US declines to join more than 70 countries in signing UN cybercrime treaty

More than 70 countries signed the landmark U.N. Convention against Cybercrime in Hanoi this weekend, a significant step in the yearslong effort to create a global mechanism to counteract digital crime.

The U.K. and European Union joined China, Russia, Brazil, Nigeria and dozens of other nations in signing the convention, which lays out new mechanisms for governments to coordinate, build capacity and track those who use technology to commit crimes. 

In his speech at the event, U.N. Secretary-General António Guterres said cyberspace “has become fertile ground for criminals” and has allowed them to “defraud families, steal livelihoods, and drain billions of dollars from our economies.”

“The UN Cybercrime Convention is a powerful, legally binding instrument to strengthen our collective defences against cybercrime,” Guterres said. 

“Illicit flows of money, concealed through cryptocurrencies and digital transactions, finance the trafficking of drugs, arms, and terror. And businesses, hospitals, and airports are brought to a standstill by ransomware attacks.”

He added that the convention would be critical for governments in the Global South that need assistance and funding for the training required to address cybercrime — which the U.N. estimates costs $10.5 trillion around the world annually. 

While many countries did not sign the treaty, the most notable missing signature was that of the U.S.

Officials at the State Department told Recorded Future News on Friday that Marc Knapper, the U.S. ambassador to Vietnam, and representatives from the U.S. Mission to Vietnam would be attending the signing. 

The State Department confirmed on Monday that the U.S. did not sign the treaty. 

“The United States continues to review the treaty,” a State Department spokesperson said in a brief statement. 

The U.N. Convention against Cybercrime was adopted by the General Assembly in December 2024 and will enter into force 90 days after being ratified by the 40th signatory. Signatories will have to ratify the convention according to their own procedures. 

At the ceremony, UNODC Executive Director Ghada Waly argued that cybercrime is changing the face of organized crime and required global coordination to address. Waly said the convention would be a “vital tool” that will ensure “a safer digital world for all.”

U.N. officials said the convention would help governments address terrorism, human trafficking, money laundering and drug smuggling, all of which have been turbo-charged by the internet. 

The U.N. noted that the convention is the first global framework “for the collection, sharing and use of electronic evidence for all serious offenses” — noting that until now there have been no broadly accepted international standards on electronic evidence. 

It is also the first global treaty to criminalize crimes that depend on the internet and is the first international treaty “to recognize the non-consensual dissemination of intimate images as an offense.”

“It creates the first global 24/7 network where countries can quickly initiate cooperation,” the U.N. said. “It recognizes and promotes the need to build capacity in countries to pursue and cooperate on fast-moving cybercrimes.”

The convention has been heavily criticized by the tech industry, which has warned that it criminalizes cybersecurity research and exposes companies to legally thorny data requests.

Human rights groups warned on Friday that it effectively forces member states to create a broad electronic surveillance dragnet that would include crimes that have nothing to do with technology. 

Many expressed concern that the convention will be abused by dictatorships and rogue governments who will deploy it against critics or protesters — even those outside of a regime’s jurisdiction. 

It also creates legal regimes to monitor, store and allow cross-border sharing of information without specific data protections. Access Now’s Raman Jit Singh Chima said the convention effectively justifies “cyber authoritarianism at home and transnational repression across borders.” 

Any countries ratifying the treaty, he added, risks “actively validating cyber authoritarianism and facilitating the global erosion of digital freedoms, choosing procedural consensus over substantive human rights protection.”

In his speech, Guterres referenced the backlash to the convention, telling member states that the treaty has to be a “promise that fundamental human rights such as privacy, dignity, and safety must be protected both offline and online.” 

But at its core, according to Guterres, the convention solves one of the thorniest issues law enforcement agencies have faced over the last two decades. Countries have only recently begun to share digital evidence across borders but the convention would increase that practice. 

“This has long been a major obstacle to justice — with perpetrators in one country, victims in another, and data stored in a third,” he said. “The Convention provides a clear pathway for investigators and prosecutors to finally overcome this barrier.”