[ccwg-internet-governance] Fwd: [Internet Policy] ITU circumventing Budapest Convention?

Judith Hellerstein judith at jhellerstein.com
Mon Nov 28 12:43:57 UTC 2016


Thanks Tanya for this helpful rendition.  I would be interested in the political, historical, and legal context.  I also agree that the ITU has no mandate and also no knowledge in th area.  They tried to gain traction by offing some capacity building money but even this failed as the itu could not follow thru on this since it had no experts. Also i had thought that the UNODC who is in charge of cybercrimes. I have not followed the, closely but thought that when they finally had gotten a new head things would move faster and they would be providing more capacity building in this area

Best,
Judith

Sent from my iPad
Judith at jhellerstein.com
Skype ID: judithhellerstein

> On Nov 28, 2016, at 2:55 AM, Dr. Tatiana Tropina <t.tropina at mpicc.de> wrote:
> 
> Dear all,
> 
> I have not written to this list yet though I am reading it :-) as someone who has been working in the field of cybercrime legislation for quite a number of years and is well aware of the ITU-EU projects, I feel like I need to bring my 2c. 
> While I am a big supporter of the CoE cybercrime convention and in general I do oppose the ITU-EU developed model laws (I was myself participating in one of those project in Caribbean and frankly speaking I don't see the value in such "hamronsiation" and rather see it as further fragmentation of approaches), I find this article about Vanuatu provided in the email very alarmist and to some extent incorrect.
> 
> Just some background - while cybercrime convention is very important, many countries are not a party of it. It would be completely unfair to say that they - or ITU or UN for that matter - are circumventing the convention. ITU is certainly out of play in the cybercrime field now. The lost the mandate on the legislative help on cybercrime to UNDOC in 2010 after trying hard (they even published a model legislative language for developing countries that later was taken down from the web site) and UNODC later in 2013 failed to push forward the Comprehensive Study on Cybercrime that called for global convention - failed because of the strong support of the Council of Europe Convention from the states that are a party of it and that strongly opposed the UN-led solution. It has been a deadlock and the Council of Europe is the only body that has a long-term existing and working solution that is constantly being worked on. Neither ITU nor UN can really circumvent it or create something meaningful in response. 
> ITU-EU sponsored projects were meant to enhance connectivity and security and ICT policy in different regions like Caribbean or small countries in Asia-Pacific. I do find it a failed attempt because they do not really contribute to the real legal cooperation in cybercrime. However, they were launched well before it was clear that UNODC or ITU can't push for a global solution and that this "help" will be so patchworked. So it's not something ITU is plotting now, the ITU-EU projects are being carried out from 2010 and frankly speaking I don't think anyone really believes they would be as successful as planned. Many people realised that it was better to push for meaningful solution like Budapest convention instead of creating competing approaches that do not give real instruments for international cooperation and mutual legal assistance. 
> I am very well aware of the content of model laws and from this point of view the article about Vanuatu law is misleading, e.g. in terms of what "illegal devices" mean in the ITU/EU laws. This might get misinterpretations on the national level during adoption, but the cybercrime model laws for the ITU/EU projects were drafted quite closely to the Budapest convention actually though with some strange novelties such illegal remaining. But illegal remaining does exist in some laws and has been widely discussed in professional circles as one of the possible forms of criminalisation. The model laws were drafted by the academics that at times were at the forefront of cybercrime legal discussions. 
> I am not defending the ITU laws, I never liked them and was against some of the provisions, but at the end they were not that bad, just mostly useless from practical point of view. There are some lessons learnt since then - and for many of us one of them that there is nothing better that Budapest convention yet, however, the process with ITU/EU model laws started well before we lawyers learnt this.  At the end of the day - and article (unknowingly, I think) confirms it - the laws are adopted on the national level and sometimes are narrowed down, sometimes expanded. ITU has no control on this process and it's only national jurisdictions and legislators who are responsible for drafting them. Shifting this debate to the ITU that has not done much in this area of legislating crime for quite a long time - and frankly speaking - I don't see it taking over in this field in the nearest future because it has neither mandate nor real resources - it simply wrong. One either have to work on the national level or to put otherwise political pressure on the governments who adopt national laws like that. 
