By Delonie A. Plummer ’18
The 2017 Global Risks Report lists massive incidents of data fraud/theft as one of the top 5 global risks. Large-scale cyber attacks are 6th on the list of risks likely to occur within the next 10 years. Although cyber crime is both a national and international concern, countries have difficulty combating cyber crime attacks when the victim, the perpetrators, and the exchange of profits all take place in different countries. The U.S. Justice Department recently announced the world’s largest darknet takedown of an online marketplace for drugs, firearms, and fraudulent documents. The founder of the online marketplace Alphabay, Alexandre Cazes, is a Canadian citizen who resided in Thailand, and executed several attacks in U.S. territory. During the investigation, U.S. officials worked with several countries and economic blocks including the E.U., Canada, and Thailand. Without similar national laws on international cooperation during cyber crime investigations, Alphabay and other darknet sites would still operate.
The Budapest Convention (the “Convention”) is the first international treaty on cyber crime. The convention promotes uniformity among national cyber crime laws and global cooperation beyond national borders. However, several countries are not signatories to the Convention. Critics argue that the Convention is outdated and too narrow. Russia is concerned that the Convention grants transborder access to stored data during investigations, which undermines national security. So, what is the middle ground?
An updated international treaty on cyber crime is needed to address international cyber attacks. The national security of stored data should be accounted for in a revised treaty while also allowing for reasonable international cooperation. The U.S., most affected by financial cyber attacks, must be in the forefront of efforts to revise the Convention and promote cooperation. The real question, is what will it take to convince the U.S. that cyber crime needs our utmost attention?