Friday, September 01, 2006

Privacy and free speech concerns of the Convention on Cybercrime

In the beginning of August 2006 the US Senate ratified unanimously and without amendment the "Council of Europe Convention on Cybercrime", which obliges the countries that are parties to it to enact laws related to computer related crimes. The treaty also requires the parties to pass various laws related to criminal procedure, search and seizure, electronic intercepts, and data retention, that will largely add to governmental powers, which are not limited to investigation and prosecution in cybercrime cases and will apply to other criminal offences performed by the use of computers and to the collection of digital evidence, regardless the type of crime, according to its article 14.2 b and c.
But probably the most contentious features of the convention are that it requires almost automatic mutual assistance, and has no dual criminality provision, which means that a party will be obligated to compel search and seizure, data retention, and intercept assistance from a domestic service provider, at the demand of a foreign government, when the related activity is a crime in that foreign country, but legal in the requested party. For example, it will be interesting to see the reaction of the courts when a European party requests compliance with the treaty by the US when prosecuting a person accused of using a computer to disseminate hate speech that is constitutionally protected free speech in the U.S.
If the Convention is to be properly enforced, it seems that the U.S. government assertion that the convention is in full accord with all U.S. constitutional protections, such as free speech and other civil liberties and will not require the U.S. to change any of its laws does not stand the minimum analysis. However, there were some groups that found the passage of the law an occasion to celebrate. Both the Business Software Alliance and the Information Technology Association of America rejoiced and praised the SenateÂ’s approval, and probably it had a lot to do with article 10 of the Convention, which includes protection to intellectual property rights.
Parts of the treaty have been criticized by the Center for Democracy and Technology, the Electronic Privacy Information Center, and the American Civil Liberties Union for its language regarding data retention, intercepts, search and seizure and government surveillance, arguing that the treaty harms privacy rights by creating invasive investigative techniques withoutt providing privacy and civil liberties safeguards, and specifically lacking judicial review and probable cause determinations required under the US Constitution Fourth Amendment. This becomes of crucial importance after the ACLU v NSA decision of a couple of weeks ago.

No comments: