Last week I attended for the first time the intriguingly titled Octopus Conference on Cooperation against cybercrime ― now in its sixth edition. It was followed by a special meeting in the Council of Europe’s ‘Palais d’Europe’ in Strasbourg, organised to celebrate the 10th anniversary of the Budapest Convention. Around 250 cyber security experts from 65 countries representing governments, law enforcement authorities, academia and the private sector gathered in the Alsatian capital to discuss both cyber crime and the future of the Budapest Convention.
Adopted by the Committee of Ministers of the Council of Europe at its 109th session on 8 November 2001, the Convention on Cyber Crime opened for signatures in Budapest on 23 November 2001. It entered into force in July 2004. To date, 47 countries from all over the world have signed or ratified it ― or both. Although conceived over ten years ago, in an era in which threats such as botnet or stuxnet were not known, and in which the new challenges brought by tablets, smart phones or cloud computing could hardly be foreseen, the Budapest Convention remains a forward-looking instrument that still has relevance today.
Most of the delegates, me included, were shocked by the results of the Norton study on the loss of cyber security. This study, conducted across 24 countries in 2010, was presented at the conference by Symantec. It revealed that over two thirds of online adults had been a victim of cybercrime in their lifetime; each second, 14 people fall prey to a cyber attack.
With 431 million adult victims worldwide in the past year ―at an annual cost of $388 billion globally based on financial losses and wasted time ― cybercrime is said to ‘cost the world significantly more than the global black market in marijuana, cocaine and heroin combined.’
These hard-hitting results definitively motivated delegates to push talks on tackling cyber crime forward even further.
I agreed whole-heartedly with Alexander Seger, Head of Economic Crime Division of the Council of Europe, that a multi-stakeholder approach is the most effective way to strengthen global cooperation on cyber security and to tackle cybercrime. There are already many organisations and entities involved in securing the global infrastructure of the Internet, including governments and inter-governmental organizations, private sector companies, standards bodies, NGOs and multi-stakeholder organizations such as ICANN and the IGF. All actors should work together at international level to combat cyber criminals.
Cooperation is particularly important bearing in mind the nature of the Internet: threats can quickly evolve ― and have no borders.
The Budapest Convention definitely provides the legal framework for promoting such cooperation and its flexibility also means it can evolve to tackle new challenges. Moreover it does not stop countries from adopting their own national laws. This robust framework is available for adoption by additional countries from all regions of the world interested in a cybersecurity international cooperation model, and it is quite incorrect to characterize it as a euro-centric instrument. Why should we then re-invent the wheel with a different multilateral framework, when we already have a good tool in place?
To conclude, I’d like to wish happy anniversary to the Budapest Convention. My present to you is to call on more countries to sign, join and ratify!
The post Happy 10th birthday to the Budapest Convention appeared first on AT&T Global Public Policy.