The US is a signatory and an early proponent of the Budapest Convention. A big part of American cyber diplomatic activity has, in fact, been focused on promoting the Budapest regime as the global model of cybercrime governance. In 2019, the US firmly opposed the Russian-sponsored resolution calling for an alternative legal instrument to the Convention; following the passing of the resolution, however, the US has agreed to participate in the Ad Hoc Committee established under
UNGA resolution 74/247 despite the fact that the “surprise text” within the
May 2021 resolution was seen as an effort to “circumvent dialogue” and undermine the “balanced, inclusive, consensus-based process” sought by the US.
On a multilateral level, the US is also a party to the UN Convention against Transnational Organised Crime (UNTOC) and the Inter-American Convention on Mutual Legal Assistance of the Organisation of American States (OAS) and is a member of Interpol.
Bilaterally, the US has completed an
agreement with the UK under the CLOUD Act that facilitates cross-border data sharing directly between US companies and the British government; the US is trying to expand this type of bilateral engagement,
currently negotiating a similar agreement with Australia.
Under the auspices of the OEWG, India has highlighted the need for
“real-time cooperation between government agencies” in combatting cybercrime, cyberterrorism, and cyber threats more widely. To date, however, India has not signed any international cybercrime agreement. It voted in favour of a Russia-sponsored
UNGA Resolution calling for the establishment of a separate cybercrime treaty.
Despite having brought its legal framework largely in alignment with the Budapest Convention, India remains a non-party because
the document was drafted without the country’s participation, thus rending the treaty discriminatory. Another big objection has been raised on the basis of section 32.b, which gives intelligence agencies trans-border access to data for the purposes of criminal investigations with lawful and voluntary consent - a concern shared by Russia.
It has also been
argued that the Mutual Legal Assistance (MLA) regime under Budapest is not effective, as it does not commit states to a firm promise of cooperation; from the perspective of the Indians, it would be
preferable to replace this regime with a UN-driven process.
Canada’s
National Cyber Security Strategy identifies the activities of malicious cyber actors as a “growing challenge”. Following the adoption of the ‘Protecting Canadians from Online Crime’ Act, Canada acceded to the Council of Europe’s Budapest Convention in 2015 and has since consistently
promoted the instrument as the “best tool to fight cybercrime at the international level”. Canada has
specifically “encourage[d] countries to bolster their anti-cybercrime efforts by becoming Parties to the Convention, or using it as a model to implement their own cybercrime laws”. Moreover, upon Canada’s initiative, the Quintet of Attorneys General (which brings together Attorneys General from Canada, the US, Australia, New Zealand and the UK) issued a
public statement at their July 2019 meeting, expressing their support for the Budapest Convention as a “necessary basic framework for fighting cybercrime” and for the work of the United Nations Open-Ended Intergovernmental Expert Group on Cybercrime (UNIEG). Being part of the ‘like-minded’ group of states, Canada voted against the Russian-sponsored
UNGA Resolution 74/247 aiming at establishing an alternative cybercrime instrument; upon the passage of 74/247 and its follow-up
UNGA Resolution 75/282, however, Canada has been a vocal member of the Ad Hoc Committee on Cybercrime. Prior to the Committee’s May 2021 organizational session, the
Canadian position paper on the Implementation of 74/247 noted that the Committee must “ensure consistency with existing UN treaties in the field of crime prevention and criminal justice, in particular the United Nations Convention against Transnational Organized Crime, the United Nations Convention against Corruption and take into account multilateral instruments that have already proven their usefulness in the fight against cybercrime, in particular the Council of Europe Convention on Cybercrime”. In the same document, Canada emphasized the need for an “inclusive, transparent, constructive, and consensus-based process that will lead to a fair outcome to the benefit of all”. The
first session of the Ad Hoc Committee will be held in New York from 17 to 28 January 2022. Canada’s perspective on the scope, objectives, and structure of the convention was submitted to the Ad Hoc Committee in advance of the start of the first negotiation session (
E).