Federal Internet Law & Policy
An Educational Project
CyberCrime:  International Treaty Dont be a FOOL; The Law is Not DIY
- Agencies
- - White House
- - DHS
- - NIST
- - NTIA
- - FCC
- Reference
- Cryptography

Crimes Against Network
- Worms, Viruses, Attacks
- Hackers
- Cyberwar
- Network Reliability
- Infrastructure Protection
- - Kill Switch

Crimes Over Network
- CyberStalking
- Fraud
- - Auctions
- - Phishing
- Gambling
- ID Theft
- Offensive Words

Info Gathering
- Wiretaps
- Forensics
- Carnivore
- Patriot Act
- Data Retention
- Safe Web Act

- Assessment
- Reliability
- Vulnerabilities

"On November 23, 2001, the United States and 29 other countries signed the Council of Europe’s Convention on Cybercrime as a multilateral instrument to address the problems posed by criminal activity on computer networks. Nations supporting this convention agree to have criminal laws within their own nation to address cybercrime, such as hacking, spreading viruses or worms, and similar unauthorized access to, interference with, or damage to computer systems. It also enables international cooperation in combating crimes such as child sexual exploitation, organized crime, and terrorism through provisions to obtain and share electronic evidence. The U.S. Senate ratified this convention in August 2006. As the 16th of 43 countries to support the agreement, the United States agrees to cooperate in international cybercrime investigations. The governments of European countries such as Denmark, France, and Romania have ratified the convention. Other countries including Germany, Italy, and the United Kingdom have signed the convention although it has not been ratified by their governments. Non-European countries including Canada, Japan, and South Africa have also signed but not yet ratified the convention." -- Public and Private Entities Face Challenges in Addressing Cyber Threats, GAO-07-705, p. 14-15 (June 2007)

Derived From: Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal InvestigationsPDF Computer Crime and Intellectual Property Section, Criminal Division, DOJ (2009) (Remember: This is a rendition of the state of the law from law enforcement and reflects their views)

[See Fourth Amendment] Increasingly, electronic evidence necessary to prevent, investigate, or prosecute a crime may be located outside the borders of the United States. This can occur for several reasons. Criminals can use the Internet to commit or facilitate crimes remotely, e.g., when Russian hackers steal money from a bank in New York, or when the kidnappers of an American citizen deliver demands by email for release of their captive. Communications also can be "laundered" through third countries, such as when a criminal in Brooklyn uses the Internet to pass a communication through Tokyo, Tel Aviv, and Johannesburg before it reaches its intended recipient in Manhattan-much the way money can be laundered through banks in different countries in order to hide its source. In addition, provider architecture may route or store communications in the country where the provider is based, regardless of the location of its users.

When United States authorities investigating a crime believe electronic evidence is stored by an Internet service provider on a computer located abroad (in "Country A"), U.S. law enforcement usually must seek assistance from law enforcement authorities in Country A. Because, in general, law enforcement officers exercise their functions in the territory of another country only with the consent of that country, U.S. law enforcement should only make direct contact with an ISP located in Country A with (1) prior permission of the foreign government; (2) approval of DOJ's Office of International Affairs ("OIA") (which would know of particular sensitivities and accepted practices); or (3) other clear indicia that such practice would not be objectionable in Country A. The U.S. view (and that of some other countries) is that prior consultation is not required to (1) access publicly available materials in Country A, such as those posted to a public website, and (2) access materials in Country A with the voluntary consent of a person who has lawful authority to disclose the materials. For advice regarding what constitutes voluntary consent or lawful authority for such disclosures, contact CCIPS.

Under certain circumstances, such as where the matter under consideration constitutes a violation of the foreign country's criminal law, foreign law enforcement authorities may be able to share evidence informally with U.S. counterparts. However, finding the appropriate official in Country A with which to explore such cooperation is an inexact science, at best. Possible avenues for entree to foreign law enforcement are: (1) the designated expert who participates in the G8's network of international high-tech crime points of contact (discussed below); (2) CCIPS's high-tech law enforcement contacts in many countries that are not a part of that network; (3) law enforcement contacts maintained by OIA; (4) representatives of U.S. law enforcement agencies who are stationed at the relevant American embassy (e.g., FBI Legal Attaches, or "LegAtts," and agents from the U.S. Secret Service and U.S. Immigration and Customs Enforcement); and (5) the Regional Security Officer (from the Diplomatic Security Service) at the American embassy (who may have good incountry law enforcement contacts). CCIPS can be reached at 202-514-1026; OIA can be reached at 202-514-0000.

