UN cybercrime proposal could help autocrats stifle free speech, rights group says

Many cybercrime laws aren't really about cybercrime.
A man walks by the UN headquarters in New York in March. (Photo by Kena Betancur/AFP via Getty Images)

Human rights advocates are warning that a controversial proposal at the United Nations to counter cybercrime could validate tactics that autocratic governments around the world have used to criminalize free speech and security research.

The Russian and Chinese governments back the notion of establishing a new anti-cybercrime convention, a process that diplomats at the U.N. will begin considering next week. However, the wording of the proposal, which calls for curbs on the use of technologies for “criminal purposes,” is vague to the point of potentially enabling further government repression, critics say.

A report issued Wednesday by Human Rights Watch, a New York-based advocacy group, details a growing list of so-called cybercrime laws that governments have allegedly used to target dissenters, or infringe on personal privacy.

A Pakistani law, for example, enables authorities to block websites used to criticize government officials. In the Philippines, police can collect computer data without a warrant under the Cybercrime Prevention Act. A judge used the same law to convict journalist Maria Ressa of libel last year, and Ressa now faces up to six years in prison.


The Russia and China-backed proposal “risks legitimizing” such abusive practices and making the internet less open and secure, according to Human Rights Watch. “Instead of a treaty, governments should prioritize reforming these abusive laws to conform with international human rights standards,” the report said.

The proposal is a counterweight to an anti-cybercrime agreement, the Budapest Convention, that 64 nations, including the U.S., signed in 2001.

“This has been one of the main reasons the U.S. and others have been skeptical of Russia’s resolution and this process: That it really is a platform to advance measures trying to restrict content, including political speech, rather than addressing computer crimes,” said Christopher Painter, the former top official at the State Department focused on cyber diplomacy.

The proposal is also part of a broader effort by the Russian government to shape global cybersecurity norms that the U.S. and allies continuously accuse Moscow of violating.

The State Department has successfully encouraged other governments to denounce alleged Russian hacking operations in unison. Multiple European governments blamed Moscow last year for disrupting government websites in the country of Georgia.


Several U.S. allies, including Australia and New Zealand, expressed support for the U.S. statement on Russia’s alleged exploitation of software made by the federal contractor SolarWinds. The White House argued that Russian activity exceeded international spying norms because it placed an undue burden on private companies whose products were exploited.

The struggle for geopolitical influence at the U.N. comes as the Biden administration has pledged to make human rights central to its approach to cyberspace.

“Far too often, cybersecurity is used as a pretext to infringe on civil liberties and human rights,” U.S. Homeland Security Secretary Alejandro Mayorkas said in March. “At the end of the day, cybersecurity is about people. It is about protecting our way of life and protecting what we hold dear.”

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts