UN Cybercrime Convention — 5 steps to make it work
Today is a historic day where all countries have come together to adopt a mile stone treaty pertaining to cybercrime. This treaty aims at international cordination and cooperation for fight against cybercrime. This convention holds a key importance to India which is a “Digital First World” country having one of highest Digital Public Infrastructure, internet users and data consumption in world.
Why was it needed? A simple explanation
Lets take a realistic case. If a criminal activates his WhatsApp / Meta account or uploads an App in Google Store using Ireland IP address or Phone number, Meta or Google considers it to be under jurisdiction of Ireland. Now data laws belonging to Ireland would apply and criminal would get a hidden protection as some countries have stringent data sharing laws. However situation become tricky when virtual number and Proxy / VPN is used for doing the same. The convention will solve the issue to an extent if executed properly.
One more reason if the convention was lack of seamless support and technical expertise, Laws of different countries which is often exploited by criminals. Ex. Some countries do not have stringent SIM Card issuing rules. This makes it easier for criminals to activate WhatsApp or Facebook accounts using fake SIMs and use the same to conduct crime in other nations.
Crimes are shifting online and until now, there had been no global adoption of any convention cybercrime. The new Cybercrime Convention, will make response much quicker more effective — safeguarding netizens.
Netizens are Global Citizens. Same are cybercriminals.
How to make the convention more impactful?
Laws / Treaty needs to be executed properly and effectively for getting desired results. Plan must be converted into actions and some of the key suggestions to achieve the same are as follows.
- Appoint Specialist & Technocrats in key positions
Dealing with cyberspace issues needs knack of Technology. For example Digital advertisement is extensively used in transnational cybercrime. However people confuse Search Engine Optimisation with Digital advertisements (which is a paid content published by Google / Meta). In order to train, prevent or negotiate, a technical and subject matter expert would be more effective.
A cybercrime coordination agency should be setup with actually communicates day in and day out with Police of entire country of all ranks. This agency must have a combination of Police, Administrators and Technical Specialists.
2. Centralised Learning Management System & International Peer Learning
India has created a national LMS — Karmayogi Bharat , a highly successful model to upgrade all Government Employees. A similar portal with access to all countries should be developed with option for each country to upload their own courses.
The Indian Cyercrime Coordination Center, a nodal agency of cybercrime under Ministry of Home Affairs is running a unique initiative to upgrade all Police personnel across the country irrespective of their ranks or location by running “Peer Learning” session every week where one State (which is equivalent to some of European Countries) will share investigation experience with all India Cyber Police Force along with Regulators. This fosters ‘on-ground’ and ‘practical’ training and ensures knowledge level playing in all.
3. Technology Sharing & Technical Assistance
One of the aims of the convention is proactive cybercrime prevention and technical assistance. A swift facility to share proactive measures adopted by each countries may be shared, especially technology and research part. This will help in addressing abuse of technology globally.
For Example, India was receiving over 1.35 Crore spoofed calls in a single day, many of them linked to SE Asia based modus operandi. Using a technical fix, now call spoofing has been fixed at a majority of extent.
4. Big Tech Regulations — reconsidering intermediary
Transnational cybercrimes are easily conducted by using technologies like digital advertisements, chat messengers, mobile apps etc. A uniform regulation, re-considering intermediary status of Big techs and fixing accountably on them especially for regulated sectors will be critical. Prevention is impossible without proactive support from intermediaries which are heavily abused by organised criminal syndicates. Even guidelines of customer onboarding is required so that undue advantage of level playing is not exploited by cybercriminals.
5. Dispute resolution board
An oversight mechanism is needed to check if countries are living upto the spirit of the treaty. A board may be constituted which has operational members of all countries to deal with any divergence.
Success of any resolution / policy is the driving team which will tirelessly work with all countries to achieve desired results. Transnational cybercrime has the capabiltiy to economically damage any nation with absolute remote operation. Owing to this seriousness, its a urgent necessity to put the plan into execution. Best Wishes !
Link to document: https://documents.un.org/doc/undoc/gen/n24/372/04/pdf/n2437204.pdf
