US declines to join more than 70 countries in signing UN cybercrime treaty

107 pointsposted 2 hours ago
by pcaharrier
(therecord.media)

45 Comments

landl0rd

an hour ago

China, north korea, and russia, all prolific cybercriminal nations with significant state backing of the same, are signatories. This means it's at best meaningless and at worst surrenders power to a regime with partial control by objectively bad actors. Staying out of this was the right move.

Plus it has too many implications for surveillance and security; poor idea in any case.

ethagknight

32 minutes ago

I was hoping to see a comment like this. These sorts of “global collaborations” seem to always end with the US carry all the water, and the goal from the other countries perspective is to throttle the US. Like the Paris Accords.

izacus

13 minutes ago

Do you have even a slightest proof for your claim?

sschueller

5 minutes ago

Like throttling the US from committing war crimes?

estearum

25 minutes ago

What about non-proliferation treaties which have prevented the vast majority of countries from bankrupting themselves in an existential sprint to nuclear weapons?

lovich

9 minutes ago

You know what the fun fact that everyone I hear complain about the US spending more than is fair on international projects ignores or appears ignorant of?

When you’re the one carrying the water, you get to decide where the water goes.

I actually prefer regimes like NATO where everyone is happy to leave the US in charge and doesn’t arm themselves. For all the projection of “strength” the current admin gives off, they are on their way towards reigning over a kingdom formed from the ashes of the republic's empire

BoredPositron

25 minutes ago

Say what you want about this treaty but China is running circles around you regarding Paris.

password54321

15 minutes ago

Screw game theory, I have the bigger stick. This is how everyone goes "defect" and you enter an arms race. https://en.wikipedia.org/wiki/Prisoner%27s_dilemma

Never mind, we already crossed that line: https://www.bbc.com/news/articles/c4gzq2p0yk4o

complianceowl

6 minutes ago

Almost no rebuttals on the internet are intellectually honest these days. Take the same exact action by a President of the alternative party, and it's considered "decisive", "shows our enemies we mean business". But since it's not coming from your political party, it's "oh no, what is this guy doing. He's going to get us all unalived."

Aurornis

an hour ago

> It also creates legal regimes to monitor, store and allow cross-border sharing of information without specific data protections. Access Now’s Raman Jit Singh Chima said the convention effectively justifies “cyber authoritarianism at home and transnational repression across borders.”

None of this sounds good for privacy and data protection.

Opting out of the treaty was probably a good choice. Opting out doesn’t preclude the US from cooperating with international cybercrime investigations, but it does avoid more data collection, surveillance, and sharing.

rprwhite

10 minutes ago

Err... yeah, because that's what USA based companies are known for - PII protection and data privacy?!?

Maybe there is some more complexity to this argument, that I'm missing. But, it's not one that has merit without justification.

shenberg

an hour ago

When countries like North Korea, which depends on cybercrime to fund itself, are signatories, you have to wonder whether this agreement means what its title says.

y-curious

43 minutes ago

The old “think of the children/fight terrorism/support our troops/be a good person” style of naming propositions to destroy data privacy.

perihelions

an hour ago

Previous threads:

https://news.ycombinator.com/item?id=41207987 ("EFF’s concerns about the UN Cybercrime Convention (eff.org)", 99 comments)

https://news.ycombinator.com/item?id=39129274 ("Proposed UN cybercrime treaty has evolved into an expansive surveillance tool (eff.org)", 64 comments)

https://news.ycombinator.com/item?id=41210110 ("New U.N. Cybercrime Treaty Unanimously Approved, Could Threaten Human Rights (scientificamerican.com)", 53 comments)

https://news.ycombinator.com/item?id=41221403 ("UN Cybercrime Convention to Overrule Bank Secrecy (therage.co)", 42 comments)

maerF0x0

an hour ago

Why would the US give away it's power? I do not see anything to gain here. At least 2 of the big players are duplicitous bad actors (ie take more than they give) ... If they want prove otherwise then let Tencent teams compete in public CTFs again and disclose 0days.

delfinom

6 minutes ago

What power? The US gave up power by not signing. The treaty is standardizing the process for sharing cybercrime evidence and prosecuting individuals. It has signatories pledging to align their laws and create new ones to make the same cybercrime illegal.

