NEW YORK FOREIGN PRESS CENTER, 799 UNITED NATIONS PLAZA, 10TH FLOOR
MODERATOR: Hello, good afternoon, and welcome to the New York Foreign Press Center for a virtual briefing on the UN Cybercrime Treaty Negotiations. I would like to welcome our FPC journalists who are attending on Zoom. My name is Mahvash Siddiqui, and I am the moderator. First, I will go over the ground rules, then introduce our three speakers. After their remarks, we will move on to the Q&A.
Now for the ground rules. This briefing is on the record. Two of our briefers are not affiliated with the Department of State or the U.S. Government. The views expressed by them are their own and do not reflect the views of the Department of State or U.S. Government. Participation in Foreign Press Center briefings and programming does not imply endorsement, approval, or recommendation of briefers’ views.
And now I’m delighted to welcome our three speakers. Our first speaker is Ambassador Deborah McCarthy. She is the U.S. lead negotiator for a UN cybercrime treaty. Our second speaker is Ms. Andrea Martin-Swaby, deputy director of public prosecutions and head of Jamaica’s Cybercrimes and Digital Forensics Unit. Ms. Martin-Swaby will speak on behalf of the Caribbean Community, or CARICOM. And our third speaker is Mr. Terlumun George-Maria Tyendezwa from Nigeria. He is the current vice chair of the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes.
The three briefers will highlight the importance of maintaining an open, inclusive, transparent, and multi-stakeholder process that will encourage all member states to commit to a new global anti-cyber-crime instrument.
And with that, it is my great pleasure to welcome Ambassador Deborah McCarthy to make her opening remarks. Please, take the floor.
AMBASSADOR MCCARTHY: Thank you. Thank you, Mahvash. I want to thank you and your team for having us here, and I also want to thank my colleagues George and Andrea for joining me in explaining what – why we are here and why we’re engaged in this process at the UN. As some of you online may know, we’re in the third round of negotiating, under the ad hoc committee, a new cybercrime treaty. And during this session, we are focusing on three key areas, key for many, many of the member states that are negotiating. We are focusing on international cooperation, technical assistance, prevention, having a mechanism, obviously, for implementing the treaty, and some final provisions.
We are under the leadership in this process of Algerian Ambassador Mebarki, and the negotiations are proceeding in, in our view, an extremely transparent and inclusive way. We have a wide variety of member states, including those represented with me today but beyond, including such countries as Angola, Ghana, El Salvador, South Africa, Brazil, Malaysia, Singapore, and I could list a long – even longer list who are actively participating in these negotiations. And that, we feel, is essential to get us on the road for a universally ratified treaty.
And we as the U.S. are actively engaging in expert-driven outreach with all the member states, or a number of the member states, and we want to continue working broadly across the world to come up with – and this is a key point – an inclusive and fair criminal justice instrument that respects rights and provides practical tools for law enforcement.
And we note that we are going into this process to look, as I mentioned, to three key areas. On international cooperation, which is the heart of a lot of the matter which we’re discussing, we strongly believe that we should be facilitating law enforcement cooperation related to the crimes that we will come to agreement on and establish under this convention. We’re looking at this treaty as an opportunity to promote modern electronic evidence frameworks and cooperation mechanisms for all serious crimes.
On the technical assistance side, which is critical also for implementation, we want to ensure that the treaty language is flexible and technology-neutral because of changes that will take place, and we feel that we should look for programs that will offer training for law enforcement and other personnel supporting the administration of justice under this convention. And the United States is proposing implementing the convention through economic development and technical assistance.
In the elements on prevention, which are also critical elements if we are going to arrive at an instrument that will be of benefit to all, we believe that we need greater investment in domestic criminal justice capacity, periodic re-evaluation of domestic legislation, and of – also of administrative practices. And then in terms of the implementation, we’re looking to designate a body that can effectively implement this convention.
