 Hello and welcome everybody to this hybrid press conference here from Vienna. This is a press briefing about the negotiations of the UN Cyber Crime Convention. My name is Thomas Lohninger, I'm Executive Director of the European Digital Rights Organization EpiCenter Works and I'm here in Vienna with Electronic Frontier Foundation, Article 19, Access Now, EpiCenter Works and Global Partners Digital. We are here for the fifth session on the negotiations of this new treaty on cyber crime which really has the potential to drastically redraft criminal law all around the world. It represents a tectonic shift because of its global nature when it comes to the cross-border access to our personal information and we are talking about a global convention which will also set a worldwide standard both on surveillance measures as well as criminal law when it comes to computer-related crime. This is what we want to discuss with you here today and we'll shortly start with a quick round of introduction before our five experts I'm shortly going to introduce. We have Katica, Policy Director for Global Privacy Electronic Frontier Foundation. We have Babora, Senior Director for Law and Policy at Article 19. We have Rahman, Global Cyber Security League and Senior International Council at Access Now. Tanya Fajatala, Policy Advisor from EpiCenter Works and last but not least Ali, Global Engagement and Advocacy Lead at Global Partners Digital. Last words, this is a hybrid press conference so journalists are able to ask questions here and please do so both from the room as well from the Zoom so you can use the chat for this but also raise your hand and then we'll put you on the speakers here and also see your webcam picture should you wish so. And you can already start questions, start with questions in the chat or raise your hands. So without further ado, Katica, please start. Thank you, Thomas. Today I would like to discuss the current direction of the ongoing negotiations of the UN Cybercrime Treaty specifically in the chapter of Surveillance and International Cooperation. But before I analyze the text, let's start discussing briefly the historical context of the ongoing negotiations and to start, let's discuss the Budapest Convention is the main existing treaty on international cooperation on cybercrime. It was negotiated in 2001 by member states at the Council of Europe and has been recently extended last year. EFA has drastically criticized the Cybercrime Convention for its vague human rights safeguards and for the secret leave negotiation process. Still, Budapest has become the de facto standard for cross-border cybercrime policing. Russia, however, objected the Budapest Convention for totally different reasons, citing concerns that it infringed on human rights, no, that it thinks on a state sovereignty story by allowing other nations to investigate cybercrime in its jurisdiction. That's one of the main reasons why Russia proposed this treaty in 2017 and it was only in 2019 that the UN General Assembly adopted a resolution to start the negotiations on this UN process. This proposal was addressed by Russia, Cambodia, Belarus, China, Iran, Myanmar, Nicaragua, Syria and Venezuela. Many countries opposed it, including the United States and the European Union, with concerns on human rights protections and human rights on human rights. We also opposed it for similar reasons. Fast forward to 2002, the UN upon negotiations of this cybercrime treaty, with member states start engaging in negotiations and proposing amendments. Russia was widely denounced by many negotiating parties at this stage for the illegal invasion of Ukraine, a criticism that many states are still doing during these weeks' negotiations. Many states even highlighted its lack of credibility in respect to sovereignty, but nevertheless, Russia got the ball rolling on this negotiation and many of its proposals made it into the first consolidated negotiation text. But geopolitics is always messy and by April 2022, many democratic countries that had a strongly opposed draft treaty were actively engaging in the negotiations and pursuing compromises through amendments. While forming an alliance is essential in global negotiations, it could in this case involve compromising the level of human rights protections, such as strong say-hards, limiting surveillance, unless a diverse coalition of countries emerge to champion human rights. The consequence of such compromises could lead to a raise of the bottom for human rights and privacy protections. Although the treaty has adopted an inclusive drafting approach in contrast to the Budapest negotiation of the Budapest Convention, incorporated significant input from civil society, some of its proposals continue to raise serious concerns as they potentially adopt some of the world's problematic practices in digital policing. Now let's discuss the scope of the digital surveillance power and international cooperation chapter. Various states have proposed extending these surveillance powers to any criminal offence rather than limited to investigations of specific crimes, specifying the convention which we believe are Corsair crimes, or at least to serious crimes with a penalty, a minimal penalty of four, punishment of four years. And this is very troubling because intrusive surveillance technologies on powers are increasing use for petty crimes, or for crimes that are even inherently illegal under international law, or they use it with very insufficient or lack of effective human rights say-hards. So one other big issue that we are facing in the negotiations is that there is no an effective global system in place to make sure human rights are enforced. So not many governments want to limit their own power to spy and track people closely because of this the convention may end up legitimizing intrusive surveillance powers that invade people rights and infringe upon people's human rights. The draft convention has this problem of this vague scope, and this vague scope it also has repercussions in the chapter of international cooperation. The cross-border policing chapter does not limit itself to international cooperation in a specific criminal investigations or persecutions, and these open the door for one state to share information with others using a method that may be not permissible in international human rights law, let's say mass surveillance, but sharing the information with others. Another issue is the problem of dual criminality requirement in the convention on international cooperation and assistance, which many states are actually right now still calling for it in the treaty. If this provision is not included, what it means is that states could find themselves assisting in investigations of activities they don't consider actually criminal in their own country or even even petty ones, including through the use of these very intrusive surveillance powers. Unfortunately, instead of progressing towards a human rights-based approach in the negotiation of the treaty as of now, the current draft test is moving away for them. States such as India, Russia, China, Iran, Syria, Egypt, and Tonga have even proposed to delete reference to international human rights obligations. Some others have asked to delete reference to data protections or even to the principle of legality, professionality and necessity. Removing these core principles and the obligations to provide adequate protections when you are giving these very strong surveillance powers to states could not only undermine privacy at the global level, but it could also undermine existing international human rights standards that have been developed at the United Nations and through court cases. Time is an essence right now, and we need to get this right. Retaining these core safeguards is an essential first step to adopting a human rights-perspective treaty. So I'm going to give quickly free examples of why this text is problematic, and one is the interception of content and real-time collection. We all know it's one of the most invasive surveillance powers. The current draft would enable these type of powers, but without strong legal safeguards. Countries like Russia, Iran, Egypt want such intrusive powers but are not prepared to agree with robust human rights standards. This could lead to a significant expansion of surveillance powers without adequate transparency authorization, judicial authorization, oversight, or accountability mechanisms. This broke language may inadvertently legitimize existing problematic surveillance practice into un-international instruments. The other provision that is very problematic is called special investigative techniques, and this draft provision includes a blanket term that could encompass whatever surveillance technology that exists now could exist in the future, living to a state to decide what it means. This could be very intrusive surveillance from mass surveillance for fair recognition to predicting policing. So these techniques, these clouds could legitimize any power or any surveillance that could exist now exists in the future. This provision also has a very problematic clause which allowed the removal or replacement of data being transmitted over networks. What this means is that it recognized a broad power to block size or blocked internet, so replacing, and the word replacing also suggests using this power to engage in deception or disinformation, replacing the original message which is a new one created by the country. So it's a little controversial and we hope this whole article gets removed. So in conclusion, the coming zero draft expected in the new few weeks because it's going to come the first zero draft of the treaty could significantly shape