This isn't giving any country any sole power over cybercrime prosecution decisions.

sixhobbits

12 minutes ago

Couple clicks to get to the list so here it is. Not countries I usually associate with caring about privacy.

Algeria,Angola,Australia,Austria,Azerbaijan,Belarus,Belgium,Brazil,Brunei Darussalam,Burkina Faso,Cambodia,Chile,China,Costa Rica,Côte d'Ivoire,Cuba,Czech Republic,Democratic People's Republic of Korea,Democratic Republic of the Congo,Djibouti,Dominican Republic,Ecuador,Egypt,European Union,France,Ghana,Greece,Guinea-Bissau,Iran (Islamic Republic of),Ireland,Jamaica,Mozambique,Namibia,Nauru,Nicaragua,Nigeria,Palau,Papua New Guinea,Peru,Philippines,Poland,Portugal,Qatar,Russian Federation,Rwanda,Saudi Arabia,Slovakia,Slovenia,South Africa,Spain,Sri Lanka,State of Palestine,Sweden,Thailand,Togo,Türkiye,Uganda,United Kingdom of Great Britain and Northern Ireland,United Republic of Tanzania,Uruguay,Uzbekistan,Venezuela (Bolivarian Republic of),Viet Nam,Zimbabwe

etiennebausson

a minute ago

I am curious about which countries do you associate with privacy.

abtinf

a few seconds ago

Once again, Chat Control is a never ending battle.

some_random

38 minutes ago

Wow so the hosts and beneficiaries of cybercrime wrote a treaty on it (with a ton of additional surveillance mandates included, of course) and the US didn't sign on. How disappointing.

nwellnhof

12 minutes ago

> cybercrime — which the U.N. estimates costs $10.5 trillion around the world annually.

That's almost 10% of global GDP. Who comes up with these numbers?

orbifold

4 minutes ago

It will all make sense once you realize who works at the UN, basically nepo babies of all colors and variety, including second cousins of Saudi royalty etc.

hypeatei

9 minutes ago

I don't understand why political topics such as international treaties like this are upvoted and kept on the front page? To be clear, I'm in favor of politics being discussed on here, but this is so uninteresting and pointless to discuss IMO. International law can be ignored even by countries that agreed to it. What are you going to do, invade? As pointed out, countries like China and Russia signed onto a cybercrime treaty... pure slop.

Just seems very distracting when actual abuses and interesting political topics are hidden away in /active (like ICEs use of facial recognition)

nizbit

6 minutes ago

Don’t have to look far to find out why.

Per the article: “Illicit flows of money, concealed through cryptocurrencies and digital transactions, finance the trafficking of drugs, arms, and terror. And businesses, hospitals, and airports are brought to a standstill by ransomware attacks.”

Then there’s this: Inside the Trump family’s global crypto cash machine https://www.reuters.com/investigations/inside-trump-familys-...

orenlindsey

11 minutes ago

All this would do is drive criminals to poorer countries that can't stop crime as well. Just like many scammers being based in South Asia, or billionaires moving their money to tax havens. It just takes one country to allow this stuff or at least not stop it, and your treaties are just pieces of paper.

elAhmo

14 minutes ago

UN should move its HQ outside of US. It is obvious they have become a bad host.

ARandomerDude

10 minutes ago

Now that's an idea I think a lot of people can get behind. From the left, the US is a bad host. From the right, get those globalists out of my country. Everybody wins.

jacknews

19 minutes ago

When Cambodia is a signatory, you know this is just whitewash, or even 'protective intelligence' ie using the shared international intelligence to protect the scams and evade enforcement. Keep your enemies close.

ecshafer

2 hours ago

The government is shut down, treaties need to be ratified by the Senate.

teraflop

an hour ago

The executive branch is shut down. The Senate is still in session.

(The House of Representatives is effectively shut down, but only because the Speaker of the House has been unilaterally putting it into recess at the beginning of every session. The House Republicans all voted to grant the Speaker the power to do this whenever he wants, at the beginning of their current term.)

dragonwriter

an hour ago

> The government is shut down, treaties need to be ratified by the Senate.

