Subscribe
Blog / Podcast Readers
NEWSGATOR YAHOO
BLOGLINES ITUNES
DEL.ICIO.US DIRECT RSS

Council of Europe Cybercrime treaty ratified by U.S. Senate

by Shannon Kellogg on 8/4/2006
Topics: E-Security | Government Policy

Well, it took nearly five years after the U.S. signed on to an important international treaty in November 2001, but the U.S. Senate finally ratified the Council of Europe Convention on Cybercrime last night.

The Cybercrime Convention had languished in the Senate for years until the Senate Foreign Relations Committee, under the leadership of Senator Richard Lugar (Republican-Indiana), approved it by voice vote in late-July 2005. However, consideration by the full Senate was delayed another year because there was a hold placed on it by Senator Jim Inhofe (Republican-Oklahoma). Eventually, Senator Inhofe's concerns were addressed and the Cybercrime Convention was finally approved as Senators prepare to leave Washington, D.C. for the August 2006 congressional recess.

It took too long, but the ratification of the Convention on Cybercrime should bolster international law enforcement cooperation and strengthen laws around the globe against hacking, online fraud, child pornography and other digital crimes. Robert Holleyman, CEO of the Business Software Alliance, stated today that "...This Convention will serve as an important tool in the global fight against cyber criminals and encourage greater cooperation among nations" in that industry group's press release. In another press release, the Cyber Security Industry Alliance stated that "...Ratification of the Convention on Cybercrime minimizes the barriers to international cooperation that currently impede investigations and prosecutions of computer-related crimes, making it an important tool in the global fight against those who seek to disrupt computer networks, misuse sensitive or private information, or commit traditional crimes using Internet-enabled technologies."

In addition to the significant industry support, U.S. law enforcement and the Bush Administration had been requesting ratification of the Convention for years. It was the U.S. Justice Department that had taken the lead in the Convention negotiations and they had worked hard to address various concerns and issues that were raised by the private sector during those negotiations. (I remember those efforts well as I was at the Information Technology Association of America at the time.) When FBI Director Robert Mueller addressed the industry-wide RSA Conference in February 2006, he emphasized that -- because the Internet had become "a global growth engine for business" -- it had also become "a global target for savvy criminals." (See related Speaking of Security podcast on the Director's speech and the importance of the Cybercrime Convention.) On a related note, there were some interesting articles coming out the Black Hat Conference in Las Vegas this year, including this one at Internetnews.com on the FBI's ongoing fight against organized crime on the Internet.

The Cybercrime Convention always seemed to be a no-brainer, with the evolving patterns of criminal activities on the Internet. While it does not change U.S. law, it does raise the bar for other countries to go after and prosecute cyber-criminals backed by tougher penalties. Unfortunately, the U.S. is still only the 16th of the 43 signatory countries to complete the ratification process; there is still work to do to get the other nations who signed the Convention in 2001 to become full participants. Hopefully, U.S. Senate ratification will encourage other legislatures around the world to act as well.

As RSA Security's CEO Art Coviello has said in speeches and interviews that he gives on cyber security issues: "If this was the 19th Century and pirates threatened a vital waterway or canal, the civilized nations of the world would work together to tackle that threat." Well, with the ratification of the Cybercrime Convention by the U.S. Senate, we are one step closer to making that prospect a reality, to enable nations around the globe to more effectively combat the criminals of the 21st century that are harming commerce in today's Internet-driven economy.

-S.L. Kellogg

Comments

No comments for this blog entry

Post A Comment

Your Name
Your Email Publish email?: Yes No
Your Blog
Subject
Comment
Verification Word
© 2010 RSA Security. All rights reserved | Privacy | Legal | Site Map

RSA, The Security Division of EMC, provides Secure Data, Compliance, SIM, SEM, SIEM, PCI, Consumer Identity, Two-Factor Authentication, Custom Applications, Consulting, Assessment, and other security solutions and services to over 90% of the Fortune 500.
 
Access Control |  Authentication and Identity Assurance |  Credential Management |  Data Loss Prevention |  Data Encryption and Key Management |  Fraud Prevention |  Security Information and Event Management |  Log Management |  IT Compliance |  ISO 27002 Compliance |  Information Risk Management for Financial Services |  Payment Card Industry Data Security Standard | 
 
RSA Access Manager
RSA BSAFE
RSA eFraudNetwork
 RSA Data Loss Prevention
RSA Consumer Solutions
RSA FraudAction
 RSA Digital Certificate Solutions
RSA Encryption/Key Management
RSA Enterprise Data Security
 RSA enVision
RSA SecurID
RSA Smart Cards

 RSA Federated Identity Manager
RSA Adaptive Authentication