Latest Draft of UN Cybercrime Treaty Is A Big Step Backward

A new draft of the controversial United Nations Cybercrime Treaty has only heightened concerns that the treaty will criminalize expression and dissent, create extensive surveillance powers, and facilitate cross-border repression.
The proposed treaty, originally aimed at combating cybercrime, has morphed into an expansive surveillance treaty, raising the risk of overreach in both national and international investigations.
The new draft retains a controversial provision allowing states to compel engineers or employees to undermine security measures, posing a threat to encryption.
This new draft not only disregards but also deepens our concerns, empowering nations to cast a wider net by accessing data stored by companies abroad, potentially in violation of other nations' privacy laws.
It perilously broadens its scope beyond the cybercrimes specifically defined in the Convention, encompassing a long list of non-cybercrimes.
This draft retains the concerning issue of expanding the scope of evidence collection and sharing across borders for any serious crime, including those crimes that blatantly violate human rights law.
This new version overreaches in investigating and prosecuting crimes beyond those detailed in the treaty; until now such power was limited to only the crimes defined in article 6-16 of the convention.
We are deeply troubled by the blatant disregard of our input, which moves the text further away from consensus.
This isn't just an oversight; it's a significant step in the wrong direction.
Initiated in 2022, treaty negotiations have been marked by ongoing disagreements between governments on the treaty's scope and on what role, if any, human rights should play in its design and implementation.
The new draft was released Tuesday, Nov. 28; governments will hold closed-door talks December 19-20 in Vienna, in an attempt to reach consensus on what crimes to include in the treaty, and the draft will be considered at the final negotiating session in New York at the end of January 2024, when it's supposed to be finalized and adopted.
Deborah Brown, Human Rights Watch's acting associate director for technology and human rights, said this latest draft "Is primed to facilitate abuses on a global scale, through extensive cross border powers to investigate virtually any imaginable 'crime' - like peaceful dissent or expression of sexual orientation - while undermining the treaty's purpose of addressing genuine cybercrime. Governments should not rush to conclude this treaty without ensuring that it elevates, rather than sacrifices, our fundamental rights."


This Cyber News was published on www.eff.org. Publication date: Fri, 01 Dec 2023 23:06:57 +0000


Cyber News related to Latest Draft of UN Cybercrime Treaty Is A Big Step Backward

