|
RAPPORTEUR GROUP |
Legal co-operation |
31 October 2019[1] |
|
Convention on Cybercrime (ETS No. 185) – Request by Burkina Faso to be invited to accede
Item to be considered by the GR-J at its meeting on 26 November 2019 |
1. By a letter dated 11 June 2019, received and registered at the Secretariat General on 15 July 2019, Mr Alpha BARRY, Minister of Foreign Affairs of Burkina Faso, expressed to the Secretary General of the Council of Europe the interest of the Government of Burkina Faso to be invited to accede to the Convention on Cybercrime (ETS No. 185) (see Appendix 1).
2. According to Article 37, paragraph 1, of the Convention and in line with the practice of the Council of Europe, the Secretariat proceeded to a consultation of member States of the Council of Europe and non-member States which are Contracting States to the Convention, requesting them to communicate to the Secretariat whether their authorities would object to the accession of Burkina Faso to the Convention on Cybercrime if the request to be invited to accede was formally submitted to the Committee of Ministers. The deadline for replying was 18 October 2019. No objection was communicated to the Secretariat.
3. An information note of the Secretariat of the Cybercrime Convention Committee (T-CY) on co-operation with Burkina Faso appears in Appendix 2.
4. The relevant provisions of the Convention on Cybercrime can be summarised as follows.
a. Summary of the Convention
5. The Convention on Cybercrime (ETS No. 185) was opened for signature by the member States of the Council of Europe and by non-member States having participated in its elaboration, in Budapest, on 23 November 2001. It entered into force on 1 July 2004. The chart of signatures and ratifications appears in Appendix 3.
6. The Convention is the first international treaty on crimes committed via the Internet and other computer networks, dealing particularly with infringements of copyright, computer-related fraud, child pornography and violations of network security. It also provides a series of procedural powers, such as the search for computer networks and the interception of data. Its main objective, set out in the preamble, is “to pursue a common criminal policy aimed at the protection of society against cybercrime, inter alia by adopting appropriate legislation and fostering international co-operation”.
7. The Convention has been complemented by an Additional Protocol concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems (ETS No. 189), which was opened for signature on 28 January 2003 and entered into force on 1 March 2006. States having acceded to the Convention are entitled to accede to the Protocol thereto.
b. Procedure for accession
8. Article 37, paragraph 1, of the Convention on Cybercrime provides that:
"After the entry into force of this Convention, the Committee of Ministers of the Council of Europe, after consulting with and obtaining the unanimous consent of the Contracting States to the Convention, may invite any State which is not a member of the Council and which has not participated in its elaboration to accede to this Convention. The decision shall be taken by the majority provided for in Article 20.d. of the Statute of the Council of Europe and by the unanimous vote of the representatives of the Contracting States entitled to sit on the Committee of Ministers.”
9. Given the above, the Deputies may wish to invite Burkina Faso to accede to the Convention on Cybercrime.
Appendix 1
Appendix 2
|
www.coe.int/cybercrime |
|
|
Strasbourg, 26 June 2019 |
T-CY (2019)20 Restricted |
Cybercrime Convention Committee (T-CY)
Co-operation with Burkina Faso
Note by the Secretariat
1. Introduction
The Government of Burkina Faso, by letter of the Minister of Foreign Affairs and Co-operation, Alpha Barry, dated 11 June 2019, submitted a request for accession to the Budapest Convention on Cybercrime (ETS 185).
The purpose of the present note is to provide supplementary information on the state of co-operation with Burkina Faso in cybercrime matters, including an overview of implementation of the principles of the Budapest Convention.
2. Co-operation with Burkina Faso
Cybercrime is an increasing challenge for Burkina Faso and primarily takes the form of numerous types of fraud, including in particular identity theft, extortion, lottery scams, fraud related to mobile banking and many others. Governmental websites are frequently under attack. Information and communication technologies may also be used for terrorist purposes. Cybercrime is thus considered a threat to the economic and social development but also the security and stability of the country.
The authorities of Burkina Faso have been participating in a range of capacity building activities on cybercrime of the Council of Europe since 2008, including:
- Workshop on cybercrime for countries of West Africa organized by the US Department of Justice with Council of Europe contribution, Cotonou, 2008;
- Regional activities organized under the Project on Global Action on Cybercrime (GLACY) and GLACY+ since 2016:
- Improving international co-operation on cybercrime and electronic evidence in West Africa, Dakar, Senegal 9-11 May 2016;
- CoE-ECOWAS joint Regional introductory judicial training on Cybercrime and e-evidence for West African countries and Mauritania, Dakar, Senegal 14-17 March 2017;
- Joint regional conference CoE-ECOWAS on the Harmonization of legislation on Cybercrime and Electronic Evidence with rule of law and human rights safeguards, Abuja, Nigeria 11‑13 September 2017;
- CoE-ECOWAS joint Regional Advanced judicial training on Cybercrime and electronic evidence for West African countries and Mauritania, Dakar, Senegal 12-15 November 2018;
- Cybercrime Forum for Africa, Addis Ababa 16-18 October 2018;
- INTERPOL African Working Group for heads of cybercrime units, Ghana, 4-6 December 2018;
- Octopus Conference 2018.
