[7875] in cryptography@c2.net mail archive
Council of Europe draft Cybercrime treaty
daemon@ATHENA.MIT.EDU (P.J. Ponder)
Wed Sep 27 01:09:03 2000
Date: Tue, 26 Sep 2000 13:55:31 -0400 (EDT)
From: "P.J. Ponder" <ponder@freenet.tlh.fl.us>
To: cryptography@c2.net
Message-ID: <Pine.OSF.4.21.0009261347430.11832-100000@fn3.freenet.tlh.fl.us>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
The Council of Eurpoe has released a draft of its cybercrime treaty. The
idea here is to get signatory nations to adopt similar laws as their own
national laws. A news article I read states that the treaty would
criminalize some forms of security testing and analysis.
One provision would require:
> Section 2 Procedural law
>
> Article 14 - Search and Seizure of Stored Computer Data
< . . . . >
> 5. Each Party shall take such legislative and other measures as may be
> necessary to empower its competent authorities to order for the purposes
> of criminal investigations and proceedings any person who has knowledge
> about the functioning of the computer system or measures applied to
> secure the computer data therein to provide all necessary information,
> as is reasonable, to enable the undertaking of the measures referred to
> in paragraphs 1 and 4.
This would require giving keys to authorities who were investigating your
system.
The draft treaty (English version) is at:
http://conventions.coe.int/treaty/en/projets/cybercrime.htm
