Earlier this year, Member States started negotiations for a legally binding text on cybercrimes, the world’s first of this nature. The negotiations intend to find an adequate balance of sanctions and safeguards that can be transposed into international law.
To gather inputs, the UN is convening both government and non-government stakeholders. But negotiations so far have been heavily state-centric, with limited inputs from the private sector. Current submissions from Member States propose broad data requests, beyond what is necessary and proportionate, and are looking to criminalise an equally broad range of activities. Without more sustained input from Industry, the final Treaty will not reflect practical compliance challenges.
Member States’ proposals engender significant risks and legal liabilities for companies. Some of the provisions which would create compliance issues are highlighted below:
- There are proposals for extremely broad access to data, data retention, and even real-time access to data, many of which are not technically feasible.
- Intrusive provisions will create conflicts when seeking to comply with data protection across jurisdictions.
- There are extensive proposals to cover offences which are not currently crimes in most jurisdictions.
- There are proposals for third-party liability, with direct negative consequences for companies operating internationally and across jurisdictions with large variations in levels of cyber readiness.
If these proposals go ahead, companies are at risk of heavy sanctions. The substantive negotiations are taking place this year and there are opportunities for companies to feed into the process: ahead of the Third Ad Hoc Committee Session in August-September 2022, at the multi-stakeholder Intersessional consultation in September-October, and ahead of the Fourth Committee session in January 2023.
The industry’s own expertise is critical for developing transnational regulation that works for all. Access Partnership are equipped to support partners and table proposals in the upcoming sessions. Our experts can provide advice on how to mitigate compliance risk stemming from the Treaty and ensure partners’ views form part of the negotiations.
To find out more about the process or to request support with the upcoming consultations, please contact Gordon Mackay at firstname.lastname@example.org, Luminita Tuchel at email@example.com or Chris Martin at firstname.lastname@example.org.