Concerns mount over UN Cybercrime convention draft’s surveillance provisions


The UN Cybercrime Convention is facing intense scrutiny as its sixth session of negotiations unfolds, drawing attention to the implications of the draft treaty’s provisions on global surveillance and data protection. Advocacy organization the Electronic Frontier Foundation (EFF) and its allies are actively engaging in discussions to address concerns arising from the convention’s “zero draft,” which many fear is morphing into a wide-reaching global surveillance agreement rather than a cybercrime treaty.

One of the central issues lies in Article 24, which emphasizes human rights safeguards but confines its application to criminal procedural measures rather than extending to international cooperation. Critics argue that this omission could open the door to human rights abuses in cross-border collaborations. Another point of contention is Article 2, which employs vague terms like “data” and “information,” potentially allowing for the misuse of sensitive personal information. Calls for precise definitions to prevent such risks are growing louder.

The draft’s scope of international cooperation has also stirred debate. Article 35 broadens cooperation beyond cybercrimes to include any serious offense, raising questions about the adherence to the dual criminality principle. Furthermore, Article 36’s potential for bulk information sharing for data-mining purposes is seen as a potential breach of privacy if not tightly regulated.


Articles 40(1), (3), (4), (6), and (7) have drawn EFF’s attention due to their expansive surveillance powers, lack of safeguards, and potential to compromise privacy. Additionally, concerns are voiced about Articles 40(8) and 47, which could undermine dual criminality and grant unchecked cooperation in offenses covered by the convention, respectively.

The EFF’s analysis underscores the need for clarity, safeguards, and protections in the UN Cybercrime Convention’s draft, particularly as the provisions can impact individual rights and enable government overreach. The outcome of these negotiations will significantly shape the landscape of global cyber governance, emphasizing the importance of multi-stakeholder input and transparency to ensure that privacy and digital rights are preserved in the face of advancing surveillance capabilities.