Importantly, in March 2018, the Council of Europe – under the GLACY+ project on Global Action on Cybercrime Extended – carried out an advisory mission to assist the authorities in the development of a legal framework in line with the Budapest Convention. This resulted in amendments to the Penal Code (adopted in 2018) and to the Criminal Procedure Code (adopted in 2019).
In terms of other Council of Europe treaties, Burkina Faso:
- has been invited to accede to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS 108);
- is a Party to the Council of Europe Convention on the counterfeiting of medical products and similar crimes involving threats to public health (CETS 211) since 2017;
- signed the Convention on Mutual Administrative Assistance in Tax Matters (ETS 127) in 2016.
3. Cybercrime legislation
3.1 Substantive and procedural laws
Provisions on cybercrime were included in the Penal Code as amended by “Loi-2018/AN portant Code Pénal” adopted in 2018 and procedural powers were included in “Loi no 040-2019/AN portant Code de Procédure Pénale” adopted in May 2019:
- Book (Livre) VII of the Penal Code consists of a set of offences related to cybercrime which cover closely the substantive criminal law provisions of the Budapest Convention (with the exception of child pornography which is covered in another section).
- Section 8 of the Criminal Procedure Code now comprises a range of specific investigative measures regarding computer data. These provisions follow very closely Articles 16 to 21 Budapest Convention.
|
Provisions of Budapest Convention |
Equivalent in domestic legislation |
|
Definitions (Art. 1) |
Article 700-1 Penal Code |
|
Substantive law |
|
|
Illegal access (Art. 2) |
|
|
Illegal interception (Art 3) |
Article 711-5 Penal Code |
|
Data interference (Art. 4) |
Article 711-2 Penal Code Article 711-4 Penal Code Article 711-6 Penal Code |
|
System interference (Art. 5) |
Article 711-3 Penal Code |
|
Misuse of devices (Art. 6) |
Article 711-10 Penal Code |
|
Forgery (Art. 7) |
Article 711-7 Penal Code |
|
Fraud (Art. 8) |
Article 711-9 Penal Code |
|
Child pornography (Art. 9) |
Article 533-37 Penal Code |
|
Copyright and related rights (Art. 10) |
Article 711-13 Penal Code |
|
Attempt, aiding and abetting (Art. 11) |
Article 711-11 Penal Code |
|
Corporate liability (Art. 12) |
Articles 712-1 to 712-15 Penal Code |
|
Procedural law |
|
|
Expedited preservation (Art. 16) |
Article 515-28 Criminal Procedure Code (CPC) |
|
Expedited preserv. & partial disclosure (Art. 17) |
Article 515-28 CPC |
|
Production order (Art. 18) |
Article 515-29 CPC |
|
Search and seizure (Art 19) |
Article 515-30 CPC and Article 515-31 CPC |
|
Real-time collection of traffic data (Art. 20) |
Article 515-32 CPC, Article 515-34 CPC and Article 515-35 CPC |
|
Interception of content data (Art. 21) |
Article 515-33 CPC, Article 515-34 CPC, Article 515-35 CPC |
|
International co-operation |
|
|
Chapter III |
As a Party to the Budapest Convention would be able to apply the international co-operation provisions of this Convention directly. |
In addition, articles 721-1 to 721-10 comprise complementary offences committed by computer systems.
The legislation of Burkina Faso is thus largely in line with the Budapest Convention.
3.2 Safeguards and conditions
Article 15 of the Budapest Convention requires Parties to:
“… ensure that the establishment, implementation and application of the powers and procedures provided for in this Section are subject to conditions and safeguards provided for under its domestic law, which shall provide for the adequate protection of human rights and liberties, including rights arising pursuant to obligations it has undertaken under the 1950 Council of Europe Convention for the Protection of Human Rights and Fundamental Freedoms, the 1966 United Nations International Covenant on Civil and Political Rights, and other applicable international human rights instruments, and which shall incorporate the principle of proportionality.”
