Context

Recently, United Nations approved a Russian-led resolution that aims to create a new convention on cyber crime when Budapest Convention is already there. India has voted in its favour. Russia has opposed the Budapest Convention, arguing that giving investigators access to computer data across borders violates national sovereignty.

About

• The Council of Europe’s (CoE) Cybercrime Convention is also known as the Budapest Convention. It was open for signature in 2001 and came into force in 2004.
• The convention is the sole legally binding international multilateral treaty on cybercrime. It coordinates cybercrime investigations between nation-states and criminalizes certain cybercrime conduct.
• It serves as a guideline for any country developing comprehensive national legislation against Cybercrime and as a framework for international cooperation between state parties to this treaty.
• The Budapest Convention is supplemented by a Protocol on Xenophobia and Racism committed through computer systems.
• India is not a signatory to Budapest Convention.

Significance

• Almost all stakeholders agree that the current form of cross-border data sharing for law enforcement through the Mutual Legal Assistance Treaty (MLAT) is insufficient for the digital age. However, there is an ongoing debate whether to revamp MLAT or form an entirely new system for cybercrimes in the form of this Convention.
• This Convention has eagerly called for Indian participation since its formation in 2001, but India has decided not to be a party to it.

Russia-led Resolution to replace Budapest Convention

• The Russian proposal entitled “Countering the use of information and communications technologies for criminal purposes” was recently put forth in the United Nations General Assembly (UNGA).
• This recent UN proposal follows previous Russian initiatives, including the “Draft United Nations Convention on Cooperation in Combating Cybercrime” in 2017 to develop a UN convention on cybercrime.
• The Russian proposal calls for creation of a committee that will convene in August 2020 in New York in order to establish a new treaty through which nation-states can coordinate and share data to prevent cybercrime.
• This draft Convention goes far beyond what the Budapest Convention allows for regarding cross-border access to data, including limiting the ability of a signatory to refuse to provide access to requested data.
• This is the reason why several human rights groups criticize the UN proposal as a way to extend a Chinese and Russian form of internet governance, or the so-called “closed Internet” or “state-controlled internet.”
• If this resolution will be passed by the UNGA, it will become the second international convention on cybercrime.
• Russia and China question the Budapest Convention on the grounds of national sovereignty issues, thereby proposing their own treaty at the UN.

India’s Stand

• India maintained its status as a non-member of the Europe-led Budapest Convention. Although, India voted in favour of a Russian-led UN resolution to set up a separate convention.
• According to the Intelligence Bureau (IB), data sharing with foreign law enforcement agencies infringes on national sovereignty of India.
• India has also previously argued that it will not sign onto the Budapest treaty since it was drafted without its participation.

Conclusion

The Budapest Convention was drafted by the Council of Europe. Other countries have joined, including the United States and Japan. A new U.N. treaty on cybercrime could render the Budapest Convention obsolete, further alarming rights groups. Moreover, the concerns raised by countries like Russia, China and India should be resolved to prevent mandatory information sharing under Budapest Convention.