Access Alert: UN approves controversial cybercrime treaty

Access Alert: UN approves controversial cybercrime treaty

The United Nations Ad Hoc Committee has approved a landmark, yet controversial, treaty on cybercrime. The agreement marks the first global effort to establish a comprehensive legal framework against cyber-related offences.

Initiated by Russia in 2017, the treaty faced significant opposition from digital rights groups, tech companies, and various UN member states. However, it was adopted after three years of negotiation and will enter into force once ratified by at least 40 member states.

The treaty introduces broad powers for law enforcement agencies, including the ability to compel service providers to disclose electronic data and facilitate international cooperation in cybercrime investigations. While it aims to tackle serious crimes, such as child sexual abuse, money laundering, and online exploitation, the treaty has raised significant concerns among human rights organisations.

Critics argue that authoritarian regimes could exploit it to suppress freedom of expression and crack down on dissidents, journalists, and activists. The treaty’s provisions allowing cross-border data requests without robust safeguards may lead to abuses and heightened state surveillance. Industry should consider practical steps to ensure they are informed about the treaty’s potential impact on their operations.

Key elements of the treaty

  • Global Legal Framework: Establishes the first comprehensive international legal framework for combating cybercrime, focusing on enhancing global cooperation among member states.
  • Criminalisation of Cyber Offences: Mandates member states to criminalise activities such as illegal access to information systems, data interference, system interference, misuse of devices, and cyber-enabled forgery and fraud.
  • Protection of Children Online: Includes specific provisions against online child sexual abuse and exploitation, including the production, distribution, and possession of such material, as well as solicitation and grooming for sexual offences.
  • International Cooperation: Facilitates cross-border collaboration, including sharing of electronic evidence, mutual legal assistance, and expedited preservation of data for investigations.
  • Human Rights Safeguards: Contains provisions to ensure that the implementation of the treaty does not infringe on fundamental human rights, including freedoms of expression, privacy, and data protection.
  • Jurisdictional Rules: Establishes guidelines for member states to assert jurisdiction over cybercrimes, including crimes committed within their territory or affecting their nationals.
  • Real-Time Data Collection: Empowers states to implement measures for the real-time collection and interception of traffic data and content data during investigations.
  • Legal and Procedural Measures: Requires member states to adopt legal frameworks that allow for the seizure, freezing, and confiscation of assets related to cybercrime.
  • Liability of Legal Entities: Stipulates that both individuals and legal entities can be held liable for committing or participating in cybercrimes.
  • Capacity Building and Technical Assistance: Emphasises the need to provide technical assistance and capacity-building to help developing countries combat cybercrime effectively.

Practical steps for industry

  • Review and Assess Compliance: Companies, particularly in the tech sector, should closely examine the treaty’s requirements to ensure compliance, especially regarding data preservation and cooperation with law enforcement across borders.
  • Monitor Legislative Developments: As the treaty progresses to ratification, it is essential to monitor how individual countries incorporate its provisions into national law, as this will impact enforcement practices and potential liabilities.
  • Engage in Advocacy: Companies should consider joining industry coalitions or engaging with policymakers to advocate for stronger safeguards that protect human rights and privacy, ensuring that any domestic implementation of the treaty does not lead to overreach or misuse.

Access Partnership works closely with businesses and governments to drive innovation and ensure fit-for-purpose regulation. To learn how your business can capitalise on the implications of the UN’s new cybercrime treaty, please contact Mark Smitham at [email protected], Ethan Mudavanhu at [email protected], or Christopher Martin at [email protected].

Related Articles

Access Alert: Key Takeaways from Our APEC Roundtable

Access Alert: Key Takeaways from Our APEC Roundtable

In 2026 China hosts the Asia-Pacific Economic Cooperation (APEC).  How can APEC remain relevant and effective for the private sector...

5 Jun 2025 Opinion
Access Alert: Swedish Authorities Crack Down on Spoofed Calls and Number Misuse

Access Alert: Swedish Authorities Crack Down on Spoofed Calls and Number Misuse

The increase in scam calls and text messages has propelled regulatory authorities worldwide to tighten Know Your Customer (KYC) requirements...

4 Jun 2025 Opinion
Lifting Off: Capturing the Potential of ASEAN’s Low-Altitude Economy

Lifting Off: Capturing the Potential of ASEAN’s Low-Altitude Economy

The low-altitude economy, a term first popularised in China, refers to economic activities operating in airspace up to 1,000 metres...

3 Jun 2025 Opinion
The UK’s Data Gamble: Will the DUA Bill Cost It Its EU Adequacy Status?

The UK’s Data Gamble: Will the DUA Bill Cost It Its EU Adequacy Status?

This article is part of Access Partnership’s series ‘The New Privacy Playbook: Adapting to a Shifting Global Landscape’, which explores...

3 Jun 2025 Opinion