Last October 13th, the Council adopted a decision authorising the European Commission and member states to sign a United Nations Convention against cybercrime. The Convention is an international treaty which puts in place common rules at global level to enhance cooperation on cybercrime and the exchange of evidence in electronic form for the purpose of criminal investigations or proceedings.
Criminalisation of conduct
A key aspect of the Convention is the harmonisation between participating countries of the criminalisation of conduct of certain cyber-related offences. This means that all countries commit to make certain conduct (e.g. IT fraud or illegal interception) a criminal offence in their national legislation.
The Convention will also give an impetus to criminalise acts related to online child sexual abuse material, grooming as well as the non-consensual dissemination of intimate images. These offences are already criminalised at EU level but not yet at a wider international level.
International cooperation
All signatories of the Convention commit to cooperate to investigate and prosecute criminal offences under the Convention. This includes the collection and sharing of electronic evidence. The latter applies to cybercrimes but also serious crimes such as international organised crime if these are punishable by a prison sentence of at least four years.
Human rights and data protection safeguards
The Convention comes with important safeguards to prevent the abuse by the participating countries to commit or legitimise human rights violations. Any interpretation that would lead to suppressing human rights or fundamental freedoms, in particular the freedoms of expression, conscience, opinion, religion or belief, peaceful assembly and association is explicitly excluded.
These safeguards also ensure that international cooperation can be refused if countries consider that it is being used to commit human rights violations or if requests are deemed to be politically motivated. Cooperation can also be refused if this cooperation would be contrary to a country’s domestic laws or if the refusal would be necessary to avoid any form of discrimination.
Next steps
The Convention will open for signatures on 25 October 2025 until 31 December 2026. It will enter into force ninety days after the deposit of the fortieth instrument of ratification, acceptance, approval or accession. Furthermore, the presidency will prioritise the finalisation of the corresponding Council decision for the EU and its member states to conclude the United Nations Convention on Cybercrime, with a view to asking for the consent of the European Parliament.
Background
Cybercrime is a growing threat to the security of citizens and businesses in the EU. According to an Europol threat assessment from 2024 cybercrime has gone up dramatically in terms of volume, intensity and harm potential. At the same time electronic evidence has increasingly gained in importance in the context of criminal investigations.
The United Nations Convention against Cybercrime was adopted by the General Assembly of the United Nations in December 2024. According to the Convention, the EU (and other regional economic integration organisations) can sign and ratify the Convention if at least one of its member states signs and ratifies it.
More information: European Council
Publicaciones relacionadas:
Counter terrorism: deal to share air passenger data in advance
European Commission and national authorities take action to protect children from harmful practices in video games
Crypto fraud ring in Spain scammed 5,000 victims worldwide
Stronger customs controls and cooperation on product compliance
An Individual Arrested In Spain For Spreading Terrorist Propaganda Online
Leave a Reply