January 10, 2001, 9:01 AM — THE CHAIRMAN OF the committee drafting the Council of Europe's proposal for fighting cybercrime faced renewed questions and criticism of the draft treaty on Thursday from a representative of U.S. IT companies and a privacy advocate.
The draft treaty is meant to addresses a need for basic cooperation on the approach to computer-crime laws in the 41 nations that belong to the Strasbourg, France-based council, along with the U.S., Canada and Japan, which also have worked on the treaty as observers. The goal is to ensure that governments will be able to investigate and prosecute computer-related crimes across borders, including attacks on computer systems and crimes that involve the use of computer systems.
But U.S. companies, especially Internet service providers (ISPs), telecommunications carriers and security companies, are worried that the treaty is too vague and could result in cases such as the 1997 prosecution of a CompuServe Deutschland executive in Munich, Germany, over pornography sites hosted by the ISP. They also worry that it could create cost burdens and violate individual countries' due-process laws.
Speaking at a panel discussion on global cyber crime, Prof. Henrik Kaspersen, chairman of the Council of Europe's Committee of Experts on Crime in Cyberspace, said the council was trying to find a "flexible and dynamic way" to write the treaty, which is designed to "approximate" the essence of the countries' laws rather than change the laws to harmonize them.
Efforts have been made to ensure that the treaty includes language to prevent data havens, a guarantee that signatories will have effective sanctions in place for punishing cyber criminals and assurances that countries will assist each other in the investigation of suspected cyber crimes, Kaspersen said during the discussion, which was sponsored by the Washington consulting company McConnell International.
Despite these efforts, James Dempsey, senior staff counsel for the Center of Democracy and Technology, criticized the draft treaty for failing to address privacy and representing creeping government authority over the flow of information.
"A lot of this treaty is being looked at in the United States as a backdrop of what many of us see as ongoing government efforts to control the design of this new technology and to control the government power," Dempsey said. "This treaty is viewed as another step in the effort of our government to extend... surveillance mandates to the Internet."