> To really fight against poorly drafted solution one really needs good legal arguments related to the poor construction of cybercrime offences or poor oversight of investigatory powers (which frankly speaking is not only the case of Vanuatu - look at the current debate in the UK regarding the newly adopted legislation). 
> If anyone on this list is interested in getting to know more of political/historical/legal context on this - happy to assist. 
> Warm regards
> 
> Tanya 
> 
>> On 28/11/16 02:49, Sam Lanfranco wrote:
>> Since there is a sense of urgency here I am quickly posting the following which may be additional useful information. 
>> It may be good counterpoint to what is proposed in Vanuatu... I will compare contents but that will take a day or so. 
>> Sam L. 
>> 
>> The European Union Agency for Network and Information Security (ENISA) is a centre of expertise for cyber security in Europe. It has just published a 60 page booklet Good Practice Guide on National Cyber Security Strategy. The booklet (in English) can be downloaded at: https://www.enisa.europa.eu/publications/ncss-good-practice-guide
>> 
>> ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have progressrf in developing and implementing their strategies. This guide is updating the different steps, objectives and good practices of the original guide and analyses the status of NCSS in the European Union and EFTA area. The aim is to support EU Member States in their efforts to develop and update their NCSS. Therefore, the target audience of this guide are public officials and policy makers. The guide also provides useful insights for the stakeholders involved in the lifecycle of the strategy, such as private, civil and industry stakeholders.
>> 
>>> On 11/27/2016 6:35 PM, Greg Shatan wrote:
>>> I am forwarding this email which is of considerable interest on several levels.
>>> 
>>> Greg
>>> ---------- Forwarded message ----------
>>> From: Dan McGarry <dmcgarry at imagicity.com>
>>> Date: Sun, Nov 27, 2016 at 5:01 PM
>>> Subject: [Internet Policy] ITU circumventing Budapest Convention?
>>> To: "internetpolicy at elists.isoc.org" <internetpolicy at elists.isoc.org>
>>> 
>>> 
>>> As a media professional and technologist with over 2 decades' experience, I am deeply concerned about Vanuatu's proposed cybercrime bill, due to be voted on in the 2nd Ordinary Session of Parliament.
>>> 
>>> I'm not the only one with concerns. This report for the Council of Europe raises concerns that the new bill is a step backward, not forward.
>>> 
>>> <http://dailypost.vu/news/cybercrime-bill-unsafe/article_20246b0c-7b6f-5bba-b766-41dd3de32b80.html>
>>> 
>>> This is one of dozens of engagements between ITU-funded consultants and small states in the developing world. The report suggests that the ITU's offer of 'technical assistance' is effectively an attempt to subvert the Budapest Convention, to poison the well where international cooperation on cybercrime is concerned, and to use 'child protection' as a lever widen the ITU's own mandate and powers.
>>> 
>>> The effects on the ground are worrying to say the least. As near as I can tell, the proposed bill (linked on the article's page above) knocks holes in human rights protections, and creates alarming search & seizure and surveillance powers for the state. Effectively, we're one bad magistrate away from having a secret police if this becomes law.
>>> 
>>> I'm happy to fight my own battles of course, but I'm raising the issue here because it appears that this is part of an international campaign against a free and open internet as those of us on this list might imagine it.
>>> 
>>> I'd encourage anyone with technical/legal expertise to take a look at the link above, and the cybercrime bill itself, and either to raise any issues here or contact me directly.
>>> 
>>> The CoE report on which the story is based can be found here:
>>> 
>>> <https://www.coe.int/t/dghl/cooperation/economiccrime/Source/Cybercrime/TCY/2014/3021_model_law_study_v15.pdf>
>>> 
>>> 
>>> 
>>> -- 
>>> Dan McGarry      dmcgarry at imagicity.com
>>> 
>>> Photos:          http://humansofvanuatu.com/
>>>                  http://imagicity.com/
>>> _______________________________________________
>>   <content deleted>
>> 
>> -- 
>> ------------------------------------------------
>> "It is a disgrace to be rich and honoured
>> in an unjust state" -Confucius
>>  邦有道,贫且贱焉,耻也。邦无道,富且贵焉,耻也
>> ------------------------------------------------
>> Dr Sam Lanfranco (Prof Emeritus & Senior Scholar)
>> Econ, York U., Toronto, Ontario, CANADA - M3J 1P3
>> email: Lanfran at Yorku.ca   Skype: slanfranco
>> blog:  https://samlanfranco.blogspot.com
>> Phone: +1 613-476-0429 cell: +1 416-816-2852
>> 
>> 
>> _______________________________________________
>> ccwg-internet-governance mailing list
>> ccwg-internet-governance at icann.org
>> https://mm.icann.org/mailman/listinfo/ccwg-internet-governance
> 
> _______________________________________________
> ccwg-internet-governance mailing list
> ccwg-internet-governance at icann.org
> https://mm.icann.org/mailman/listinfo/ccwg-internet-governance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ccwg-internet-governance/attachments/20161128/c0a87e37/attachment.html>


More information about the ccwg-internet-governance mailing list