HOW TO FURTHER IMPROVE UN TREATY ON CYBERCRIME
Igor Ryadovsky, Head of Cyber Incidents Investigation
In the modern world, which is characterized by expanding digitalization, cyber-related issues have become an essential part of the global landscape. That is why the fight against cybercrime requires both broad international cooperation and a public-private
partnership. Joint work is impossible without harmonization of the “rules of game” when fighting criminals in cyberspace.
As a leading global cybersecurity vendor Kaspersky, acknowledges the importance of a comprehensive and effective framework with clear guidelines and best practices to cooperate in order to combat the growing threats posed by cybercrime, while ensuring the protection of human rights and privacy. Therefore, the company has been actively contributing to the work of the UN-created Ad Hoc Committee which is currently working on the International Convention on Cybercrime The company’s position was reflected in a submission paper presented to the Ad Hoc Committee. Below are the main suggestions which, in our view, could help to improve the global fight against cybercriminals.
#1. Define and protect ethical security researchers and ethical hackers
Being closely engaged in finding and responsibly disclosing software vulnerabilities, ethical security researchers and ethical hackers play an important role in fighting cybercrime, thus building a safe and secure digital space. However, current international and national legislation largely disregards the interests of these professionals, making them vulnerable to unfair prosecution.
The current state of affairs is clearly having a negative impact on cybersecurity and needs to be improved. The first step in this direction, in our view, could be to include terms such as ‘ethical security researcher’ and ‘ethical hacker’ in a future Convention.
We also believe that the Convention should afford the proactive legal protection to these professionals, who should be entitled to it unless they are engaged in actions that are detrimental to or violate established domestic legislation. Additionally, proof of criminal intent should be considered an obligatory prerequisite for determining criminal actions subject to the Convention. These provisions are particularly important in cases which involve ethical hackers testing computer systems by attempting unauthorized access.
#2. Enhance expedited international cooperation
Cybercrime transcends national borders. As a result, effectively of combatting it requires broad cooperation between competent authorities from all countries. As time is usually of the essence when investigating cybercrimes, there is an urgent need for streamlined procedures. The high volatility of electronic evidence demands the introduction of mechanisms to expedite the preservation and seizure of evidence upon request from competent authorities.
The draft Convention includes numerous provisions aimed at expediting procedures for mutual assistance. In particular, it promotes the prompt and proper execution or transmission of requests (Article 40), and introduces standards for international cooperation on expedited preservation of stored data and rapid disclosure of preserved traffic data, respectively (Articles 42-43). Furthermore, the States Parties to the Convention would designate “contact centers” that operate 24 hours a day, 7 days a week, and are responsible for providing immediate assistance (Article 41).
#3. Ensure protection of users’ rights and privacy
While the fight against cybercrime is of paramount importance, it must not come at the expense of the principles ensuring the protection of personal information.
The Convention acknowledges the right to protection against unlawful interference with privacy in its preamble. Furthermore, throughout its text, there are a number of provisions which highlight respect for human rights and the protection of personal data.
We welcome these provisions and believe that they should be an integral part of the future Convention.
#4. Increase the role of public-private cooperation
With its vast experience and expertise in countering cybercriminals, the private sector meaningfully helps governments to combat malicious actors in the cyber domain. In particular, Kaspersky has a long record of assisting national and international law enforcement agencies in the fight against cybercrime. Most notably, we work closely with INTERPOL, both as active participants in Project Gateway, and on a bilateral basis by sharing necessary technical information and threat intelligence with INTERPOL while also providing cybersecurity training opportunities.
The growing role of non-governmental actors did not go unnoticed, as the Convention includes numerous provisions which promote public-private partnership in cybersecurity. Although we welcome them, our stance is that the non-government sector has much more to offer than the Convention mentions.
First, we propose that consideration be given to including in the Convention specific provisions that would streamline the procedure of requesting forensic expertise for judicial proceedings delivered by IT companies at the request of law enforcement agencies. The procedure currently in place to arrange for private forensic expert analysis to be admitted in court at the request of law enforcement agencies is largely ineffective and reduces the ability for the private sector to assist these agencies and the courts in providing forensic expertise that can assist in solving alleged cybercrimes.
Second, Kaspersky proposes that the Convention should consider including specific provisions that would encourage States Parties to establish and expand public-private partnerships in the sphere of cyberskills training. Leading IT vendors have accumulated greater experience in some areas (like analyzing specific cyberthreats), than most national law enforcement agencies, and we could share our expertise with the public authorities through special training programs.
Finally, Kaspersky advocates for the establishment of a permanent advisory panel to the Conference of the States Parties of the Convention (mentioned in Article 57). The new advisory panel could include experts from relevant organizations that have been approved to participate in the work of the Ad Hoc Committee, as well as from other non-governmental entities that may express interest in joining the panel.
In conclusion, while the Convention can be a crucial instrument for addressing cybercrime, it is important to ensure that it neither impedes the work of cybersecurity specialists – including that of ethical hackers and ethical security researchers whose jobs do not violate established domestic legislation – nor creates risks to the safety and security of personal data. With these provisions taken into consideration, the Convention can be an effective framework in the fight against cybercrime.
International initiative aimed at fostering data sharing on cyberthreats between private-sector companies and INTERPOL. ↑