the treaty scopes either by making it overly broad or make it narrowing. We have to see what's going to happen next. But the draft treated as a stance, as is now, it could either embed human rights or it could actually lower standards of privacy protections as human rights globally. Thank you for your attention. Thank you, Katica, for kicking us off. Hello, everyone. I need to put this on. So hello, everyone. I am here on behalf of Article 19, which is an international free speech organization and we work with journalists, human rights defenders and whistleblowers around the world and we also look in countries around the world how already existing cyber crime legislation is used against these people. Similar to what Katica said from the start, we have been actually opposing this process itself and we have been gravely concerned about this kind of attempt based on the issues which Katica already outlined that this treaty would start. And we have asked for this project to be abandoned, but obviously that hasn't happened and our concerns are even more increased with the direction this treaty is having. So what I'm going to say here today is to focus on actually the crimes which this convention is proposing, which is in the current draft, but also some countries, Iran, China, Pakistan, Russia, proposed additional crimes to be included and still to be seen, like what crimes will be there, but there are great concerns. And so what is the problem with these crimes as we see them? First, our problem is that a lot of the proposed offenses are so-called speech offenses. So those are offenses when you are punished for speaking or doing something online and because this peripherally involves using computer or digital technology and there are extremely big and over-broad provisions which the states would have to then replicate international legislation. So issues such as hate speech, fake news or false news, incitement or justification of terrorism, even engagement or coercion to suicide and all of those very, very big terminology which is a subject of subjective interpretation and possibility for abuse. So for example, there was a proposal to include criminal defamation through cyber technology and that would punish defamation on internet. But criminal defamation is already prohibited in violation of international freedom of expression standard, so should not have a space in this kind of document or false news or even terrorism and all of these examples which I just mentioned. And some of these issues have been already addressed in international freedom of expression standards. So this treaty is sort of trying to reinvent the bill or input these offenses to international treaty. So that's the first concern. And this is not just hypothetical concern because in the countries where we work, we already see how similar provisions are misused against journalists or whistleblowers or human rights activists or civil society in general and if there is interest, I can speak more about that. Then the second problem is that the scope and the scale of the proposed crime is excessive. Compared to the Budapest Convention, which Katica mentioned, there are only nine offenses and only two of them are speech related and this is copyright and child exploitation images. So we question why there needs to be this universal adoption of this wide range of offenses that have never been even mandated at the regional level and many instances would fail to meet international human rights standards. And then the third issue is that many of these offenses are cyber-enabled rather than cyber-dependent. And this sounds like technical, but it is a problem because cyber-dependent crimes require digital infrastructure to commit them. So for example, illicit use of electronic payment instruments, but cyber-enabled offenses are those which can be aided by technology. But here's the problem because if the crime can be committed by using a computer, it doesn't mean that this should be addressed in the international treaty. So overall, we are really concerned that many provisions of this proposed treaty, as far as the crimes are concerned, violates international freedom of expression standards. It will restrict freedom of expression. It should be concerned to journalists, human rights defenders and, you know, activists in general because you might be prosecuted under these provisions if adopted in national legislation. And that as this negotiation continues, the states really must not lose the side of the fact that content offenses, if coupled by this surveillance powers and other restrictions which Kachitsa mentioned, this will create international card blanche for those who want to use this tool to restrict freedom of expression globally. And this will be seen in the context of the surveillance powers that will be provided in the convention. So this treaty mustn't become the tool to use against journalists, activists, human rights defenders, and those who are following us should really make sure and join the fight against it. Thank you very much, Pavora. Continuing with Roman. Thank you so much, Thomas. And I just wanted to briefly mention what Access Now does. We are an international civil society organization that seeks to protect and extend digital rights of individuals at risk. And what we do is a mix, in fact, of services. We provide digital security assistance to journalists, human rights defenders, and social society globally. And we advocate, we monitor and analyze developments on digital rights that impact the digital rights of users with a particular focus sometimes on how cybersecurity impacts protected human rights for Barbara and Kachitsa spoke about it. This comes from an understanding that technology can empower but can also place people at risk. And therefore, this is why we've been following the cyber crime treaty process very carefully. Our view is simple. Any UN cyber crime treaty should make us more cybersecurity, should not make us less cybersecurity. And the key part of any such international legal framework is that it should look at the human beings involved in cybersecurity, namely security researchers, digital security trainers, as well as journalists who investigate vulnerabilities and gaps in ICT systems. And unfortunately, our view is that the present text of the UN cyber crime treaty process, unless drastically improved, would in fact make us more cyber insecure. And an important part of this is to recognize what happens every day. Preventing the exploitation of cybersecurity vulnerabilities or avenues of attack by malicious actors, criminals, and others requires not just criminalization, it's not just a law enforcement activity. It's a larger whole of society, whole of industry, whole of civil society effort that requires regularly identifying and fixing the vulnerabilities in our everyday ICT systems, the computers, mobile devices, and more that we are using for this conversation right now itself. It requires human beings. These human beings are the ones who probe networks, research ICT systems, detect weaknesses, and find uncover avenues of attack. And they help fix, reveal, and further address these gaps and exploits in systems. This is essentially a daily race that's happening for making sure that we have more effective cybersecurity, we have secure devices. A critical part of this is to ensure that there's a clear legal environment for this work, for cybersecurity research, for digital security training, and more. And that's what we believe needs to happen in the cyber crime treaty process. It's not just about creating a framework to penalize cyber criminals. It's to ensure that states create a legal framework that actively encourages more cybersecurity services and more proactive provision of cybersecurity education and training from all. In fact, we believe, therefore, there needs to be a positive obligation cast on UN member states through this process to make it better. Unfortunately, we don't believe that's happening. And the current approach towards criminalization, which Barbara referred to a little bit, actually is chilling the work of journalists, chilling the work of activists, and those who work on security research more generally. And I want to emphasize this. It is very clear. Excessively broad cybercrime provisions impact cybersecurity research. They impact the provision of digital security services from civil society and others as well. And it results in more cyber instability. In fact, this is something that even this process on the cyber crime treaty has recognized fairly early on, even in doing the first and second sessions of this ad hoc committee deliberating a proposed cybercrime instrument. Delegates recognize that national security and cybersecurity issues are complicated, but you need to make sure that the worker security research is encouraged. There was discussion on fact, and even part of the process, questions asked about how do we better protect penetration testers and more. And unfortunately, we believe that while the questions were asked, the actual treaty texts they've come up with doesn't do enough there. And the reasons for that are simple. In effect, by creating provisions that criminalize the intrusion into networks, and what you call as core cybercrimes. Again, Barbara referred to them a little bit, what you would refer to as the cyber dependent crimes. All those activities are also activities as security researchers and activists do all the time. In order to detect, for example, whether the microlaptop is being hacked, a security researcher may probe a network, they try to uncover or find out what the vulnerability is. It's equivalent, for example, of sometimes a carpenter or a mechanic banging