The latest draft of the United Nations Cybercrime Treaty has triggered widespread criticism from cybersecurity experts and human rights groups. The treaty, currently under negotiation by member states, is seen by many as a “significant step in the wrong direction.” The draft, published late last month, has been accused of broadening its scope beyond specific cybercrimes, potentially criminalizing legitimate cybersecurity research and undermining human rights.
Katitza Rodriguez, the policy director for global privacy at the Electronic Frontier Foundation (EFF), expressed deep concerns about the draft, stating that it not only disregards but exacerbates existing issues. Rodriguez highlighted the expansion of the treaty’s scope to encompass a range of non-cybercrimes, along with an overreach in investigating and prosecuting offenses beyond those detailed in the treaty. The new version retains the controversial provision allowing states to compel engineers to undermine security measures, posing a threat to encryption.
Human Rights Watch acting associate director Deborah Brown raised concerns that the latest draft facilitates potential abuses on a global scale. The draft gives governments expansive cross-border powers to investigate a wide range of crimes, including peaceful dissent or expressions of sexual orientation. The treaty’s purpose, initially aimed at addressing genuine cybercrime, is viewed as being undermined by the new draft’s impact on human rights, global cooperation, and cybersecurity.
The Cybersecurity Tech Accord, representing more than 157 large tech companies, also expressed grave concerns about the treaty’s direction. The group warned that if adopted in its current form, the treaty would erode data privacy, weaken cybersecurity, and undermine online rights and freedoms worldwide. The latest draft adds concerning provisions covering any crime involving technology, extends extraterritorial surveillance without safeguards, and could criminalize legitimate cybersecurity research and penetration testing.
The ongoing negotiations involve member states with varying perspectives. Some, led by Russia and China, advocate for an expansive treaty allowing countries to make localized determinations of cybercrime. On the other hand, the United States, European Union, and several Latin American states argue for a more targeted treaty focused on core cybercrime offenses. As tensions rise and cyber operations become a common tool in international conflicts, the outcome of these negotiations could have far-reaching implications for global cybersecurity and human rights.