The Senate passed the Convention on Cybercrime adopted in 2001, in Budapest. The international treaty strengthens cooperation between States* and its relationship with the private sector to prevent crimes in computer networks. The bill was sent to the House of Representatives to continue its debate.
The main objective of the agreement on cybercrime is that member countries apply a common criminal policy, which would be achieved through passing similar legislation and promoting international cooperation. In September 2012, Colombia was invited to join the treaty and the bill was sent to Congress August 2017.
Key aspects of the Convention:
- Typification of crimes of access, interception and illegitimate interference to computer systems and data. The agreement urges States to pass legislation that establishes in their domestic law crimes of access, interception and deliberate and illegitimate interference of a computer system and data.
- Forgery and computer fraud. States must pass legislation that establishes in their domestic law crimes of alteration, deletion, removal or entering of data, which may lead to false data. It also includes deliberate and illegitimate actions that harm somebody’s property by modifying, deleting, removing or entering data or interfering in a computer system, with the intention of illegitimately obtain an economic benefit for oneself or for somebody else.
- Crimes against intellectual property and related rights. States must penalize violations to intellectual property and rights of artists, performers, phonograms producers and broadcasting organizations.
- Liability of legal people. Every State must pass legislation and take any necessary measure to make legal people liable for the crimes mentioned in the Convention.
- Immediate storage of stored computer data. States must allow authorities to order or impose the immediate storage of computer data stored through a computer system, including traffic data. Data will be saved and protected for 90 days maximum (renewable). Thus, authorities will be able to disclose the information. Also, if the data is stored abroad, authorities may request the foreign government mutual assistance to access, confiscate or obtain that data.
- Stored data by service providers request. Grants attributions to authorities to request service providers and other individuals to deliver stores data in their possession.
- Access and seizure of any computer storage system by authorities. Authorities are allowed to access to a computer storage system if the data is stored in another located computer system.
- Cross-border access to stored data with consent or when available to the public. A State may have access to stored data that is available to the public regardless of the geographic location of that data, without the authorization from another party.
During the debate, Sen. José David Name Cardozo (Partido de la U, ruling party) emphasized: “By passing this agreement, Colombia will participate in the only current international framework that applies a common criminal policy for the protection of people’s rights. This will be done through international cooperation and will allow the government to detect cyberattacks more easily.”
*Budapest Convention: 57 signatories, most of which are European countries. Among the non-European countries are Japan, Canada, United States and South Africa.