around to find a problem. And that is a core thing that they do. This doesn't often work on the basis of authorization. Often the people who discover the weaknesses and the exploits that you might see in the front page of newspapers are security researchers who, without permission, perhaps, are just out of their interest, hopefully following a clear ethical framework, have discovered those vulnerabilities. We had hoped that the cyber crime treaty process would see clear language that protects these researchers by making it obligatory on states to put very heightened requirements for intent to say that it's not just intrusion into a network, but that it is specific intrusion with malicious intent or with intent to do harm that should be there. And instead, we've seen states push back. We've seen some states say that, no, we want to have as broad criminal provision as we can and we believe that that's actually dangerous because while some states do have safeguards, for example, in the European Union, the Dutch government and the Netherlands has guidance on when security researchers should be prosecuted or not. And even the US federal government recently came out with guidance on the fact that they will not criminalize good faith security research. We believe that that's actually something that shouldn't be left to the discretion of states. It should be encouraged actively in the treaty process and we don't actually see that in see that there. I think it's also important to note that these are not academic questions. Some of you may be familiar with the case of Olabini, the Ecuadorian security researcher who was subject to a long painful criminal trial in fact because he just tried to connect to government system to see if there was a potential vulnerability there. And while in Olabini's case he was released after or not released I would say but he was acquitted that required a long painful trial that's still not complete and that's because that law is vague and imagine now that you have an international instrumented treaty that forces the criminalization of all these activities but doesn't put in safeguards. In effect what you're saying is you want to force criminalization but you don't want to learn from the mistakes that all these nation states have encountered over the last 10 to 20 years of these hacking provisions. So in fact that's what we're worried about that failing to provide legal protection for security researchers whether in the form of heightened intent requirements for these core cyber dependent crimes or a standalone perhaps exception for legitimate security research would be a mistake that not just the global information security community but all of civil society could ill afford. Part of that reason also is because this work is not just that of technical experts or geeks it's journalists example who discover weaknesses in security systems and ICT and they uncover this and in fact instead of making it better for them some of the proposals in this treaty actually say they should be enhanced penalties if journalists are involved in issues relating to leaked information from government systems. This just shows to you how this could be misused and weaponized perhaps not intentionally by all the member states part of this process but by many of them perhaps and therefore what we're hoping is that there is an opportunity for this to be fixed we should see heightened requirements for these core cyber crimes or they should be safeguard measures put into the treaty text itself that protect security researchers digital security trainers journalists and more because the reality is that the second cyber security research discovers vulnerabilities in the systems of the powerful in the systems of the end of those who are connected or digital security trainers protect folks from perhaps overbroad surveillance or intrusion they may be subject to criminalization and why shouldn't a UN treaty drag standards up rather than drag all global standards for the law. Thank you so much Roman for this reality check it's always good to remind everybody the cyber crime treaty is supposed to make us more secure not less. Continuing on to my colleague Tanya and European perspective on the negotiations. Thank you so yeah I'm with epicenter works and just to give you a brief introduction of the organization it's an NGO that is based in Vienna and we focus on digital and human rights in the digital sphere so among the focuses that we have is for example the prohibition of indiscriminate data retention or government hacking in Austria but also at EU level and nationally we've been quite successful with the latter. Coming to the cyber crime convention what are we actually talking about we've heard from my colleagues before that there is something like the Budapest Convention right it is a European treaty it was it came came about in the framework of the Council of Europe and one could generally very globally say that it is a treaty that was negotiated among like-minded European countries Western countries with a common human rights tradition and understanding. Broadly speaking I know but this is to keep it to keep it more general to see where the UN convention might lead us. So this treaty has served as a blueprint for many other countries that either exceeded to that treaty and countries from outside the European continent or who countries that drafted their national legislations along the lines of that treaty. So where would the UN convention lead us we've heard that there have been certain interests of some states to bring about a global globally applicable UN convention and whereas it is very exciting to be part of a negotiation of a UN treaty and that is because it only happens every other decade so this is a rare and special occasion to witness no doubt about that but we have to keep in mind that the UN convention a UN convention if it were to be adopted would take it all much further it would apply globally with all the differences in human rights and rule of law standards and traditions that one can think of so like literally global application. In short and that is very important it aims to set global standards to fight cyber crime but it could also if it were to fail set a global standard of how we all lose our privacy and there is a real danger that this could happen so the draft treaty does not only have a potentially broad scope it massively expands the possibilities of law enforcement authorities access to data through worldwide interoperability such surveillance measures that we've already tackled upon include real-time the real-time collection of traffic data the interception of content data search and seizure of stored computer data the expedited preservation of stored computer data or an expedited preservation and partial disclosure of traffic data and on top of that there are suggestions to admit to have an obligation to admit electronic evidence in court in a court of law that stems from these surveillance or well investigation powers and obviously we are currently discussing a huge chapter on mutual legal assistance so you can see this is a very broad very intrusive potentially very intrusive treaty it is also pretty clear I guess from what we've what you've heard so far that we urgently need strong safeguards and these unfortunately so far are not in place and I will just name two of them which given the background of my organization are very key to us one of which is the exclusion of government hacking so the way at the moment that many the way many provisions at the moment are drafted is very broad and it does not for example rule out the use of government hacking so working for the organization in Europe that managed three times to avoid that from happening in Austria we advocate for an explicit requirement to be added that any investigative powers must be conducted in ways not to compromise the security of digital communications and services it must be ensured that government hacking must not be justified in any ways and it is key to us because it is government hacking is unlike any other form of existing surveillance techniques it is far more intrusive it permits remote and secret access to personal devices and data stored on them it can be it can conduct various forms of real time surveillance it can manipulate data on devices without leaving any trace so it really is something one has to be very worried about if that were to be included or potentially included in the convention not to forget it also affects privacy and security of others in unpredictable ways so it is not only one one subject that might be concerned but then also everybody else potentially that this person this person communicates with and it exploits the vulnerabilities in systems to facilitate surveillance objectives and we just heard what that could mean for digital security aims so it really is at odds with it the second remedy that we currently are not seeing in the in the draft treaty is an effective remedy and it is key to us that the right to an effective remedy for the violation of privacy be included it is not only such such a remedy would not only have to be known so that people actually are aware that this exists and has to be accessible but then it is also key that if that were included the way it it should be in order to be meaningful it should include a prompt thorough and impartial investigation of all of all violations also there needs to be a power to order the end of all ongoing violations and the full and unhindered access to the relevant information and the capacity to issue binding orders if that were to be included in the meaningful way as I said right now we don't see anything of this in the draft treaty we hope