Better Budapest than Hanoi?: However, the Cybersecurity Tech Accord’s Nick Ashton-Hart, who headed the group’s delegation to the UN committee creating the treaty, said that rather than implementing the Convention against Cybercrime, UN member states should look to another agreement: the Council of Europe’s Budapest Convention. It, he said, “is a much better agreement that is already in force with a critical mass of member-states as parties, a growing list of states who want to join it, a proven track record, and extensive guidance in how to address the Convention in a rights respecting way.” He added, “I expect that the private sector will continue to focus its efforts on capacity building and technical assistance for Budapest and won’t prioritize the UN Convention unless the protocol negotiations [described in Articles 61 and 62 of the Convention] address its problems.”Despite these problems, Shipley thinks that the industry should now focus on proper implementation of the Convention.”I understand the concerns that the cybersecurity industry has raised,” he said. “They’re not at the idea of greater cooperation in taking down gangs. They’re aimed at the conventions ambiguous language around unauthorized access and the potential for security researchers to be caught in the crosshairs for doing ethical research. But that ship has sailed and we’d be better off ensuring the application of the convention within states that choose to sign on, does include robust protections for security research.”The Convention will come into force 90 days after it has been ratified by 40 member states or regional economic integration organizations; the ratification process extends until December 31, 2026.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4078735/un-agreement-on-cybercrime-criticized-over-risks-to-cybersecurity-researchers.html
