Cybercrime is not a new form of crime, it has been around for some 50 years. The Council of Europe began to work on criminal justice responses to cybercrime from the mid-1980s onwards.
In 1997, the Council of Europe then decided that it was time to negotiate a binding international treaty on cybercrime. On 23 November 2001, the Convention on Cybercrime was opened for signature in Budapest. We invite you to explore below the key milestones!
START HERE
23 November 2001
Convention opens for signature
28 January 2003
1st Additional Protocol on the criminalisation of acts of a racist and xenophobic nature
2001 – 2005
Albania, Croatia, Estonia, Hungary, Lithuania, North Macedonia, Romania, Slovenia, Bulgaria, Cyprus, Denmark join the Convention
1 July 2004
Convention enters into force
2006– 2010
Armenia, Bosnia and Herzegovina, France, Netherlands, Norway, Ukraine, Finland, Iceland, Latvia, Italy, Slovakia, Germany, Moldova, Serbia, Azerbaijan, Montenegro, Portugal, Spain and the United States of America (in 2006), as the first non-member of the Council of Europe, join the Convention
Guidance Notes on DDOS attacks, the provisions of the Budapest Convention covering botnets, identity theft and phishing in relation to fraud, new forms of malware and critical information infrastructure attacks.
2014
Cybercrime Programme Office of the Council of Europe (C-PROC) in Bucharest becomes operational
Andorra, Israel, Liechtenstein, Chile, Costa Rica, Greece, Monaco, Senegal, Tonga, Argentina, Cabo Verde, Morocco, Paraguay, Philippines, Ghana, Peru, San Marino, Colombia, Sweden join the Convention
May 2021
2nd Additional Protocol on enhanced cooperation and disclosure of electronic evidence – approved by the Cybercrime Convention Committee
November 2021
Adoption of the 2nd Additional Protocol by the Council of Europe
12 May 2022
Opening for signature of the 2nd additional Protocol by the Council of Europe