this is there is still still some time but we hope this is going to change that really is key the bottom line of what I've just said well we are not against modern law enforcement techniques because we understand modern law enforcement in response to new developments in this field of cyber crime is of course important and necessary but the present draft goes far beyond the simple goal in this session and also in the following ones it is key to move forward and to move towards a narrow scope strong safeguards and no excessive investigation powers to protect us all otherwise we end up with the lowest common denominator that puts the privacy of millions of people at risk thank you thank you very much Tanya to remind us what a rare occasion this negotiation is so we better pay attention and the Lord is at stake and before we open up a question last but not least Ali thank you Thomas just to briefly introduce global partners digital who I'm here on behalf of we are a human rights organization working to ensure a digital environment underpinned by human rights and we come to work on this issue of cyber crime laws because we see from experience that such laws can both undermine as well as enable human rights and like my colleagues we've been observing this process to elaborate a treaty from the outset like other civil society groups and like some countries we were then and we remain skeptical about whether such a treaty is necessary but we've continued to engage in the process because of the risks that we see to human rights and the need to mitigate those so my colleagues before me have outlined the key risks that this treaty poses and the high stakes of this process and these include the vast scope of crimes including speech offenses the lack of safeguards which could permit intrusive surveillance and the fact that indeed it could undermine rather than enable cyber security so just to add to those points I'd like to bring us back to the negotiations which we've come directly from today and to share some of what's currently being discussed by states in relation to the topic of international cooperation and then after that I'll say just a very brief no on what's next in the process but maybe we can come back to that in the questions and so just to give some background international cooperation is one of the topics that's being discussed today by countries it includes various things including extradition for example and sharing of electronic evidence through the mechanism of mutual legal assistance to give some context the reason that many countries say that they're engaging in this process is precisely because they want to strengthen international cooperation on cybercrime but at the same time and many of them indeed have said today that they see it as the heart of the treaty but at the same time as they're saying this we're hearing certain countries reject the inclusion of practical and robust safeguards which are derived from their existing human rights law obligations and you've already heard some examples of what those safeguards are from my colleagues in the context of international cooperation they include the requirement of dual criminality limiting cooperation to the offenses in the convention and limiting it to serious crimes as well as the ability for countries to refuse to cooperate on the basis of human rights concerns and so we're hearing some countries argue that and it's not necessary to include these practical safeguards because we already have earlier in the treaty an article on human rights and another article on conditions and safeguards but to these points I'd just like to share a couple of reflections so the first on the point that they're making that these practical examples aren't necessary well it's important to note that the text is still very much live and still under negotiation and the current wording that we're seeing on human rights indeed isn't adequate to ensure protection as you've already heard so we really cannot rely on that argument that these protections are already guaranteed elsewhere in the treaty and then second on the notion that the treaty will strengthen international cooperation and well indeed we see that the safeguards rather than being an obstacle to such cooperation should really be seen as enabling that not having them would introduce uncertainty and that would hinder cooperation the very thing that certain states are saying that they desire by virtue of the treaty and it would also cause risk to human rights most importantly that's why we're here so and we're pleased to hear a few of the countries reinforcing that this morning then I'd like to just say a note briefly on what's next in the process but we can perhaps come back to this too we're currently in the fifth session of the negotiations on the treaty and in this session in the previous session we've been hearing the views of countries on what's called a consolidated negotiating document and the views shared in this session and in the previous one will form the basis of a zero draft which will be shared ahead of the sixth session which will be take place in August of this year the zero draft is an advanced stage of the treaty and the negotiations over its contents will be even more politicized and yes that is possible so we do really have some concerns that the treaty is being developed at such a time when there's still so many questions about the scope about what will be criminalized about the lack of conditions and safeguards and we also note that the process to elaborate this treaty is really ambitious so after the sixth session in August there's due to be a final session in early 2024 whereas countries will potentially agree on the contents of the treaty and that you know gives us grave concern because as you've heard the implications of what's being discussed are very serious and it's a very short time frame in which to do it and so I'll finish that Thank you so much Eli so now we come to the interactive part of this press briefing so in case you have questions you want clarifications you have thoughts on all of this please raise your hand both here in the room as well as virtually and you can also use the chat in order to ask your questions and because while we are waiting for this Barbara I would like to start with you from a global freedom of speech organization perspective you mentioned that compared to Budapest the scope has been much broadened what would be the impact of that particularly from a global perspective like could you identify this harm for freedom of speech to us Yes so as I said before some of these proposed provisions especially from like problematic countries as you know Kachitsa mentioned some of them you know Iran, Pakistan China, Russia are already in the existing domestic cyber crime laws and they have been used to prosecute as a journalist whistleblowers human rights activists or like people who are using internet in the countries where they were adopted and if they are replicated in the convention this will embolden this undemocratic states to proceed further but these are not hypothetical cases em the case of Olabini was already mentioned but under existing cyber crime laws those are even things like in Tunisia recently the government adopted new cyber crime act and they have been prosecuting activists and a professor who criticized government online or there is a student activist who has a Facebook page which monitors what is happening in the neighborhood and they have been some clashes with the police and protesters and the person have been prosecuted under the cyber crime law for causing disorder through internet or in Sudan there is a Facebook page which was run by human rights activists and during pandemic they criticized that in Sudan there was not enough EPP equipment and they have been also prosecuted under the local cyber crime law or in Thailand somebody liked a Facebook post which was critical of a monarch and the prime minister and this person was prosecuted under cyber crime law and all of these people are facing long sentences so again if this is instituted or similar provisions are replicated in the international treaty this will make situation on the ground for those who are critical of the government much worse thank you Katica I think you've been working more than anybody on international treaties like that what is your point of comparison also from from the historical arc if you compare it with previous treaties that you negotiated where you have observed how is the level of access and what is most missing like is there one particular thing that negotiators could do in order to fix it in order to bring it more in line with human rights this is two questions but in one thank you and when it comes to civil society participation yeah I have been working through the trade agreements TPP and many other international agreements not only on cyber crime but on many other areas on digital rights issues through my career but as I see it's very hard for civil society to be able to have a seat on the table and especially be able to read the amendments I think this despite the content of the treaty I will say that the opportunity to participate and read the amendments and understand sometimes the very honest comments of these countries with poor human rights records on the records have been surprising to me being said that doesn't mean that actually the mechanism for effective civil society participation is full in place you know I think it's also experiment because it's the first time but we don't know why we see our documents you know in the white screen and our amendments we know we don't there are a lot of informal meetings and a lot of negotiations behind where we cannot know