The world's first cybercrime treaty is being hastily redrafted after Internet lobby groups assailed it as a threat to human rights that could have "a chilling effect on the free flow of information and ideas".
The Council of Europe, a 41-nation human rights watchdog based in Strasbourg drawing up the treaty, plans to issue a new draft late this week to clarify passages that led to what it sees as serious misunderstandings, a senior official said.
The civil servants negotiating the treaty, which is due to be completed next month, were inundated with over 400 e-mails after they published the text - in its 22nd draft - on the Council's new website in April.
"We were surprised by the violence of these comments," said Peter Csonka, deputy head of the Council of Europe's economic crime division which oversees the drafting.
"We do not want to pass a text against the people," he told Reuters. "We have learned we have to explain what we mean in plain language because legal terms are sometimes not clear."
The Council has been working since May 1997 on a treaty to harmonise laws against hacking, fraud, computer viruses, child pornography and other Internet crimes and ensure common methods of securing digital evidence to trace and prosecute criminals.
SEVERE CRITICISM FROM USERS
Member delegations - including observers from the United States, Canada and Japan and comprising about 80 percent of the world's Internet traffic - worked in relative obscurity until the Council posted the treaty on its website.
Like the World Trade Organisation before its tumultuous 1999 Seattle summit, the Council found to its surprise that the Internet has multiplied the options for pressure groups it never had to deal with before.
Last month, 35 lobby groups - ranging from Internet users to civil liberties activists and anti-censorship groups - wrote to the Council urging it to hold up the treaty.
"We believe that the draft treaty is contrary to well established norms for the protection of the individual (and) that it improperly extends the police authority of national governments," wrote the group known as the Global Internet Liberty Campaign.
It said making hacking a crime would outlaw "cracking" programmes that technicians use to test the security of their own systems by simulating online computer break-ins.
A provision forcing Internet service providers to store data would threaten users' privacy and would create a pool of data that could be used "to identify dissidents and persecute minorities", the group said.
The draft pact could have "a chilling effect on the free flow of information and ideas", the group's letter added.
The letter also warned that a passage requiring access to encryptation keys would force people to incriminate themselves.
"That was never our intention," said Csonka, adding new language has been added to make the text clear to non-lawyers.
One new passage spells out that "cracking" computer systems to test security is legal and that ISPs would only be asked to store specific data related to a suspected crime, not vast quantites of traffic that would swamp their systems.
The new draft also points out wherever needed that domestic laws on evidence and privacy and against self-incrimination would naturally apply and that the treaty - which cannot supersede national law - would not create any new powers.
"We are trying to take all the criticisms into account," said a British Home Office (interior ministry) official. "The final draft may still upset some people, but it will be a better treaty."
After being completed, the draft should be accepted by the Council of Europe next June and then ratified by member states over the next year or two. Countries not involved in the drafting can later sign the treaty and apply its guidelines.