Where Country A cannot otherwise provide informal assistance, requests for evidence usually will be made under existing Mutual Legal Assistance Treaties (MLATs) or Mutual Legal Assistance Agreements, or through the Letters Rogatory process. See 28 U.S.C. §§ 1781-1782. These official requests for assistance are made by OIA to the designated "Central Authority" of Country A or, in the absence of an MLAT, to other appropriate authorities. (Central Authorities are usually located within the Justice Ministry, or another Ministry or office in Country A that has law enforcement authority.) OIA has attorneys responsible for every country and region of the world. Since official requests of this nature require specified documents and procedures and can take some time to produce results, law enforcement should contact OIA as soon as a request for international legal assistance becomes a possibility.

When U.S. law enforcement has reason to believe that electronic evidence exists on a computer or computer network located abroad, a request to foreign law enforcement for preservation of the evidence should be made as soon as possible. Such a request, similar to a request under 18 U.S.C. § 2703(f ) to a U.S. provider (see Chapter 3.G.1), will have varying degrees of success based on several factors, most notably whether Country A has a data preservation law and whether the U.S. has sufficient law enforcement contacts in Country A to ensure prompt execution of the request. The International Convention on Cybercrime, completed in 2001, obligates all Parties to have the ability to effect cross-border preservation requests, and the availability of this critical form of assistance therefore is expected to increase greatly in the near future. Significantly, many countries do not have preservation and, if they receive a preservation request, will instead do a search. Such a search may not be appropriate for some cases; for example, it may risk tipping off the target of the investigation. Investigators may consult with CCIPS regarding the likely outcome of such a preservation request.

To secure preservation, or in emergencies when immediate international assistance is required, the international Network of 24-hour Points of Contact established by the High-tech Crime Subgroup of the G8 countries can provide assistance. This network, created in 1997, is comprised of approximately fifty member countries and continues to grow every year. Participating countries have a dedicated computer crime expert and a means to contact that office or person twenty-four hours a day. CCIPS is the point of contact for the United States []. The Council of Europe's Cybercrime Convention obligates all Parties to have a 24-hour point of contact for cybercrime cases, and international 24- hour response capabilities are therefore expected to continue to increase. The G8 and Council of Europe lists will be consolidated.

In the event that United States law enforcement inadvertently accesses a computer located in another country, CCIPS, OIA, or another appropriate authority should be consulted immediately, as issues such as sovereignty and comity may be implicated. Likewise, if exigencies such as terrorist threats indicate that direct access by United States law enforcement to a computer located abroad is crucial, appropriate U.S. authorities should be consulted immediately.

Searching, seizing, or otherwise obtaining electronic evidence located outside of the United States can raise difficult questions of both law and policy. For example, the Fourth Amendment may apply under certain circumstances, but not under others. See generally United States v. Verdugo-Urquidez, 494 U.S. 259 (1990) (considering the extent to which the Fourth Amendment applies to searches outside of the United States). This manual does not attempt to provide detailed guidance on how to resolve difficult international issues that may arise in cases involving electronic evidence located beyond our borders. Investigators and prosecutors should contact CCIPS or OIA for assistance in particular cases.


  • Version 22 of the Treaty
  • Letter of the a lot of groups including GILC, Center for Democracy and Technology 10/18/2000
  • GILC version
  • US Chamber of Commerce
  • Comments of Americans for Computer Privacy on the Draft Council of Europe Convention on Cybercrime Nov 15, 2000
  • The Information Technology Association of Canada (ITAC) Letter in response to Draft Council of Europe Convention on Cyber-Crime Oct 23, 3000
  • Internet Alliance Letter on Draft Convention on Cybercrime
  • leading security practitioners, educators, vendors, and users of information securityletter re Council of Europe draft treaty on Crime in Cyberspace.
  • First Draft of International Convention Released for Public Discussion
  • DOJ FAQ on Treaty
  • 1999/364/JHA: Common Position of 27 May 1999 adopted by the Council on the basis of Article 34 of the Treaty on European Union, on negotiations relating to the Draft Convention on Cyber Crime held in the Council of Europe Official Journal L 142 , 05/06/1999 p. 0001 - 0002
  • COE Introduction to Conventions and Agreements in the European Treaty Series (ETS)
  • G8
  • G8 Summit Kyushu-Okinawa Summit Summer 2000
  • Un dialogue entre les pouvoirs publics et le secteur privé sur la sécurité et la confiance dans le cyberespace" communiqué du G8 (groupe de lyon)  (17 mai 2000)
  • Conférence de Paris du G8 sur le "dialogue entre les pouvoirs publics et le secteur privé sur la sécurité et la confiance dans le cyberespace"  15 au 17 mai 2000, Centre de Conférences Internationales (CCI)

