Entry into force of Convention on Cybercrime

By EDRi · March 24, 2004

The Council of Europe’s Convention on Cybercrime will enter into force on
1 July 2004, following its ratification by Lithuania. The convention
requires at least 5 CoE members to ratify. Previously Albania, Croatia,
Estonia and Hungary have done so.

The convention’s aim is to develop a common criminal policy on cybercrime
by promoting international co-operation and the adoption of appropriate
legislation. Signatories will have to implement into their national law
criminal code concerning computer crime and will also have to give their
police new powers to conduct investigations regarding computers and the

Besides computer hacking and viruses, the convention covers (virtual)
child pornography and computer-related fraud. Police forces in the
ratifying countries will get new powers to seize data, intercept
communications and request cross-border assistance.

Many provisions in the convention do not have to be implemented to the
full extent. For example countries may require that computer hacking is
committed by infringing security measures. But it is also possible to make
hacking a crime if it is done without breaking any security (for example
if the computer involved has no security protection).

The convention has been criticised by civil liberty groups and the
European data commissioners for the secretive process by which it was
created and for not requiring countries to protect civil rights while
extending police powers.

The Council of Europe has 45 members of which 33 countries have signed the
convention. Non-member countries such as the USA, Canada, South-Africa and
Japan also joined. As a follow-up, the Council is planning a major
international conference on ‘The Challenge of Cybercrime’, which will
bring together senior politicians, computer industry leaders and experts
from around the world in Strasbourg from 15 to 17 September 2004.

The convention on cybercrime