I want to mention two other things before I close. One, in this process is the critical role – beyond the member states – of stakeholders, stakeholders coming from the NGO community, coming from the business community, coming from the academic community, the legal community. And they, too, are playing a critical role providing input – practical input – as to how we put together the treaty and implement it. And also they will be critical in all the chapters and particularly on technical assistance and the prevention, for there’s a great education process and a great skills enhancement process that will be required under it.
And then last but not least but any, many means is adequate protection of human rights, fundamental freedoms, and the rule of law in this particular instrument. As with every criminal justice treaty, we will be dealing with authorities that restrain freedoms for the sake of public safety in these discussions, and we must be very careful on how we exercise those powers. We’re calling for a clear requirement in the general provisions to implement every chapter of the treaty in line with our human rights obligations. We have a duty to ensure that criminal justice instruments, like this one, are aligned with these obligations to ensure rights like a free trial guarantee, and also freedom of expression, including for journalists, media workers, and whistleblowers. And we look forward to ideas on how to ensure these powers are used responsibly.
So I will then turn it over to my colleagues.
MODERATOR: Excellent. Well, thank you so much for those very informative remarks, Ambassador McCarthy. I will now turn it over to Ms. Andrea Martin-Swaby to speak on behalf of the Caribbean community or CARICOM.
MS MARTIN-SWABY: Thank you very much. Ambassador Deborah McCarthy, head of delegation for the United States of America, Mr. George Tyendezwa, Vice Chair of the African Group on the Bureau of the Ad Hoc Committee, representatives of the media, good afternoon.
Firstly, I’d like to thank the United States of America for inviting me to participate in this very important dialogue concerning the invaluable work of the Ad Hoc Committee in seeking to draft the convention which treats specifically – sorry – with the use of ICTs for criminal purposes. Today, it is a pleasure to speak on behalf of the Caribbean community in this regard.
CARICOM is deeply concerned about the threat and impact of computer crimes. These crimes are transnational in nature, due to the interconnectivity of devices, which is afforded by the use of the internet. Being transnational in nature, all member states of the United Nations are vulnerable in the fight against the use of ICTs for criminal purposes.
For this reason, CARICOM believes that the development of a multilateral convention to address the use of ICTs for criminal purposes must be inclusive, and as such it is important that there is full participation and adequate representation of all UN member states in this process, particularly small developing states such as those in our Caribbean community. Furthermore, CARICOM believes that the involvement of experts in the field and the participation of a wide cross-section of multistakeholder groups in the intercessional consultations certainly will enhance the negotiations and decision-making process by member states.
What are we hoping to achieve at the end of this process? It is hoped that a new instrument will provide the following: Firstly, a settled list of substantive criminal offenses which address and reflect a strident response to the main threat vectors within the cyber ecosystem, as well as a clearly defined outline of investigative powers, which will be given to law enforcement officers, which are deemed acceptable in keeping with the principles of proportionality, necessity, and legality, as well as respecting human rights whilst at the same time enabling law enforcement to effectively investigate cybercrimes, as well as gather the electronic evidence that is needed to prosecute and bring cyber criminals to justice.
Secondly, create a framework for international cooperation, which is expeditious and facilitates direct contact between law enforcement officers and facilitates assistance being given in the preservation, production, and transfer of electronic evidence across borders, because CARICOM is aware that data by its very nature is transient.
Also creating a mechanism for offering technical assistance and capacity-building initiatives, particularly in light of the specific needs of small developing states such as those in the CARICOM region.
And finally, facilitate the criminalization of cyber-dependent crimes and activities which affect or interfere with the integrity, confidentiality, and availability of computer systems.
MODERATOR: Thank you so much for your remarks, Ms. Andrea Martin-Swaby. Now I’ll turn it over to the vice chair of the Ad Hoc Committee, Mr. Tyendezwa from Nigeria. Please take the floor, sir.