what's happening there and also doesn't mean that because we have a seat on the table we're actually going to see good proposals and as we have seen the direction of the organization the text is concerning when it comes to human rights now regarding the question how to ensure effective human rights protections there are two things in addition I would like to see a collision of NGO a collection of the states championship stronger human rights protections I'm not only talking about data protection I'm talking also on the on the right to privacy more detail say how when it comes to put limits to government access to data especially when it comes to very serious investigative powers but the problem that we see and that's the problem when countries copy paste from different treaties copying from Budapest to the United Nations is not replicable first there is a lot of documentation and good cases I even background information on guidance notes on the cyber crime convention when it comes to article 15 of the safeguards well we have criticized it because this is still when we are doing national comparison analysis of surveillance laws across jurisdiction we have seen that this article 15 of Budapest has not be translatable on effective safeguards being said that the background documents and some of the explanatory memorandum of the treaty have provided a lot of information to states on how to do that but translating this into another context and with even more wider human rights records just to make a note Budapest is also very diverse we have countries like Turkey like Philippines there is not only European countries but here is even wider and the diversity of a human rights protections and levels even wider so I don't think that even having safeguards in place will solve the problem because the problem that some of this country have is at the core of the lack of democratic safeguards lack of independence of the judiciary lack of comply with crimes that are permissible under freedom of expression or under human rights law and then the surveillance powers that they will use to prosecute such a crime will also be used to prosecute crimes that are can target dissidents can target journalists can target people who are being called terrorists and just because they are just criticizing their government and speaking truth to power thank you it's very good to hear we have a question from the chat from Thomas Claiborne from the register do any of the provisions require the weakening of encryption to facilitate law enforcement access is one of his questions I don't know what a Raman the question was do any of the provisions require the weakening of encryption to facilitate law enforcement access Raman maybe you want to take that I can bring that up it's in fact we perhaps will know more about this in the next few days because the section on technical assistance will probably be discussed in this UNIDOC committee next week and that's I think where people have been concerned that when you come to the proactive assistance that states will perhaps either do themselves or require the private sector to do that that might be included there I can you know share in response to a question that previous discussions on this issue have touched upon encryption some states have brought up concerns and said that the private sector should do more to facilitate direct access or other words like that now again those words can mean different things perhaps even the states mean them differently but we've heard words like direct access we heard words about proactive obligations of private sector entities the question is is the exact language say replicating the weakening of encryption provisions that for example were carried in on Australian law three years ago no not yet but some of the states clearly are trying to bring that there but also realistically perhaps some governments know that saying that explicitly would result in a lot of opposition so you'll probably see a very quiet inuendo and comments next week that are worth watching we have another very important question from Thomas Cleveland from the register is there a scenario in which no agreement is reached and the whole treaty is abandoned or should we expect to see something even if based on the own rules that get sufficient support yeah I would like to reflect the encryption later because there's another provision that might be relevant but on answer this question we will say that there have been recently a leak between the United States and the European Union that are seeking to isolate Russian China which this means in practice is trying to bring some countries into the middle meaning trying to move away from those countries and trying to get consensus among those countries whether that will succeed or not I don't know but does the goal and that seems that they won actually a treaty and they want to get consensus it's not like in the past where where actually there were more diverse more not commitment to to finalize the treaty but actually we're only going I cannot read like the future right we're only going to see that when it comes the zero draft and see whether it's more narrow or it's very wide I think if the scope of the criminalization section is very wide I don't think there will be consensus on that that's my rate my personal opinion and now on regarding the encryption I think there is a provision that it's important is the one about digital evidence it's not exactly about encryption but it's a provision that provide an open-ended obligations on on ex-taste to give full way to digital evidence extracted from devices as long as the domestic forexing rules are respected this means that the type of this digital evidence extraction tools you may know some of these companies who are having you can use and endorsed by these provisions frequently include the ability to to bypass device encryption and capture long deleted content yet there remain no clear savers in the treaty for ensuring that these powerful capabilities are not used to carry out flagrant human rights abuses far from putting such standards or such limitation limitations in the text the provision traders will legitimize the proliferation of these of these extraction tools thank you yeah that's extremely interesting also because we had a similar discussion also in some European countries about where you can even get evidence from the hack device because it has been tinkered with I also want to open up the other question from Thomas about where does this lead and maybe interpret it a little bit like not reading the future but what are the scenarios which we can expect to the others maybe want to come in here should we expect a treaty at all or is there still a chance that this whole thing could fail I can start and I'm very interested in hearing the views of my colleagues it's there are a couple of options here as many of you mentioned and particularly Ali mentioned it is on a lot depends on the zero draft because the decisions really will happen after the session where the team that's working on this is the chair of the process as well as others will have to produce a zero draft that they believe will get the majority of UN member states behind it and it's very important to remember this this process started by a simple majority in the General Assembly but the outcome that they did finally then agreed upon was that to move it ahead as a UN treaty it will require a two-third sign off by the participating states in this which means in effect while it may have started off with a simple majority for it to be regarded as even partially successful requires a two-third majority if not by full consensus in fact I think the text says we want full consensus and if consensus doesn't occur we need a two-third majority even that two-third majority by the way states can choose to support it as a UN treaty it gets a UNTS number it's designated as a UN treaty that the Secretary General can accept the session too but states may choose not to sign it there's been past complicated precedent in the space of say the oceans or even things like the Antarctic treaty or parts of say you know the Lunar Treaty as well if something's become a UN treaty system document but states have not really exceeded to it but I think it depends a lot on the zero draft what happens in New York in the next session which will be in August and then the final outcome session as Ellie mentioned in January which perhaps is an ambitious target because it seems quite likely that they may not be full agreement if anyone looks at the red-lined version of the consolidated negotiating draft from the last session it is full of red lines in every section and those are red lines that this chair needs to make decisions on within barely a month, month and a half and then states need to agree upon any additions to that or maybe also to open up a little bit I mean we all been at the UN this week so we also have our immediate observations of the past days is there anything you want to share how your assessment was of being in the room maybe if I can if I can come here just to say I mean it is fairly open still what the outcome of this treaty may be if there will be a treaty at all and taking this from the last session and then also observing the first couple of days now there are obviously as we've mentioned already the red lines one of them being whether at all to include human rights language or whether to just have a very open very vague paragraph that roughly mentions obligations on the international human rights law or to have it more specified so there's been everything we have the full range from take it all out until like have it very specifically and then lots of suggestions