The President isn't shut down, and only the President is needed to sign a treaty; it is submitted for ratification later and that, absent a deadline in the treaty, can take as long as it takes.

Also, even if the Senate was required to sign a treaty, the Senate isn't shutdown, and is in session and doing business.

pksebben

35 minutes ago

text of the treaty: https://www.unodc.org/unodc/en/cybercrime/convention/text/co...

I wouldn't get excited about the US "not signing". With the government shutdown, they might just be waiting for the document to be in New York before they bother. Hanoi is far.

64ss1: This Convention shall be open to all States for signature in Hanoi in 2025 and thereafter at United Nations Headquarters in New York until 31 December 2026.

Article 37 is spooky. Expands extradition to where there might not be preexisting extradition treaties.

Fuck article 11. It's the EU's "any program for committing cybercrime is a crime" law, and makes programmers culpable. IANAL, but it actually looks like it criminalizes the entire software supply chain. Sure, there's a clause in there that looks like it's supposed to protect security research (11s2) but this is the thinnest of loincloths.

It also seems to apply to "crime where there was a computer somewhere around". As for what constitutes "crime":

Article 2:(h) “Serious crime” shall mean conduct constituting an offence punishable by a maximum deprivation of liberty of at least four years or a more serious penalty;

...that seems to mean that if publishing information against the state regime is punishable by 4+ years and you used a computer to do it, there is now a basis for seizing your data and extraditing you.

I'm not even going to get into the implications this has for damaging privacy in general. This is some dark ass shit.

thw_9a83c

14 minutes ago

Article 29: Real-time collection of traffic data

   - (ii) To cooperate and assist the competent authorities in the collection or
     recording of; traffic data, in real time, associated with specified
     communications in its territory transmitted by means of an information and
     communications technology system.
Seriously? Will the authorities of state X simply ask the authorities of state Y to collect/intercept data, and will the authorities of state Y be required to cooperate even without a legal basis in their local legislation? Because this treaty become sufficient legislation?

And more so:

   3. Each State Party shall adopt such legislative and other measures as may be
      necessary to oblige a service provider to keep confidential the fact of
      the execution of any power provided for in this article and any
      information relating to it.
I cannot imagine anyone with a functioning brain signing this at the UN level.

pembrook

17 minutes ago

> The U.K. and European Union joined China, Russia, Brazil, Nigeria and dozens of other nations in signing the convention...Human rights groups warned on Friday that it effectively forces member states to create a broad electronic surveillance dragnet that would include crimes that have nothing to do with technology.

Countries like Nigeria, Morocco, North Korea and Russia signing a "cybercrime" treaty is just hilarious to me.

I don't believe for a second that these countries want to crack down on cybercrime, considering their citizens are the main perpetrators and beneficiaries of it, and they've taken zero actions to prevent it before today. Lagos is essentially the Silicon Valley of internet fraud, and it happens with permission from the highest levels of their government.

This obviously is just an excuse to create a global dragnet for governments looking to crack down on dissent.

christkv

an hour ago

No thank you and I’m loath to see the EU sign up to this with a ton of authoritarian states. Things like this and the continued pushing of stuff like Chat Control has convinced me the EU stands to turn our countries into flawed democracies and eventually authoritarian states.

perihelions

an hour ago

It's remarkable context that the Russian government authored this UN treaty,

> "Russia, however, Rodriguez said, has objected to the convention for infringing state sovereignty by allowing other nations to investigate cybercrimes in its jurisdiction. So in 2017, Russia proposed negotiating a new treaty, and in 2019 the UN adopted a resolution to do so, backed by Russia, Cambodia, Belarus, China, Iran, Myanmar, Nicaragua, Syria and Venezuela."

https://www.theregister.com/2023/04/14/un_cybercrime_treaty/ ("Russia-pushed UN Cybercrime Treaty may rewrite global law. It's ... not great")

> "It was proposed by Russia in 2017 and adopted by the General Assembly in December 2024 amid resistance from human rights organizations"

https://en.wikipedia.org/wiki/United_Nations_Convention_agai...

christkv

43 minutes ago

lol and the same politicians who call everything a Russian plot to influence Europeans run and sign this. The loss of shame is one of our main problems in modern politics on all sides. The professional politician industrial complex has to go.