Council of Europe action against cybercrime

As societies rely more and more on information and technology, they become increasingly vulnerable to risks, in particular cybercrime. The Budapest Convention on Cybercrime provides a response to this risk, not only in Europe but worldwide: through its Programme on Cybercrime the Council of Europe is providing technical assistance to countries globally.

The Council of Europe is also addressing other threats related to the net. The Convention on the Prevention of Terrorism (2005) contains provisions that make recruiting and training terrorists via the Internet a terrorist offence. The Lanzarote Convention (2007) addresses the sexual exploitation and abuse of children, which also covers the online environment. The data protection convention provides safeguards against the illegal collection and use of personal data.

Budapest Convention on Cybercrime

  • The Cybercrime Convention (2001) is the only binding international instrument on this issue. It serves as a guideline for any country wishing to draw up comprehensive legislation to combat cybercrime, and as a framework for co-operation between its States Parties.
  • It is is supplemented by a protocol on xenophobia and racism committed through computer systems (2003).
  • The convention defines conduct rather than technology, ensuring that laws and procedures remain valid even as technology evolves.


  • Criminalise offences against the confidentiality, integrity and availability of computer data and systems, computer-related offences, content-related offences (i.e. child pornography, racism and xenophobia) and offences relating to infringement of copyright and associated rights.
  • Set up procedures to make investigations more efficient.
  • Provide a legal basis for international co-operation between States Parties to the convention, including exchanges of spontaneous information, extradition and international mutual assistance, and contact points working, 24 hours a day, seven days a week.


  • Many countries are strengthening their legislation using the Convention on Cybercrime as a guideline or “model law”. These include Argentina, Benin, Botswana, Cambodia, countries of the Caribbean, Chile, Colombia, Costa Rica, the Dominican Republic, India, Indonesia, Mauritius, Mexico, Morocco, Niger, Nigeria, the Philippines, Senegal, Sri Lanka and many others.
  • Co-operation between key stakeholders strengthened, including public-private co-operation.
  • Guidelines to strengthen co-operation between the police and criminal justice authorities and Internet service providers in the investigation of cybercrime adopted in 2008 under the Project on Cybercrime. They are now being applied in several countries and the EU is also using them.
  • A concept for training judges and prosecutors on cybercrime and electronic evidence (2009).
  • A typology study on criminal money flows on the Internet is being prepared by the Global Project on Cybercrime jointly with MONEYVAL and led by the Russian Federation.
  • Measures promoted to protect children against online sexual exploitation and abuse in line with the Cybercrime Convention and the Lanzarote Convention.
  • Stronger capacities for international investigations through the establishment of 24/7 contact points, the training of competent authorities for judicial cooperation and close co-operation between the Council od Europe, Interpol, Europol and the G8 High-tech Crime Subgroup.
  • Assistance is provided through the Programme on Cybercrime. It includes joint projects with the EU and the Global Project on Cybercrime which is funded by Estonia, Japan, Monaco, Romania, Microsoft and McAfee; other private sector partners and initiatives participate in project activities.
  • Every year the Council of Europe organises the Octopus Conference on Cybercrime, which brings together cybercrime experts from all over the world to exchange knowledge and experience.