This module is a resource for lecturers
International and regional instruments
There are international and regional treaties on cybercrime. A case in point is the Council of Europe's Convention on Cybercrime of 2001. This Convention seeks to harmonize national laws, improve cybercrime investigation techniques, and improve international cooperation. It also provides guidance to signatories on the measures needed at the national level to deal with cybercrime, including amendments and additions to substantive law (i.e., to establish cybercrime offences in criminal law) and criminal procedural law (i.e., to establish the procedures for criminal investigations and prosecutions). The Convention further provides signatories with guidance on mutual assistance and acts as a mutual legal assistance treaty (i.e., an agreement between countries to cooperate on investigations and prosecutions of certain and/or all offences proscribed by both parties under national law; Maras, 2016) for countries that do not have one with the country requesting assistance.
Did You Know?
While a number of countries have been pushing for a global convention under the auspice of the United Nations, and the Russian Federation has in particular proposed a "Draft United Nations Convention on Cooperation in Combating Cybercrime" in 2017 ( A/C.3/72/12), to date international consensus on such a global convention within the framework of the United Nations is still insufficient.
There are several cybercrime and cybercrime-related treaties that are region-specific:
- The Commonwealth of Independent States' Agreement on Cooperation in Combating Offences related to Computer Information of 2001. This agreement calls on states to adopt national laws to implement the Agreement's provisions and to harmonize national cybercrime laws.
- The Arab League's (formerly known as the League of Arab States) Arab Convention on Combating Information Technology Offences of 2010. This convention's primary aim is to strengthen cooperation between states to enable them to defend against and protect their property, people, and interests from cybercrime.
- The Shanghai Cooperation Organization's Agreement on Cooperation in the Field of International Information Security of 2010. This agreement's focus extended beyond cybercrime and cybersecurity to include information security (INFOSEC) of member states as one of its primary objectives, as well as national control over systems and content.
- African Union Draft Convention on the Establishment of a Legal Framework Conductive to Cybersecurity in Africa (Draft African Union Convention) of 2012. This convention promotes the provision and maintenance of human, financial, and technical resources needed to facilitate cybercrime investigations.
- African Union Convention on Cyber Security and Personal Data Protection of 2014. This convention includes, among other things, a call to African Union states to create and/or amend national laws to adequately combat cybercrime, harmonize national laws, create mutual legal assistance treaties (MLATs) where they do not exist, facilitate information sharing between states, facilitate regional, intergovernmental, and international cooperation and utilize existing means available to cooperate with other states, and even the private sector.
Cybercrime laws and directives have also been developed and implemented by regional organizations and/or regional intergovernmental organizations. Examples include:
- Southern African Development Community (SADC) Model Law on Computer Crime and Cybercrime of 2012. This law serves as a guideline for states in the SADC to develop substantive and procedural cybercrime laws. Because it is a model law, it does not pose any legal cooperation obligations on states. The states that have and/or create cybercrime laws can utilize the SADC Protocol on Mutual Legal Assistance in Criminal Matters and the SADC Protocol on Extradition to facilitate cooperation and coordination in international cybercrime investigations.
The Economic Community of West African States (ECOWAS) Directive on Fighting Cybercrime of 2011. This directive requires member states to criminalize cybercrime in national law and facilitate mutual legal assistance, cooperation, and extradition in cybercrime and cybersecurity-related matters. ECOWAS has a Convention on Mutual Assistance in Criminal Matters and a Convention on Extradition to facilitate cooperation in cybercrime investigations and extradite cybercriminals.