  • Timeline
  • 1995:  G8 creates Senior Experts Group on Organized Crime (aka Lyon Group)
  • Sept 8, 1995:  Council of Europe approves The Recommendation of the Committee of Ministers to Member States Concerning Problems of Criminal Procedure Law Connected with Information
  • Jan 1997:  G7 creates "Subcommittee on high-tech Crime," chaired by DOJ's Scott Charney
  • May 2000: G8 met in Paris on subject of cybercrime
  • July 2000: G8 me in Okinawa, Japan on subject of cybercrime
  • Oct 18 2000: Letter of Opposition to draft treaty from multiple Internet and civil liberty organizations
  • Nov 19 2000:  24th Draft Version Released
  • January - June 2001:  Approval to be considered by Council's Steering Committee
  • Ratification by Member Nations
  • Links
  • WISTA Global Cyber Crime: Weak Laws Threaten E-Commerce : Self-Protection Is Principal Defense, 12/7/00 - The report is available here or at McConnell International LLC.
  • Privacy International's Cyber Crime website
  • CDT Resource Page on COE Proposal
  • Privacy International CyberCrime Page
  • An International Policy Framework for Internet Law Enforcement and Security: An Internet Alliance White Paper May 2000
  • Interview with Scott Charney, chairman of the G-8-Work Group "High-Tech Crime" Telepolis, June 11, 1999
  • Awareness Program for the Draft Convention on Cyber-Crime
  • News
  • Senate ratifies cybercrime treaty, AP 8/8/2006
  • Indymedia asks: "Who took our servers?", Indymedia 10/26/2004
  • We seize servers, you can't complain - US gov, Register 11/12/2004
  • FBI returns seized news servers, BBC 10/15/2004
  • US seizes indy media sites, BBC 10/12/2004
  • Authorities shut down U.K.-based news Web sites, CW 10/12/2004
  • Cybercrime summit urges international cooperation, CNET 9/21/2004
  • Convention on Cybercrime, COE 9/16/02
  • Final Draft of the First Additional Protocol to the Convention on Cybercrime concerning the criminalisation of acts of a racist or xenophobic nature committed through computer systems and its Explanatory Report (Council of Europe, released on May 14, 2002)., COE 9/16/02
  • Global Net Crime Treaty Hurts Free Speech - Trade Group, Newsbytes 2/8/02
  • Global Cybercrime Treaty Signed, Wash Tech 11/27/01
  • EU ministers debate ISP data retention rules, CNN 11/28/01
  • 30 Countries Sign Cybercrime Treaty, IDG 11/27/01
  • Cybercrime Treaty May Save Lives, Reuters 11/23/01
  • Update: Thirty countries sign cybercrime treaty, CW 11/23/01
  • Cybercrime Treaty Gets Green Light, BBC 11/13/01
  • European Union Set to Vote on Data Law, NYT 11/13/01
  • Cybercrime treaty ready for signatures, CNN 11/13/01
  • Controversial cybercrime treaty ready for signatures, CW 11/9/01
  • Cybercrime treaty may not cut it, Red Her 9/14/01
  • International cybercrime treaty finalized, CNET 6/21/01
  • Global treaty--threat to the Net?, ZDNET 6/21/01
  • Net founder: EU cybercrime plan conflicts, ZDNet 6/8/01
  • Deputies Want Racism Ban In Cybercrime Treaty, Reuters 4/25/01
  • EU Seeks Comment On Cyber Crime Initiatives, WashTech 01/31/01
  • WISTA Voices Concern Over Draft CyberCrime Convention ITAA Newlsetter Dec 2000
  • Both Sides Hacked Over Kashmir Dec 28 wired
  • UN and EU Take Aim at Cybercrime Dec 13 ecommercetimes
  • Cybercrime Treaty Draws Fire Dec 18 bbc
  • US Chamber Of Commerce Opposes Cybercrime Treaty Dec 12 washtech
  • DOJ endorses European cybercrime pact Dec 6 zdnet
  • U.S. embraces European computer crime proposal Dec 4 mercurycenter
  • Council Of Europe: No Hacking Tools Ban Dec 4 theregister
  • Dutch ISPs To Pass Along Cyber-Crime Costs Dec 4 thestandard
  • Cybercrime treaty raises privacy concerns Nov 20, 2000 usatoday
  • E-Mail Campaign Targets International Cyber-Crime Treaty Nov 15, 2000 washtech
  • Cybercrime treaty gets a makeove Nov 15, 2000 zdnet
  • Cybercrime Treaty Gets Last-Minute Remake Nov 7, 2000 excite
  • Internet business group calls for delay in cybercrime treaty Nov 7, 2000 computerworld
  • Cybercrime Solution Has Bugs Wired 5/3
  • EU Cyber Crime Treaty Bad For Ireland? Oct 20, 2000 ireland
  • World leaders leaders joining forces to fight cybercrime NandoTimes 5/15
  • G8 meets to coordinate efforts against e-crime ZDNet 5/15
  • G8 Agree to Reinforce Cooperation on CyberCrime InfoWorld 5/17
  • G8 Hems and Haws on Cybercrime  Wired 5/17
  • G8 nations urge government and business to help combat cybercrime NAndotimes 5/19