Cybercrime Treaty Draft: Take 23

[William Knowles <wk () C4I ORG>]

http://www.wired.com/news/politics/0,1283,40134,00.html

Reuters
7:00 a.m. Nov. 13, 2000 PST

PARIS -- The world's first cybercrime treaty is being hastily
redrafted after Internet lobby groups assailed it as a threat to human
rights that could have "a chilling effect on the free flow of
information and ideas."

The Council of Europe, a 41-nation human rights watchdog based in
Strasbourg drawing up the treaty, plans to issue a new draft late this
week to clarify passages that led to what it sees as serious
misunderstandings, a senior official said.

The civil servants negotiating the treaty, which is due to be
completed next month, were inundated with over 400 e-mails after they
published the text -- in its 22nd draft -- on the Council's new
website in April.

"We were surprised by the violence of these comments," said Peter
Csonka, deputy head of the Council of Europe's economic crime division
which oversees the drafting.

"We do not want to pass a text against the people," he told Reuters.
"We have learned we have to explain what we mean in plain language
because legal terms are sometimes not clear."

The council has been working since May 1997 on a treaty to harmonize
laws against hacking, fraud, computer viruses, child pornography and
other Internet crimes and ensure common methods of securing digital
evidence to trace and prosecute criminals.

Member delegations -- including observers from the United States,
Canada and Japan and comprising about 80 percent of the world's
Internet traffic -- worked in relative obscurity until the council
posted the treaty on its website.

Like the World Trade Organization before its tumultuous 1999 Seattle
summit, the council found to its surprise that the Internet has
multiplied the options for pressure groups it never had to deal with
before.

Last month, 35 lobby groups -- ranging from Internet users to civil
liberties activists and anti-censorship groups -- wrote to the council
urging it to hold up the treaty.

"We believe that the draft treaty is contrary to well-established
norms for the protection of the individual (and) that it improperly
extends the police authority of national governments," wrote the group
known as the Global Internet Liberty Campaign.

It said making hacking a crime would outlaw "cracking" programs that
technicians use to test the security of their own systems by
simulating online computer break-ins.

A provision forcing Internet service providers to store data would
threaten users' privacy and would create a pool of data that could be
used "to identify dissidents and persecute minorities," the group
said.

The draft pact could have "a chilling effect on the free flow of
information and ideas," the group's letter added.

The letter also warned that a passage requiring access to encryption
keys would force people to incriminate themselves.

"That was never our intention," said Csonka, adding new language has
been added to make the text clear to non-lawyers.

One new passage spells out that "cracking" computer systems to test
security is legal and that ISPs would only be asked to store specific
data related to a suspected crime, not vast quantites of traffic that
would swamp their systems.

The new draft also points out that wherever needed, domestic laws on
evidence and privacy and against self-incrimination would naturally
apply and that the treaty -- which cannot supersede national law --
would not create any new powers.

"We are trying to take all the criticisms into account," said a
British Home Office (interior ministry) official. "The final draft may
still upset some people, but it will be a better treaty."

After being completed, the draft should be accepted by the Council of
Europe next June and then ratified by member states over the next year
or two. Countries not involved in the drafting can later sign the
treaty and apply its guidelines.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".