We missed this earlier: At the latest session of the United Nations (UN) Ad-Hoc Committee discussing the international convention on tackling cybercrime, India proposed using a ‘24×7 global communication network’ to tackle the practice of phishing. The committee, which has been discussing a draft treaty since 2022, convened its 77th session in New York from January 29th to February 9th. India’s proposal called for specific attention to be given to the problem of phishing, calling it the “predominant cybercrime globally”. They proposed using the 24/7 communication channel for “swiftly rendering phishing links inaccessible and identifying the abused IT resources and the malicious actor.”
India’s proposal says that the current measures for combating phishing are “inadequate.” They propose an addition to Article 41 of the draft treaty concerning a ‘24/7 network’, facilitating information exchange between Law Enforcement Agencies. India calls for using the communication network as a more ‘practical mechanism’ for combating phishing. India suggests identifying and blocking a phishing link and using the communication network to promptly inform the requested state about vulnerable IT resources and malicious actors. States can then “take appropriate action in accordance with domestic law”, reads the proposal.
India has argued that blocking phishing links is in accordance with Article 28(3) and Article 34(6) of the draft treaty. Article 28 concerning the ‘Search and seizure of stored electronic data’ and Article 34 concerning ‘Assistance to and protection of victims’ call to ‘render inaccessible or remove’ electronic data that violates the convention. “Time sensitivity in dealing with offenses like CSAM, CSEM, Nonconsensual Intimate Images, or Phishing necessitates incorporating the ‘rendering inaccessible’ provision under the 24/7 mechanism,” the proposal says.
Why does the treaty matter and what are the concerns being raised?
The treaty proposed by the UN can be the first of its kind to tackle countries’ growing concerns about international cybercrime. Countries like India have spoken at length about how often in cases of cyber-crimes, the diversity of laws across states can make prosecution a challenge. India has also spoken about how the lack of communication among law enforcement across nations can make accessing data challenging.
However, the treaty has raised several red flags with researchers, NGOs, and civil society groups. Speaking at MediaNama’s PrivacyNama conference in 2022, researcher Sukanya Thapliyal pointed out: “India’s interest in jurisdiction issues and [cross-border data flows] is rooted in its inability to access data located elsewhere.”
As recently as on January 23, several NGOs issued a joint statement in which they called for the draft treaty to be rejected if it did not include sufficient human rights safeguards.
Speaking to Medianama, Raman Jit Singh Chima, Asia Policy Director and Senior International Counsel at the NGO Access Now, one of the 20 signatories of the statement, said that the challenge lies within the fact that “many states are looking at this treaty as fundamentally a data access treaty” and while that may be useful to tackle crime, it can be misused. Chima says, “The usage of domestic electronic evidence powers or data sharing by prosecutors, police or law enforcement should be subject to separate additional human rights language or safeguards. The current treaty does not have enough of those.”
Talking about the most recent amendment proposed by India, he said: “If you’re asking for someone to be investigated or data to be collected, you want this to be happening through a rule of law framework with high safeguards. You should go to a judge, not to a government body. After it is established to a judge that this is necessary, legal and proportionate, a judge should authorize the government or the police to request that data and it should be time-bound. If it doesn’t jeopardize an investigation, individuals should also be notified after the investigation is complete that their data was accessed under government order.”
STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!
Also Read:
