09 Aug Senate Ratifies CyberCrime Treaty: Should We Care?
I missed this item from last week noting that the U.S. Senate gave its approval last Friday to the Council of Europe’s Cybercrime Treaty.
I have also not been following the debate over the treaty, which is opposed by some civil libertarian types and former Clinton impeachment manager Bob Barr. Here is the basic complaint, which sounds scary enough, but seems way overblown:
Now, thanks to the Senate’s indifference, any person in this country who uses a computer in a manner that is of interest to a law enforcement agency of another country that has signed the Cybercrime Treaty may find themselves subject to our government collecting information on them and then sharing it with that foreign agency.
I don’t quite see this – the obligation to provide assistance is there, but it has zillions of exceptions. The government may indeed be spying on its citizens, but it is certainly not required by the treaty to do this.
Barr also has another, more clearly wrong claim:
In addition, if disputes under the treaty arise, the foreign requesting government is empowered to take the issue to the International Court of Justice. Even though the United States has not formally acceded to the court, it would be required pursuant to the terms of the Cybercrime Treaty to be bound by its decisions.
This is just wrong. In Article 45, the
parties to the treaty “shall seek a settlement of the dispute through negotiation or any other peaceful means of their choice, including submission of the dispute to the CDPC, to an arbitral tribunal whose decisions shall be binding upon the Parties, or to the International Court of Justice, as agreed upon by the Parties concerned.” (emphasis added).
It would appear also that the treaty is completely non-self-executing. Therefore, even if it did require states parties to spy on their citizens and to share sensitive information with other parties, the treaty alone couldn’t possibly suffice as lawful authority for the state authorities to do so. Any such power would have to be one under domestic law.
The treaty itself makes this clear time and again when provisions begin with ‘Each Party shall adopt such legislative and other measures as may be necessary to empower its competent authorities to (…).’
Of course, this clause is also as broad as can be in allowing for all sorts of safeguards, as may be required by domestic law (see para. 138 of the very useful Explanatory Report drawn up by the Council).
Has the Senate Punched a Hole in Our Sovereign Firewall?
Julian Ku has an interesting post on the international CyberCrime Treaty, just ratified by the United States Senate. He addresses critiques, which seem legitimate to me, that “any person in this country who uses a computer in a manner that…
The Times (London) has this to say: ‘as American law was already in compliance with the Convention’s demands and no new legislation is needed, ratification is largely symbolic.’
So the powers required by the treaty were already in place. Wouldn’t it be strange if they hadn’t, considering that the US legislator has hardly been a great proponent of civil liberty lately?