As United Nations member states negotiate a treaty to counter cybercrimes, India has made suggestions at the international forum that transfer of “personal data” under the convention will be done in accordance with the country’s domestic laws and no other applicable international laws.
Since May 2021, UN member states have been negotiating an international treaty on countering cybercrime.
If adopted by the UN General Assembly, it would be the first binding UN instrumenton a cyber-issue.
At the sixth session of the “Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes” held recently, India proposed a clause encouraging state parties to “establish bilateral or multilateral arrangements” to facilitate the transfer of personal data.
U.N. Cyber Crime Convention
This is a treaty that could become an important global legal framework for international cooperation on preventing and investigating cybercrime, and prosecuting cybercriminals.
It is yet not ratified and is in a draft stage.
What is cybercrime?
There is no universally accepted definition of cybercrime.
A common approach is to define it in two categories:
Cyber-dependent crimes are crimes that can only be committed by using Information and Communication Technologies (ICTs).
Cyber-enabled crimes are so-called traditional crimes that have been transformed in speed, scale and scope through the use of ICTs, such as online banking scams, identity theft or fraud, and online child sexual exploitation.
India’s Suggestions to draft ‘UN Cybercrime convention’:
India also agreed to the clause that state parties may transfer personal data to a third country or an international organisation only with the prior written authorization of the original transferring state party, subject to effective and appropriate safeguards.
According to the draft, each state party shall designate a point of contact available 24 hours a day, seven days a week, in order to ensure the provision of immediate assistance for the purpose of investigations, prosecutions or judicial proceedings concerning criminal offences established in accordance with the convention.
There are global asymmetries in state capacity (including funding and resources) and skills required to counter cybercrime.
Developing states are disproportionately vulnerable to the direct and indirect impacts of cybercrime, making capacity-building a particularly urgent priority.
The treaty’s chapter on technical assistance outlines state parties’ duties and expectations for addressing gaps in capacity.
Some developing states have requested commitments to technology transfer, which could include ‘dual-use’ technologies that have both civil/commercial and weapons/military applications.
Other states have refused these proposals, citing concerns about the potential scope for abuse.