On August 3, the U.S. Senate ratified the Council of Europe Convention on Cybercrime, a treaty aimed at facilitating international cooperation in the prevention, investigation, and prosecution of crimes involving electronic evidence. The U.S. is the 16th country to ratify the convention which has been in force since July 1, 2004, among the 15 nations that have ratified it so far (Albania, Bosnia and Herzegovina, Bulgaria, Croatia, Cyprus, Denmark, Estonia, France, Hungary, Lithuania, Macedonia, Norway, Romania, Slovenia and Ukraine.)

International Sharing of Electronic Evidence

The treaty is not just about cybercrime - it provides for international sharing of electronic evidence of all crimes … whether they involve computers or not. Thus, the treaty may come into play in a robbery case as long as there is evidence stored in an electronic form in a country which is a signatory to the treaty. Essentially, the treaty provides a tool for foreign governments to request interception of electronic communications and the sharing of electronic data in the United States and allows the U.S. to request the same from other countries which are parties to the treaty.

According to Jeffrey Price, of counsel to the Washington, DC office of Steptoe & Johnson who has worked on the treaty since its inception in 2001, the treaty will not require changes in U.S. law, but it may not permit changes in U.S. law either, because substantive provisions of the law of cybercrime will now be internationalized. Thus, the treaty becomes a major piece of legislation in the area of cybercrime and electronic evidence sharing between law enforcement agencies in different countries.  One of the first things that U.S. ISPs and other network operators may anticipate is increase volume of requests for intercepts and data from foreign law enforcement agencies because the main sources of electronic information are in the U.S.

Dual Criminality Lacking?

Some critics claim that the treaty lacks a "dual criminality" requirement so that Americans may be investigated in the United States for things that are not crimes in the U.S. Professor Orin Kerr, formerly with the Department of Justice’s Computer Crimes Division and now prominent scholar on cybercrime, has suggested that the "dual criminality" is a traditional requirement of extradition, but not of international evidence collection. He suggests that the U.S. approach has been "to help a foreign country investigate foreign offenses even if the same conduct is not a crime in the U.S. as long as cooperation does not raise any constitutional difficulties." According to Prof. Kerr, the cybercrime treaty maintains this traditional approach.