
> "It is a disgrace to be rich and honoured
> in an unjust state" -Confucius
>  邦有道,贫且贱焉,耻也。邦无道,富且贵焉,耻也
> ------------------------------------------------
> Dr Sam Lanfranco (Prof Emeritus & Senior Scholar)
> Econ, York U., Toronto, Ontario, CANADA - M3J 1P3
> email: Lanfran at Yorku.ca   Skype: slanfranco
> blog:  https://samlanfranco.blogspot.com
> Phone: +1 613-476-0429 cell: +1 416-816-2852
> _______________________________________________
> ccwg-internet-governance mailing listccwg-internet-governance at icann.orghttps://mm.icann.org/mailman/listinfo/ccwg-internet-governance
> _______________________________________________
> ccwg-internet-governance mailing list
> ccwg-internet-governance at icann.org
> https://mm.icann.org/mailman/listinfo/ccwg-internet-governance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ccwg-internet-governance/attachments/20161128/729c2099/attachment-0001.html>

More information about the ccwg-internet-governance mailing list