Latest Draft of UN Cybercrime Treaty Is A Big Step Backward - A new draft of the controversial United Nations Cybercrime Treaty has only heightened concerns that the treaty will criminalize expression and dissent, create extensive surveillance powers, and facilitate cross-border repression. The proposed treaty, ...
10 months ago Eff.org
The New Cybercrime Atlas: A Collaborative Approach to Fighting Digital Crime - The global transition to the digital economy means that the operations of governments, critical infrastructures, businesses, and individuals are now a tightly integrated system of interconnected resources. Cybercrime presents a significant risk to ...
8 months ago Feeds.fortinet.com
UN Cybercrime Convention: Tight Timeframe to Create New Global Approach to Combat Cybercrime - Cybercrime is a growing problem that affects nearly all of the world's nearly 200 nation-states. From ransomware attacks to rampant cryptocurrency theft, criminal exploitation of borderless digital systems threatens global economic security and the ...
1 year ago Csoonline.com
Google Online Security Blog: UN Cybercrime Treaty Could Endanger Web Security - As more aspects of our lives intersect with the digital sphere, law enforcement around the world has increasingly turned to electronic evidence to investigate and disrupt criminal activity. Google takes the threat of cybercrime very seriously, and ...
8 months ago Security.googleblog.com
CVE-2022-30426 - There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow ...
2 years ago
Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation and Information Sharing - As we reflect on 2022, we've seen that malicious actors are constantly coming up with new ways to weaponize technologies at scale to cause more disruption and devastation. The dangers are showing up everywhere - and more frequently. The volume and ...
1 year ago Securityweek.com
Prioritizing cybercrime intelligence for effective decision-making in cybersecurity - In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Our discussion will cover a range of essential aspects, from the importance of continuous ...
8 months ago Helpnetsecurity.com
Latest Information Security and Hacking Incidents - Cybercrime has transpired as a serious threat in India, prompting calls for comprehensive reforms and collaborative efforts from various stakeholders. Experts and officials emphasise the pressing need to address the evolving nature of cyber threats ...
4 months ago Cysecurity.news
F5 Developing Fix for BIG-IP Vulnerability That Could Cause Denial of Service and Allow for Code Execution - F5 has warned of a serious format string vulnerability in BIG-IP that could allow an authenticated attacker to cause a denial-of-service and potentially execute malicious code. This security issue, tracked as CVE-2023-22374, affects iControl SOAP, an ...
1 year ago Securityweek.com
Microsoft takes down websites used to create 750 million fraudulent accounts - Microsoft seized certain websites run by a Vietnam-based group that created roughly 750 million fraudulent Microsoft accounts after the software maker received a court order a week ago from the Southern District of New York. Posting to its blog Dec. ...
9 months ago Packetstormsecurity.com
Understanding the Seizure of Dark Web Sites Linked to the Hive Ransomware - Recently, law enforcement seized several dark web sites linked to the Hive ransomware. The Hive ransomware is a potent form of malware that cybercriminals use to target organizations and individual computer users in order to demand a ransom for ...
1 year ago Bleepingcomputer.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
1 week ago Aws.amazon.com
6 Facts About How INTERPOL Fights Cybercrime - Interpol recently celebrated its 100th anniversary, and as it steps into its second century of operation it remains highly relevant as a policing organization of our technical age. Interpol's global cybercrime program is one of four law enforcement ...
4 months ago Darkreading.com
CVE-2015-7393 - dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, ...
8 years ago
CVE-2015-8099 - F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before ...
5 years ago
How To Assess MDR Providers with MITRE ATT&CK Steps - It has become essential for organizations to leverage managed detection and response (MDR) solutions in order to protect their systems and data from the ever-increasing number of cybersecurity threats. However, when assessing potential MDR providers, ...
1 year ago Csoonline.com
Holistic Approach To Privacy and Security in Tech - In this article, I would like to explain how I tackle privacy and security issues that are specific for large scale web and mobile applications and Big Tech. First, let's outline some of the biggest challenges Big Tech companies deal with in terms of ...
10 months ago Feeds.dzone.com
CVE-2016-5022 - F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x ...
5 years ago
US charged 19 suspects linked to xDedic cybercrime marketplace - The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. An international operation ...
9 months ago Bleepingcomputer.com
Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole - The Federal Communications Commission has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then. Net neutrality is the ...
5 months ago Eff.org
The Dark Side of Digital Reading: E-Books as Corporate Surveillance Tools - Americans are reading digital books at a rate of three out of ten. In a market where the majority of readers are subject to both Big Publishing's greed and those of Big Tech, it is no surprise that these readers are subject to both the greed of Big ...
9 months ago Cysecurity.news
Latest Information Security and Hacking Incidents - The Cybercrime Atlas initiative has shifted into its operational phase in 2024, marking a significant milestone in global cybersecurity efforts. Originating from discussions at the RSA Conference two years prior, the initiative aims to dismantle ...
6 months ago Cysecurity.news
CVE-2015-5516 - Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 ...
5 years ago
Pope Francis Urges Binding Treaty To Regulate AI - Annual message from pope to global leaders calls for legally binding international treaty to regulate artificial intelligence. Pope Francis has directly intervened in the discussion about regulating artificial intelligence, with a salient warning ...
9 months ago Silicon.co.uk
Nigerian Police dismantle cybercrime recruitment, mentoring hub - The Nigerian Police Form has arrested six suspects and dismantled a mentoring hub linked to cybercrime activities, including business email compromise, romance, and investment scams. After receiving intelligence and investigating a group of ...
10 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)