The powers of the Criminal Procedure Code related to electronic evidence are to be exercised under the control of an investigative judge or in the case of urgency by a prosecutor. Additional safeguards have been included for the more intrusive measures (interception), regarding the duration of the measure, deinstallation of equipment, requirements for documentation of measures taken, protection of privacy and the inadmissibility of evidence in case procedures are not followed (articles 515-34 to 515-41).
With the revised Penal Code of 2018, Burkina Faso abolished the death penalty.
Burkina Faso is Party to a number of international human rights treaties, including the International Covenant on Economic, Social and Cultural Rights, the International Covenant on Civil and Political Rights, the Convention against Torture and other Cruel, Inhuman or Degrading Treatment or Punishment, the Convention on the Rights of the Child, and others.
As indicated above, Burkina Faso has been invited to accede to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS 108). Domestic data protection legislation was adopted in 2004 (“Loi 010-2004/AN portant protection des données à caractère personnel”) and a supervisory authority has been established (“Commission de l’informatique et des libertés” (CIL)).
4. Institutions
Burkina Faso has established a Computer Security Incident Response Team (CSIRT) in 2012 (“Centre de Cybersecurité du Burkina Faso”).
Following the recent adoption of the revised Criminal Procedure Code providing for specific powers to secure electronic evidence, the training of criminal justice officials and the creation of specialised cybercrime unit within the judicial police is considered a priority.
5. Conclusion
The authorities of Burkina Faso have been closely co-operating with the Council of Europe in the reform of domestic legislation. With the adoption of the revised Penal Code in 2018 and the Criminal Procedure Code in 2019, legislation is largely in line with the Budapest Convention.
Procedural powers seem to be limited by conditions and safeguards in line with Article 15 Budapest Convention, and Burkina Faso has been invited to accede to data protection Convention 108 of the Council of Europe.
Now that the legal framework is in place, further capacity building will be needed. The Council of Europe is able to provide support through current projects such as the joint project with the European Union on Global Action on Cybercrime Extended (GLACY+) and the project Cybercrime@Octopus.
6. Contact
In case of need for additional information please contact:
|
Alexander Seger Executive Secretary Cybercrime Convention Committee Directorate General of Human Rights and Rule of Law Council of Europe, Strasbourg, France |
Tel +33-3-9021-4506 Fax +33-3-9021-5650 Email [email protected] |
Appendix 3 – Chart of signatures and ratifications of Convention ETS No.185
CHART OF SIGNATURES AND RATIFICATIONS OF TREATY 185
Convention on Cybercrime
Status as of 17/10/2019
|
Title |
Convention on Cybercrime |
|
Reference |
ETS No.185 |
|
Opening of the treaty |
Budapest, 23/11/2001 - Treaty open for signature by the member States and the non-member States which have participated in its elaboration and for accession by other non-member States |
|
Entry into Force |
01/07/2004 - 5 Ratifications including at least 3 member States of the Council of Europe |
Members of Council of Europe
|
Signature |
Ratification |
Entry into Force |
Notes |
R. |
D. |
A. |
T. |
C. |
O. |
|
|
23/11/2001 |
20/06/2002 |
01/07/2004 |
||||||||
|
23/04/2013 |
16/11/2016 |
01/03/2017 |
||||||||
|
23/11/2001 |
12/10/2006 |
01/02/2007 |
||||||||
|
23/11/2001 |
13/06/2012 |
01/10/2012 |
||||||||
|
30/06/2008 |
15/03/2010 |
01/07/2010 |
||||||||
|
23/11/2001 |
20/08/2012 |
01/12/2012 |
||||||||
|
09/02/2005 |
19/05/2006 |
