Critics clash over Cybercrime Convention

Cybercriminals are getting smarter, and their exploit are costing the U.S. billions of dollars -- $67 billion at last count.

Thus, perhaps the Senate's decision to ratify the Council of Europe's Convention on Cybercrime couldn't have come soon enough.

From our news report: "The treaty calls for signatory nations to cooperate on cybercrime investigations… The treaty also calls for signatory countries to pass similar cybercrime laws, addressing issues such as computer intru-sion, computer-facilitated fraud, child pornography, and copyright infringement."

Groups such as the Business Software Alliance (BSA) appear to think so. "Cybercriminals are not limited by borders, and this treaty will help ensure that law enforcement isn’t either," Robert Holleyman, BSA's president and chief executive officer, said in a statement.

Also supporting the Senate's move was the Cyber Security Industry Alliance (CSIA).

"This treaty provides important tools in the battles against terrorism, attacks on computer networks and the sexual exploitation of children over the Internet, by strengthening U.S. cooperation with foreign countries in obtaining electronic evidence," U.S. Attorney General Alberto Gonzales said in a statement.

But not everyone is gung-ho about this bill. The Electronic Frontier Foundation (EFF) has bestowed upon it the unflattering distinction of "World's Worst Internet Law."

"The treaty requires that the U.S. government help enforce other countries' 'cybercrime' laws - even if the act being prosecuted is not illegal in the United States," the EFF says on its Web site. "That means that countries that have laws limiting free speech on the Net could oblige the FBI to uncover the identities of anonymous U.S. critics, or monitor their communications on behalf of foreign governments."

The EFF says: "American ISPs would be obliged to obey other jurisdiction's requests to log their users’ behavior without due process, or compensation."

EPIC (the Electronic Privacy Information Center), a civil liberties organization, criticized the convention in a letter (PDF) to the Senate in July, 2005. Among other things, the group said it "lacks adequate safeguards for privacy" in that it would "create invasive investigative techniques while failing to provide meaningful privacy and civil liberties safe-guards, and specifically lacking judicial review and probable cause determinations required under the Fourth Amendment."

In response to at least some of the aformentioned criticisms, Attorney General Gonzalez said last Friday: "The convention is in full accord with all U.S. constitutional protections, such as free speech and other civil liberties, and will require no change to U.S. laws."

The text of the Convention on Cybercrime is available here. It's not light reading material.

What do you think? Do you feel safer with the U.S. joining the Council of Europe's Convention on Cybercrime?