网络犯罪国际公约中的跨境调取数据条款

The Clause of Cross-Border Data Retrieval in International Conventions on Cybercrime

《打击为犯罪目的使用信息和通信技术全面国际公约》的案文草案经各方多次磋商之后已经成型,中国关于深化打击网络犯罪国际合作的战略主张正在联合国层面稳步推进。公约中以“提交令”为表现形式的跨境调取数据条款因涉及各国主权与安全方面的核心利益,属于各方关注的重要问题。从《布达佩斯公约》《布达佩斯公约第二附加议定书》以及联合国层面全新公约的案文设计来看,尽管网络犯罪国际公约中的跨境调取数据条款经历了一定程度的发展演变,但是都反映出网络犯罪治理的公私合作模式、基于主权与安全因素的数据分类分级保护得到了重视,缔约国在强制适用条款基础上的自主选择权也需要得到尊重。我国缔结联合国层面的全新公约并接受跨境调取数据条款,需要做好数据主权与安全方面的精细制度设计,并且在数据分类分级保护、数据出境安全审查、境外数据的跨境调取方面做好国内法的对接。

The Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes has completed its several rounds of consultations by the Special Intergovernmental Expert Committee.The draft text of the convention,after being reviewed and shaped by the Special Committee,is proposed to be submitted for a vote at the following session of the United Nations General Assembly.Guided by the idea of the Community of Human Desting in Cyberspace,China's strategic proposal for deepening international cooperation in combating cybercrime is steadily progressing at the UN level.The provision in the convention on cross-border data retrieval,which takes the form of a‘production order’and which has fundamentally altered the traditional bilateral or multilateral criminal judicial assistance structure,is a significant issue of concern for all parties involved,as it pertains to the core interests of national sovereignty and security.Judging from the Budapest Convention,the Second Additional Protocol to the Budapest Convention and the text design of a new convention at the United Nations level,the institutional arrangement for cross-border data retrieval has already reached a consensus in the international community.The inclusion of corresponding provisions in the formal text of the convention has become a highly probable occurrence.Judging from the design of specific system,even though the provisions on cross-border data retrieval in international conventions on cybercrime have undergone some development and evolution,three aspects of design elements have been reflected.Firstly,the public-private cooperation model of cybercrime governance has been emphasized.This actually aligns with the global professional consensus on combating and preventing cybercrime and is in tune with the trends of the times.Secondly,the classified and hierarchical protection of data basing on factors of sovereignty and security has also been given significant attention.To gain the maximum consensus among the contracting states of the international convention on cybercrime,it is crucial to consider a detailed system design in data sovereignty and security to respond the needs of various countries regarding sovereignty and security.Thirdly,the self-directed choice of parties to the convention on the basis of the mandatory application of the article also needs to be respected.Due to the significant differences in domestic laws among countries regarding the control of data exiting their borders,the provisions for crossborder data retrieval should not only have universal applicability,but also respect the individualized needs of the contracting states as much as possible.As China signs a new convention at the United Nations level and accepts the provisions on cross-border data retrieval,although it needs to assert the maintenance of national sovereignty,it's not appropriate to assert strong national sovereignty claims over all types of data held by network service providers.Specifically,China needs to integrate the revisions of laws such as the Criminal Procedure Law and the Data Security Law to intricately design systems for data sovereignty and security.This effort includes classified and hierarchical protection of‘user data’,‘traffic data’and‘content data’,conducting security reviews for data that may impact national security,and utilizing network service providers to directly retrieve data stored overseas,thus effectively bridging domestic laws with international conventions,and strategically advancing both domestic legal governance and foreign-related legal governance.