01/09/2006 |
||||||||
|
23/11/2001 |
07/04/2005 |
01/08/2005 |
||||||||
|
23/11/2001 |
17/10/2002 |
01/07/2004 |
||||||||
|
23/11/2001 |
19/01/2005 |
01/05/2005 |
||||||||
|
09/02/2005 |
22/08/2013 |
01/12/2013 |
||||||||
|
22/04/2003 |
21/06/2005 |
01/10/2005 |
||||||||
|
23/11/2001 |
12/05/2003 |
01/07/2004 |
||||||||
|
23/11/2001 |
24/05/2007 |
01/09/2007 |
||||||||
|
23/11/2001 |
10/01/2006 |
01/05/2006 |
||||||||
|
01/04/2008 |
06/06/2012 |
01/10/2012 |
||||||||
|
23/11/2001 |
09/03/2009 |
01/07/2009 |
||||||||
|
23/11/2001 |
25/01/2017 |
01/05/2017 |
||||||||
|
23/11/2001 |
04/12/2003 |
01/07/2004 |
||||||||
|
30/11/2001 |
29/01/2007 |
01/05/2007 |
||||||||
|
28/02/2002 |
||||||||||
|
23/11/2001 |
05/06/2008 |
01/10/2008 |
||||||||
|
05/05/2004 |
14/02/2007 |
01/06/2007 |
||||||||
|
17/11/2008 |
27/01/2016 |
01/05/2016 |
||||||||
|
23/06/2003 |
18/03/2004 |
01/07/2004 |
||||||||
|
28/01/2003 |
16/10/2014 |
01/02/2015 |
||||||||
|
17/01/2002 |
12/04/2012 |
01/08/2012 |
||||||||
|
02/05/2013 |
17/03/2017 |
01/07/2017 |
||||||||
|
07/04/2005 |
03/03/2010 |
01/07/2010 |
55 |
|||||||
|
23/11/2001 |
16/11/2006 |
01/03/2007 |
||||||||
|
23/11/2001 |
15/09/2004 |
01/01/2005 |
||||||||
|
23/11/2001 |
30/06/2006 |
01/10/2006 |
||||||||
|
23/11/2001 |
20/02/2015 |
01/06/2015 |
||||||||
|
23/11/2001 |
24/03/2010 |
01/07/2010 |
||||||||
|
23/11/2001 |
12/05/2009 |
01/09/2009 |
||||||||
|
23/11/2001 |
12/05/2004 |
01/09/2004 |
||||||||
|
17/03/2017 |
08/03/2019 |
01/07/2019 |
A. |
|||||||
|
07/04/2005 |
14/04/2009 |
01/08/2009 |
55 |
|||||||
|
04/02/2005 |
08/01/2008 |
01/05/2008 |
||||||||
|
24/07/2002 |
08/09/2004 |
01/01/2005 |
||||||||
|
23/11/2001 |
03/06/2010 |
01/10/2010 |
||||||||
|
23/11/2001 |
||||||||||
|
23/11/2001 |
21/09/2011 |
01/01/2012 |
||||||||
|
10/11/2010 |
29/09/2014 |
01/01/2015 |
||||||||
|
23/11/2001 |
10/03/2006 |
01/07/2006 |
||||||||
|
23/11/2001 |
25/05/2011 |
01/09/2011 |
Non-Members of Council of Europe
|
Signature |
Ratification |
Entry into Force |
Notes |
R. |
D. |
A. |
T. |
C. |
O. |
|
|
05/06/2018 a |
01/10/2018 |
R. |
A. |
|||||||
|
30/11/2012 a |
01/03/2013 |
|||||||||
|
Benin |
4 |
|||||||||
|
19/06/2018 a |
01/10/2018 |
A. |
||||||||
|
23/11/2001 |
08/07/2015 |
01/11/2015 |
||||||||
|
20/04/2017 a |
01/08/2017 |
|||||||||
|
4 |
||||||||||
|
22/09/2017 a |
01/01/2018 |
|||||||||
|
07/02/2013 a |
01/06/2013 |
|||||||||
|
03/12/2018 a |
01/04/2019 |
A. |
||||||||
|
09/05/2016 a |
01/09/2016 |
|||||||||
|
23/11/2001 |
03/07/2012 |
01/11/2012 |
||||||||
|
15/11/2013 a |
01/03/2014 |
|||||||||
|
29/06/2018 a |
01/10/2018 |
A |
||||||||
|
4 |
||||||||||
|
05/03/2014 a |
01/07/2014 |
|||||||||
|
30/07/2018 a |
01/11/2018 |
A |
||||||||
|
26/08/2019 a |
01/12/2019 |
R |
D |
A |
||||||
|
28/03/2018 a |
01/07/2018 |
A |
||||||||
|
16/12/2016 a |
01/04/2017 |
|||||||||
|
23/11/2001 |
||||||||||
|
29/05/2015 a |
01/09/2015 |
|||||||||
|
09/05/2017 a |
01/09/2017 |
|||||||||
|
Tunisia |
4 |
|||||||||
|
23/11/2001 |
29/09/2006 |
01/01/2007 |
|
Total number of signatures not followed by ratifications |
3 |
|
Total number of ratifications/accessions |
64 |
Notes
(55) Date of signature by the State union of Serbia and Montenegro.
(4) Since 2013 the decision to invite a non-member State to accede to the treaty is valid five years as from its adoption. See the following Chart.
a: Accession s: Signature without reservation as to ratification su: Succession r: Signature "ad referendum".
R.: Reservations D.: Declarations, Denunciations, Derogations A.: Authorities T.: Territorial Application C.: Communication O.: Objection.
Source : Treaty Office on http://conventions.coe.int - * Disclaimer.
[1] This document has been classified restricted at the date of issue; it will be declassified in accordance with Resolution Res(2001)6 on access to Council of Europe documents.