Last month, 360 cyber crime experts from 95 countries gathered in Strasbourg to attend the Octopus Conference. The event sounds like something from James Bond, and when you look at the attendee list—which includes senior figures from the United States Department of Justice, national police forces across the world, and senior figures from companies like Facebook, Microsoft, Apple and Cloudflare—it’s easy to imagine a covert machination or two.
As it happens, Octopus is one of the more open and transparent elements in the world of global law enforcement and cybersecurity. Civil society like EFF and EDRI were invited to speak, and this year it was our primary chance to comment on a new initiative by the event’s organizers, the Council of Europe—an additional protocol to their Cybercrime Convention (also known as the Budapest Convention on Cybercrime), which will dictate how Parties of the Convention from around the world can cooperate across borders to fight Internet crime.
Our conclusion: the Council of Europe (CoE) needs to stand more firmly against a global trend to undermine everyone’s privacy in the pursuit of faster and easier investigations. As conversations at Octopus showed, the many long arms of the world’s law-enforcers are coming for user data, and the CoE needs to stand firm that they obey international human rights, in particular article 15 of the Budapest Convention, when they reach across borders.