MR TYENDEZWA: Thank you very much, Ambassador McCarthy, Ms. Swaby. I – thank you very much for the opportunity to engage with the press on the sidelines of the third session.
Like has been spelled out, when the UN General Assembly passed Resolution 247 – 74/247, there was a need recognized by all of us to ensure that we came on board to ensure that the negotiations that would lead to this new UN Treaty on Cybercrime will be focused on the threats and the challenges posed by cybercrime to our collective economies, to ensure that we reach a minimum standard of procedural guidelines that enable our law enforcement to investigate, retrieve electronic evidence that is required, as well as cooperate with one another across jurisdictions to ensure that perpetrators of cybercrimes find no safe haven anywhere.
It is in this regard that from the prospective of the African continent we have sought to engage, encourage the engagement of all member states in the process. We’ve also sought to make our voice, the voice of member states heard, particularly, like my colleague from CARICOM mentioned, those countries that hitherto were not involved in some of the negotiations in other instruments that currently exist.
One of the key things that we look forward to achieving at the end of this process is a convention that makes ample provision for international cooperation, that works effectively, that is expeditious, noting very critically that while our law enforcement are constrained by considerations of national borders and sovereign jurisdictions, the cyber criminals operate without consideration of any nation’s sovereignty. They do not have any regard for any borders, so until our law enforcement is able to cooperate as effectively and as speedily, we will stand very little chance of succeeding in the fight against cybercrime. And until we recognize that until every – most countries are able to cooperate effectively, the fight against cybercrime will not be won.
MODERATOR: Thank you so much, Mr. Tyendezwa, for your remarks.
Now I’ll go ahead and open it up for questions. If you have a question, please raise your hand and wait for me to call on you. And you’re also welcome to go ahead and put your question in the main chat room. When I call on you, please go ahead and state your full name and your full media outlet. So I’m ready for questions.
Okay. So, we actually received a few questions from journalists beforehand. So Yongjoo Lee from MBC, a South Korean outlet, asks: “Reports of cybercrime by North Korea are continuing. It is said that ransomware attacks on two U.S. hospitals took place by North Korean hackers. Can you provide an update on their latest crime trends? And what punishment will they face under this agreement today if they are found to have committed a cybercrime in the future?”
I will first turn to Ambassador McCarthy for this, then I’ll go ahead and turn to the other speakers.
AMBASSADOR MCCARTHY: Well, thank you for the question. Cybercrime obviously is critical – of critical importance to us, especially as it affects critical sectors such as the health care – our health care facilities. And more and more we’re seeing the trend, as have other countries – have seen their health care facilities and systems taken offline and including during our pandemic. We would like to come up with an instrument in this criminal justice negotiations that, completed, should outline a number of steps that can be taken to swiftly go after these cyber criminals, as my colleague mentioned. But also – and this is the important part as we work this issue to distinguish between cybercrime and cyber security – it’s is giving our law enforcement the tools to more swiftly pursue those that are attacking critical sectors as well as individuals, communities, local communities, et cetera, and to develop newer tools that are more swift in this process.
MODERATOR: Thank you Ambassador Deborah McCarthy. Ms. Swaby, Martin-Swaby, would you like to take this on?
MS MARTIN-SWABY: What I would indicate is that certainly in terms of ransomware, we have also seen an increase in respect of incidents of those particular types of cybercrimes or computer-related crimes in our region, in the CARICOM. When we negotiated – I think it was at the second session – in terms of the criminal offenses that ought to be listed under the new instrument, it was recommended that in terms of penalties that member states should seek to ensure that penalties for these cyber offenses, when they choose or elect to pass legislation in their own jurisdiction, that it’s commensurate to the magnitude of the crime. And so the instrument will not necessarily say that the penalty should be this, but what it will certainly indicate is that where, for example, the ransomware attack affects the critical infrastructure of a member state, there should be a scale in terms of penalties which reflect the magnitude and the impact of such offenses.