of actual wording we've observed similar trends this week with regard to data protection so the data protection article that is in the CND in the draft treaty now is well fairly vague fairly vague I would say and then the European Union obviously came with a very very detailed suggestion for stronger data protection obviously they cannot deviate from their from their keys or from the GDPR standards other countries supporting it today and I don't recall what country it was but we've heard that well this is not important we don't need data protection in here at all so we could remove it so again this seems to be very diversive and obviously some countries not going to be are not going to be able to sign up to something that does not include or does not is not in line with their with their standards what else do I observe in the room just yeah well from a civil rights organizations perspective maybe so far this process or last session the generous session was fairly inclusive in the sense that we all were and we all sat in one big room together with the delegations we could interact you've already had the feeling you were part of this we had the opportunity to intervene several times and to provide our own statements and observations well three days have passed tomorrow is the last day of the first week and we've not even had the opportunity to speak in even once so we're not in the same room we are in a separate room which gives you the feeling of being at the children's table of a family gathering or so so you're not really part of the party and yeah we hope that changes because it really is a pity to have the feeling of being merely observing instead of actively participating just want to clarify that the phrasing of our room being the children's table I heard that also from several state delegates on the point of data protection just to reiterate that and that's also public in the stream my personal highlight was still the US saying data protection is yet another human right so why even explicitly mention it so these are these are real things that we hear in the plenary I think we have a question in the room you hear me okay there we go thank you all so much it's it's been really excellent to hear from you and I'm grateful for all of your perspectives I want to stick with the emphasis on what's coming up next and my question really also is just to ask you to reflect a little bit more given how critical some of the issues that are being debated here are for journalists in particular you know why why are have there not been more why has there not been more coverage has there been good coverage of the treaty negotiations and I think just turning to what's coming next because we have been I think as many of you mentioned in sort of a state of suspension and limbo because the criminalization chapter and the human rights the key human rights safeguard provisions are not under discussion here in this session and so it's a little bit matrixed and hypothetical some of the the cooperation and technical assistance chapters but we'll have a zero draft so from the perspective of journalists you know is this sort of the time to start engaging and even for organizations that are representing journalists and their human rights and human rights defenders is now a good moment for that just to also highlight that we have this event today also here together with the International Press Institute so there are thankfully some journalistic press organizations that do care and try to put a spotlight on this Barbara what is your question for you this is just an observation it's not like a empirical study about how journalists cover this I think there have been some coverage in form of op-eds so I think all our organization publish op-eds and whatever we approach let's say like Reuters and so on they publish this op-ed but I haven't seen them really kind of reporting as what's going on but you know UN negotiations are for a lot of better like boring for journalists or like super technical so if you sit in their room and they are going through the documents and many governments are making months it's not nothing like it's all like a human story with journalists would bring and you know it's probably also our responsibility to make it a human story so to to say how this is reflecting on what is going to happen to journalists if some of these proposals which have been put by some of the governments go through but yeah so it is a point and I don't think it's like super unusual for a treaty because this is as I said hardly kind of excites people to sit in the UM room and you know cover it and also there's a lot of other things going on so like in individual countries let's say like on the EU level there is a lot of you know how platforms are regulated and you know DSA, DMA and EMA and all of that so probably seems like too much but that's also the reason why we are here and trying to engage journalists on the topic so I hope that if you are a journalist which I guess you are you know will be up on you to to make it into a human story which people will care about I just wanted to supplement to that to just say I think there are three also important factors one and this came up in the beginning of this process itself the fact that a lot of the substantive sessions I've been here in Vienna removed from perhaps even the sort of limited New York or UN press public exists in New York sometimes Geneva on human rights issues is an important issue and remember in the beginning of the process for those unfamiliar some states express concerns smaller states for example don't keep full missions in Vienna they may have one person who does 10 things or maybe limited participation so that's sort of New York versus Vienna split has been I think an issue and it's been regarded as a more technical issue that people aren't engaged in whereas actually it is a core not just press freedom it is a core civil liberties issue for all these matters secondly there is this perception that this is a technical issue in fact as I say the reason why access now I think many of us are there in the room is actually because there is a lot of agreement between people in the room because a lot of the folks in the room are law enforcement prosecutors and judges and even the most human rights respecting of them sometimes do like a degree of executive discretion and authority the sort of tension that requires say you know a judge or a human rights judge to sometimes tell a prosecuting judge saying I understand you want full power and authority but maybe we need to put in safeguards but there's already more agreement in the room and that's perhaps sometimes why it's not as controversial because people don't realize what's there and lastly sometimes this conversation that this is as you said like a Russia-China proposed process I say it's an important one but in fact as everyone who's been part of the process recognizes Russia may have triggered the resolution but it's not a Russian process by itself and in fact that's the problem I think our worry is that states as Katitsa and a few others also mentioned might trade away a lot in exchange for having a document or a treaty saying that look there's not failure here you don't need to localize data in your country you don't need to pass this drastic law you can instead sign up to this international treaty and that trade-off is also alarming and again that's where I think sometimes the journalists don't always realize that because they get pulled into the origin of the treaty or is it a geopolitical conflict between Russia-China and the rest of the world on the other hand and instead actually we need to go into the deal-making that's happening behind the scenes in the process I can certainly draw a parallel to European politics which is always already very hard to bring close to the national newspapers this is even harder we have another question from the chat let's set this one first can the speakers talk about whether there are any states that are standing behind the inclusion of human rights safeguards like who are the good guys can you repeat can the speakers talk about whether there are any states that are standing behind the inclusion of human rights safeguards yeah I mentioned that in my speech I think I mentioned what is this Russia Tonga need to pull the numbers are the names Pakistan they were Iran they were actually particularly asking for the removal of the general article on human rights or even when it comes to conditions and safeguards the limitations to surveillance powers and international cooperation they also some of them want to be removed removal for the treaty that was very concerning because it's not the discussion that we will have in Budapest that was weak standards this is removal at all the treaty and so that was very surprising to me and very concerning yeah I think for the supplement because I think the question also was which states are actively supporting yes yes it's both yeah so those the countries who were actively supporting and supporting or against supporting supporting human rights there is the United States obviously it's also Europe the strongest is also European Union who come up to say no strong safeguard no surveillance measures unless there is robots human rights safeguards they have in championed these in the treaty I'm hoping to see more Latin American countries joining the European Union and for an alliance of pro-human rights safeguards in the treaty as strong as for instance the European Union who have put like a red line on this topic right now we still see in the the version the current version of the first part of the CND so the one the version that we discussed in January um you see a