Fighting cybercrime: the role of the second additional protocol to the Budapest Convention

Cybercrime represents one of the most pervasive and constant threats in the global security landscape. Given the large transnational nature of these crimes, international cooperation is essential. The Second Additional Protocol to the Budapest Convention aims to strengthen international collaboration by addressing the difficulties posed by the fact that evidence of crimes is increasingly stored electronically, and many times in unidentifiable locations. The protocol, developed by the Budapest Convention Committee (T-CY), includes a series of measures covering various aspects of cybercrime, from cooperation with internet service providers, to accessing electronic evidence in an emergency.

The challenge of identifying internet domains in cybercrime

A key aspect of cybercrime investigations is identifying the owner of an internet domain name. Domain registration information is vital during the initial stage of an investigation, when the details available often concern only the names and addresses of the websites used to perpetrate the crime. This information is maintained by the service provider and was initially available to anyone through the WHOIS service. However, the introduction of the European Data Protection Regulation (GDPR) in 2018 limited access to this information to protect personal data.

Access to domain registration information: article 6 of the Second Additional Protocol

Article 6 of the Second Additional Protocol seeks to resolve this challenge by establishing the legal basis and procedures for direct cooperation between competent authorities and domain name registrar service providers. Its purpose is twofold: on the one hand, it allows the competent authorities to request domain name registration information to identify or contact the owner; on the other, it allows service providers to respond to such requests, provided that they comply with national laws, including the protection of personal data.

The future implications of Article 6 for cybercrime investigations

Article 6 offers a legislative framework that could significantly improve the effectiveness of cybercrime investigations and international cooperation, provided it is ratified by the parties involved. While cooperation between competent authorities and service providers remains voluntary, Article 6 underlines the importance of cooperation between the various actors in tackling cybercrime. Faced with an ever-evolving and inherently transnational threat such as cybercrime, cooperation and coordination between public authorities and private entities has never been more important.