MODERATOR: Thank you so much for that answer. I’ll turn it over to Mr. Tyendezwa. Would you like to tackle that question as well?
MR TYENDEZWA: Yes. For Nigeria and also some of the other African countries, we have also seen an increase in ransomware attacks. Sadly, there isn’t – there is also a large – there is serious underreporting of some of this incident. So, from our perspective, one of the issues – and that goes to prevention – is also creating the awareness and creating the confidence in our citizenry to come forward and report these attacks. That’s one. But just like Ms. Swaby indicated, the – we expect that at the end of when this convention is done, what it will provide is the ability for individual nations to stipulate punishments. So we can tell you what each – what that punishment will be depending on the jurisdiction where that trial takes place.
But having said that, what we expect will happen is that the convention will make it a lot more easier for law enforcement cooperating across jurisdictions to pin down and hold responsible those who are – who have – who are committing this crimes. Thank you.
MODERATOR: Thank you so much for that answer. Now the next question came from Yumi Tanaka from Jiji Press, Japanese media house: “What are the main goals for the United States at the cybercrime treaty negotiations at the United Nations?” And this question is for Ambassador McCarthy.
AMBASSADOR MCCARTHY: Our main goals are to achieve a consensus-based agreement focusing on some critical elements, such as definitions of certain cyber-dependent crimes, procedures for cooperation, provisions for technical assistance for those countries that are fighting this scourge, and to have an instrument that takes into account our obligations as nations to protect individuals as we seek to help them fight this scourge; hence, the emphasis on human rights. One country’s definitions of a crime is not always another country’s definition, and we are very carefully going through the definitions. That is – will also be a critical part. But again I repeat we want this to be a broad, consensus-based instrument that belongs to all the countries that have worked so hard chapter by chapter to come up with something that is nimble, that is swift, and conforms and coordinates with other instruments that are already out there.
MODERATOR: Thank you so much. If I may turn to Ms. Andrea Martin-Swaby. Are CARICOM’s goals very similar to U.S. goals? Could you elaborate on that?
MS MARTIN-SWABY: Yes. Yes. Certainly indeed we are all working towards consensus. I think it is very important that the member states are able to agree at least as it concerns the fundamental cyber offenses; that is your offenses that affect the integrity, availability, confidentiality of systems. Even as you raise ransomware, that’s a system interference. So you will not see ransomware necessarily reflected under that nomenclature in respect of the instrument, but it would be captured under the offenses that are listed there.
Also, we would hope, as has been echoed by my colleagues, to at least settle on the list of investigative tools that will assist law enforcement, to assist beyond borders in terms of the investigation of these crimes, and to gather the electronic evidence for crimes in general as well. That is, I think we’re all ad idem when it comes to those particular goals.
MODERATOR: Great. Thank you. Would you like to add anything, Mr. Tyendezwa, as the vice chair of the ad hoc committee?
MR TYENDEZWA: Well, it’s just to agree with my two colleagues. Basically, I think the bulk of us agreed on this as the goals of negotiating this treaty. The key thing too is to ensure, like is just to reiterate the fact that this convention, the aim will be to help all of us more effectively tackle cybercrime. And the point really is that the glue that will hold all of this together is international cooperation because we have domestic legislations dealing with cybercrime and all sorts of other crimes, but what makes the difference is when countries are able to cooperate with one another, effectively recover evidence of these crimes – electronic evidence – and also preserve that evidence and share it with other jurisdictions so that even persons who are hiding in some of these far-flung jurisdictions can be brought to book.
MODERATOR: Great. No, thank you so much. The third submitted question from Kristopher Rivera of Sputnik News. And the question is: “Do you know if there has been any cooperation between the U.S. and Russia to crack down on cyber-criminal groups in Russia since the start of the war in Ukraine, just like when Russia cracked down on REvil, which is Ransomware Evil, at the U.S. request?” And I think that question, again, is for Ambassador Deborah McCarthy.