whole list of alternatives to the general human rights paragraphs that very short one two lines that we mentioned in different you know different levels of detail and different countries backing or numbers of countries backing one or the other and really yeah well the European Union we've seen a very good also proposal by Uruguay on behalf of a group of Latin American countries the same is now happening also with other protection obviously so there is various various suggestions yeah so that that's why it's also so interesting to cover so even the sports journalists this is a horse race so please look at it we have another question from the chat will the treaty address government use of hacking tools like NSO groups Pegasus directly or via contractors so I don't know Tanya Rahman I think like there is it could be read that way would be my assessment so in fact and that's a question I think even some people have had should a treaty like this categorically you know prohibit or criminalize the use of spyware and I think the concern in fact is ideally perhaps an international treaty or international legal action should do that but in this treaty instead we know that those hacking tools will be actually legitimized potentially and some of the interventions made by Tanya as well as Kattitsa referred a bit to that that the ability to say take copies of data from a device so other things will be the powers will be provided in the treaty and then governments will come and say well it's provided for in the treaty we're just using a third party vendor to help us do this please let that be okay and probably states are a bit smart I don't think any state is going to publicly stand up and say I'm going to defend NSO group I'm going to defend this but they'll instead say yes of course we need sometimes to be able to access data perhaps even for another government under lawful process and then they will say oh the issue about how we do that why our vendor should be left to national mechanisms and please some states will say we don't want any human rights safeguards or independent mechanisms was that that's one of the reasons why people are saying while perhaps this treaty is not the best place to combat the use of human rights into spyware these safeguards on human rights on accountability or even how police forces or prosecutor authorities use these powers that needs to be covered in the treaty because it's those checks and balances that will prevent these vendors from actually essentially conducting human rights infringing spyware attacks globally and the other important part of this is I find it funny right the work of legitimate security researchers may be criminalized but the work of these folks who essentially are hackers for hire will be potentially permitted because it will be allowed to national governments to do this there is this a good place to combat spyware perhaps not should there be more international action on spyware absolutely perhaps instead the UN should be doing that and not drafting this treaty but that's where we are right now I think I have to intervene here too I mean it's only I know I'm stepping out of my moderator role but to the question can I ask a question just a question because he said if the treaty authorized use of government hack in that part there are several provisions that could authorize and legitimize this treaty we wanted an EFF and privacy international to keep it outside the scope because as we see there is no human rights safeguards at all but the special investigates NICS is so open-ended that could actually authorize hacking and then you have a certain interpretations of the language of real-time collections you know when it comes to use malware for location tracking you know that could be interpreted to be in that provision but without the safeguards that we were discussing won't be possible to we shouldn't authorize that because as we see it will legitimize the use of these tools by authoritarian regimes about the regimes that have been attacking or invading the privacy of activist journalists that we see recently in Mexico and many other parts of the world maybe if I may just add to that if we talk about the very vague and open provisions and the a lot of you know room that there is for interpretation today we learned in the statement from one country that there's not going to be any explanatory documents to this to this convention so I'd say this is yet another reason to be very worried yeah just to highlight there was also an open letter by civil society last year that in part also addressed that was I think signed by over 80 people you have another question here in the room thanks everyone for this really informative discussion Scott Griffin from the International Press Institute so I think that the impact of this of this treaty you know on states with weak democratic standards and weak rule of law I think we've talked a lot about that it potentially may legitimize practices that already exist or obviously not provide any incentives to comply with human rights standards I was wondering if you could say something a little bit more specific about the potential impact of the treaty on states on democratic states that already have existing standards existing protections on these types of issues what's had a what's had a practical impact would you see let's say in Europe where you know data protection standards exist to a certain extent with this weekend already existing standards just thinking practically about when the countries where we are working you know here in Europe for example what type of impact would we see wants to take that this is in European I can have an example but not European context so international cooperation this is I think the key issue so the idea of the chapter international cooperation is about sharing information about the states and because as currently written there is no limitation on the scope of international cooperation it says preventing it's not just specific a specific investigation or prosecution of a serious crime investigation and prosecution is broader than that it has preventing interrupting and many other words and not make it limited what it could be is that for instance country A with poor human rights records you know will have authority to use any surveillance technique malware mass surveillance tools and that's not part of the treaty but they have the power and their domestic law to do what they want to do and but they could get that information and then sharing in the countries who are participating in joint investigations so they are doing like investigation across countries that could involve different countries around the world well these countries who may have higher standards and may not be able ever to access that type of data and there it's not authorized to use that type of surveillance technique could benefit for the information sharing in this joint investigation so in this international cooperation among the states actually it is clear or not I'm trying to explain that's one of the issues on practical ramifications the other one is legitimizing this these techniques you know legitimize techniques with countries with procurement records which we have in challenge in courts we have a lot of courts when there is location tracking without safeguards if there is no you know a lot of access to content without the proper proper safeguards so just location tracking which is very sensitive it's actually have a higher level of protection while the the treaty is not giving that and it gives them the words of those countries to not modify their love or to not adapt their love or to even just say well we comply with the treaty you know it's a big big safeguards and we're fine so that's our main concern yeah and for democratic countries I the one for democratic countries and for the government countries is the one that I say it yeah that's I'm going to just add Scott also depends a lot on what gets in the final version of the treaty because some of the proposals the criminalization are so broad they would bring in fact new provisions on extremism all provisions on cyber terrorism which no one fully knows what they mean what it means or even provisions such as for example potentially the criminal mandates around fake news that is one proposal that's linked for example to the from a proposal from the people's Republic of China so a lot of those are quite problematic now again it's perhaps the case that those provisions will not easily get through there but it's a lot of pressure and I think also there'll be the other thing that will also explode is that the number of data requests to lots of these democratic countries will significantly increase and they'll have to have clearer abilities to answer what they're giving access to or not so that pressure is going to be there so there's going to be pressure on criminalization there's also going to be pressure just a general massive increase in the number of requests coming from potential signatories to this treaty I do have an answer for data protection it just came right to me it's lovely so as we see there is a global discussion on data protection there is different trends you know we have the European Union the GDPR who have been the basis for global the model for privacy laws data protection laws around the world many countries in Latin America have used it then we have some of the police directive in in the EU who have been translated but not as much as globally we want that but we have seen a slow adoption by many countries by putting so one of our concerns in the treaty whether you know if if data protection will be included and if it's included whether we'll undermine actually the global