UN cybercrime protocol talks expose disagreements over what should become an international crime

Governments have begun discussing a possible supplementary protocol to the UN Convention against Cybercrime, also known as the Hanoi Convention. Early submissions show that states disagree over both the timing of the process and the types of conduct that should be covered.

A supplementary protocol is an additional legal agreement attached to an existing treaty. In this case, it could add new criminal offences, cooperation rules, or safeguards to the main Cybercrime Convention.

The UN Ad Hoc Committee Secretariat invited governments to submit preliminary views on the protocol’s possible scope, objectives, and structure. The process follows UN General Assembly resolution 79/243, which asked the Committee to prepare a draft protocol addressing additional criminal offences and related matters.

The United States questioned whether the negotiations should proceed at this stage. It argued that the main Convention has not yet entered into force and has therefore not been tested in practice. According to Washington, states should first decide whether an additional protocol is necessary before debating its contents.

Russia took a different position and submitted a draft protocol covering a wide range of offences. These include terrorism financing, extremism, arms and drug trafficking, attacks on critical information infrastructure, unauthorised access to personal data, and crimes involving AI.

This approach would extend the treaty framework beyond offences such as hacking, malware, and online fraud. It could also cover certain forms of online speech or content, depending on how terms such as extremism are defined and applied.

That distinction is important. Traditional cybercrime offences usually concern attacks against computers, networks, or data. Content-related offences concern what people publish, share, or communicate online. Because national definitions of terrorism, extremism, and unlawful speech differ widely, including such offences in an international treaty could create disputes over freedom of expression, legal certainty, and political misuse.

Brazil, Nigeria, and Ecuador broadly supported continuing the protocol process but favoured a more limited approach. Brazil warned against adding offences that lack sufficient international agreement. Ecuador proposed addressing emerging offences, digital evidence, cooperation between public authorities and private companies, proportionality, and human rights protections.

The submissions, therefore, reveal two competing models. One would keep the protocol focused on clearly defined cyber offences, electronic evidence, and cooperation between criminal justice authorities. The other would use it to regulate a broader range of conduct involving national security, online content, AI, and politically sensitive activity.

The Ad Hoc Committee must now consider whether a supplementary protocol is needed, which offences could attract sufficient international agreement, and what safeguards should apply before formal drafting advances.