AMBASSADOR MCCARTHY: On that question, I will refer you to the Department of Justice. Normally, the Department of Justice does not comment on cooperation on criminal matters. So, I would limit myself to that.
MODERATOR: Thank you. Do either of you want to tackle that question?
MS MARTIN-SWABY: I would decline to.
MODERATOR: Okay, perfect. Great.
AMBASSADOR MCCARTHY: And again, to add the emphasis, which is developing tools to find cyber criminals in different places. So that really is – the emphasis is enabling law enforcement to work more swiftly, more nimbly across the globe, so it’s not directed at one particular actor; it’s directed at increasing cooperation globally.
MODERATOR: Is Interpol part of the negotiations or the conversation that’s happening at the UN at this time?
MR TYENDEZWA: Yes.
AMBASSADOR MCCARTHY: Yes, they are. They’re there as one of the stakeholders. They contribute. They’ve given valuable input, and yes, absolutely.
MODERATOR: Excellent, great.
MR TYENDEZWA: And just in addition to that, there is also robust discussion on the floor regarding enhancing the use of Interpol’s capabilities also in the fight against cybercrime, so yes.
AMBASSADOR MCCARTHY: As one of the tools, one of the tools.
MR TYENDEZWA: Yes, one of the available tools.
MODERATOR: And I’m sure you’re engaging domestic law enforcement as well —
MR TYENDEZWA: Yes.
MODERATOR: — through this process.
AMBASSADOR MCCARTHY: And let me add one other thing. This is an instrument that once we finish it has to be ratified by a number of countries, member countries, and that implies working with their own governments domestically, their own members – their congress, their parliaments, et cetera – so each government also is engaging in consultations not only with stakeholders and experts, et cetera, but also with their own domestic authorities and domestic parliaments that have to approve the instrument once it’s finalized.
MODERATOR: Great. Do you – do either of you have any final remarks at all?
MR TYENDEZWA: Well, ladies first.
MS MARTIN-SWABY: (Laughter.) Well, what I would indicate is that it is clear that member states are taking full advantage of their right to participate in the process, and we have been hearing on the ground and in terms of the submissions made by member states that certainly in respect of the issue of international cooperation, the issue of criminalization, the chapters that treat with also technical assistance, that there is full commitment on the ground in respect of what it is should be reflected in the new instrument or what is hoped to be achieved in the new instrument.
AMBASSADOR MCCARTHY: To follow on from my colleague, I think it’s important to recognize the following: We’re looking to draw up a new criminal justice-focused treaty. It’s not a cyber security treaty. It’s not a treaty on internet governance. It’s not a treaty on terrorism. We’re setting standards for cooperation against cybercrime.
MR TYENDEZWA: Yes, and adding on that, I would say that there is a growing recognition on the floor that the treaty that is being negotiated will be focused on countering cybercrime. But it is also recognized that the – from submissions on the floor, it is becoming clear that cybercrime in itself is an attack on our human rights. And so the recognition is that if we’re able – if states are more able to protect their citizenry and bring to account – attribute and bring to account perpetrators of cybercrime, it will go a long – it is part of the state’s responsibilities to protect their citizens. So – and that, we’ll agree, remains the aim of the criminal justice system, to hold people accountable and maintain law and order in our societies.
MODERATOR: Thank you so much, sir. Since there are no further questions from the media, I’m going to go ahead and conclude this meeting. On behalf of the New York Foreign Press Center, thank you very much to Ambassador McCarthy, Ms. Martin-Swaby, as well as Mr. Tyendezwa for sharing your expertise and for enlightening us on the cyber treaty – cybercrime treaty negotiations. Thank you so much for your time.
Today’s briefing was on the record. I will share a transcript with everyone who is participating today, and it will also be posted on our website at fpc.state.gov. Thank you all and have a wonderful day.