trend that or and the impact that data protection has already outside outside the the negotiation of this treaty whether this trend of adoption that has come naturally through the years if they encode standards that are very weak much weaker now that will be for data protection but police directive have not been implemented as I want we would like to see but still you know the standards that the European have on the police directors could be higher than we could achieve and here and one of my concern is that they would a PEC convention the second additional protocol to a PEC convention already encode some data protection principles in this treaty and authorize the use of biometric is very weak standards having this in the treaty a detailed safeguards on criminal investigations could open the door to authorize this type of weak standards and globally now being said that some countries don't have nothing and whether this weak standard will serve that serve them it's a question to see I question that will serve them because I think that the problems that they have is that they already have weak institutional democratic weak institutional institutions and so I think that they will do what they want to do that's my thoughts we have another question from the chat which is an interesting one has the passage of laws like the UK's online safety bill or Canada's C11 bill affected the negotiations at all I don't know who can answer that what it is I don't know Canada's C11 bill I know the UK online safety bill get adopted UK on safety bill hasn't been adopted yeah I mean it says here the passage of such laws I mean they yeah they are not passed yet so fortunately that train wreck of the law hasn't been adopted I haven't seen the impact on it but I can't really I mean maybe colleagues who have I think you're not saying directly but you are seeing this willingness from states some states in the western states to say well you know we're not going to be always aggressive saying that don't talk about online harms or new provisions because our governments are doing them and the perception let me put it this way it definitely emboldens their counterparts in many other countries not just authoritarian states but even challenging democracies the contested democracies who will come up and say but the UK is passing exactly what we want and we just want a little bit more why can't we do that it's a relative state some people will say for example the UK wants to do this for a child sexual abuse imagery or other material we want for that plus this other vulnerable community and perhaps this issue because for us political instability causes you know violent situation so why can't we cover this as well so that's there I think that tenders there it's not come in the room we have not heard anyone explicitly mention you know these laws perhaps also because that's a UN arcane procedure thing if you name a state it triggers a right to reply so most states are very careful from not normally criticizing each other's domestic laws although there has been a lot of discussion around state cyber behavior particularly around Russia but that emboldened emboldened of positions is definitely partly occurring but not as express explicitly as perhaps we would have expected of here not yet thank you Ramam Ellie I would like to come back to you and also talk about really what's next in the process you are hinting in your introductory statement that there's a lot more to come and maybe even looking beyond if we if we have a treaty how will implementation look like like maybe I'll explain this for people who might have never observed such a process before yeah absolutely I'm happy to do so so in terms of just the next stages we have of course the outcome of the negotiations that we're currently having and as I mentioned before we have the zero draft to be discussed at the August session and then we have the kind of final session in early 2024 and I think as we've heard quite a lot of the countries are keeping the powder dry so I think you know if there's a chance in which the treaty isn't doesn't become a treaty then we might start to figure that out by the August session and then in respect to the session in early 2024 I think Roman mentioned this in his comments but the decision of states whether to exceed the treaty is indeed a political one so while there may be an impetus within the room to agree the treaty there's still some scope for us here and you and people outside of this room to influence that process and maybe that's like a more hopeful note that we could touch upon what we can do in this time to build that pressure and then indeed there is what happens if the treaty is adopted from early 2024 the question will and turn to implementation but there's a lot of work that we need to do now in respect to implementation so the treaty itself will set out what that process is what we would like to see is that treaty having at least the same means and modalities for civil society to engage in the process as we have at present so we want to see at least the same access to the room in any future negotiations regarding the contents of the treaty that's one thing and more broadly we want to see countries taking a more open approach so as Tanya said so we had the opportunity to speak more at the last session we will indeed get that at some point but are we really being heard and I think that's a pretty critical point to think about absolutely and that's also why that basically the premise under which I want to close if there are no urgent questions from the room or virtually neither of you had the opportunity to speak and to send a message to negotiators in the UN but I can give you this opportunity here so I don't want you to read the formal oral statements that you all prepared but what would be the message to negotiators that you would like to send like what would be the key message the key wish that you would formulate for them to reach a good outcome from a human rights perspective one reduces the scope of the treaty through all the chapters criminalization criminal provision international chapters make it narrow to cause cyber crimes make sure that any crime and any career measure is compliance with international human rights law we need also to make sure that any powers that will be authorized are actually compatible with international human rights law and that any powers that are embedded in the treaty don't bypass their own safeguards that are in the treaty which is happening in some provisions so some provisions are subject to the safeguards and some others not and so make sure that it's across cutting and my ideal world I would like to see a coalition of countries from developing countries and the European Union and maybe the United States to push for a strong not only data protection safeguards but privacy safeguards against law enforcement access to data and see that as a champion a champion of human rights and finally I would like to see a mechanism of implementation on the treaty oversight body that will monitor the compliance of the treaty obligations with human rights within the the treaty discussion so we could have existing human rights body mechanism could assess that compliance because there is a mechanism of implementation another section of the treaty which will create such a body so me also reduce the scope of offenses and almost like no content based offences because Budapest Convention as I said has only two which is like sexual abuse images child sexual abuse images and you know that you can probably inclusion is justified it's also criminal copyright criminalization of copyright infringements which I would like not to see in this although there are in the Budapest Convention but basically like very very limited maybe like one content based offence and greatly reduce the scope of other offenses my message would be simple a cyber crime treaty should not be a lowest common denominator raised to the bottom situation it is a chance to shape a paradigm that lifts standards up and this is something that the UN was founded on actually it can drag standards up for countries it's not just about negotiating to a common minimum and some of the procedures you have got that Katitsa and Barbara mentioned be part of that but the other most important message I would say is very simple don't criminalize directly or by omission the work of the human beings that make cyber security possible don't make us more cyber insecure a cyber crime treaty is not just with the cyber crime units of police services it's for all of the people involved making our systems our network cyber secure well very simple as well make this a race to the top but not to the bottom don't introduce any surveillance techniques through the back door that might not even be explicitly mentioned in the treaty and ultimately we really have to have to ask ourselves do we want to have countries like Russia China or Egypt to define what safeguards should be in the treaty and what safeguards should be there for online surveillance or the exchange of electronic evidence yeah so in addition to all of the above and I guess just bearing in mind what we shared about the risks to human rights and I would just ask the question to states of you know does this treaty respond to the actual needs that some countries have in respect to combating cyber crime you know give that some thought and indeed if that is the intent what would a rights enabling treaty look like thank you thank you very much I think then can come to a close I also want to thank the audience here and virtually for participating and particular applause to the panelists and let's hope we'll have a good second week of negotiations thank you