Supporting cyber-security boosts Australian – Sri Lankan trade

Sri Lanka’s efforts to join international partners in tackling cyber-crime offer a shining example to other nations and have helped secure conditions for Australian trade.

The Council of Europe Convention on Cybercrime, known as the Budapest Convention, remains the only major international treaty on Internet and computer crime. It aims to harmonise national laws and improve investigative powers based on agreed and effective standards. The convention has had an enormous impact over the years and is now considered the de facto legal standard for legislation on cybercrime and electronic evidence around the world. It has been adopted by both Australia and Sri Lanka in recent years and now underpins mutual cyber-security between the two nations, bolstering a 70-year commercial relationship worth $1 billion a year.

Australia signed the Budapest convention in 2013 and two years later, in 2015, Sri Lanka became the first country in South Asia, and the second country in the whole of Asia after Japan, to join. Sri Lanka was invited to participate by The Council of Europe in February 2015, accession was completed by the end of May and the convention came into force in Sri Lanka three months later.  This remains the swiftest progress by any signatory, helped by the existing alignment of Sri Lanka’s domestic legislation and policies to the convention’s norms.

Australian businesses looking to trade with their Sri Lankan counterparts can now be assured that the Sri Lankan criminal justice system mirrors Australian legislative and procedural laws. Australian and Sri Lankan businesses share consistent safety and security standards and AUSCERT and SLCERT, the cyber security agencies in each country, cooperate closely on an even playing field.

Cyber-crime knows no borders, and so action against it must be cross-border too. The Budapest Convention empowers criminal justice cooperation between nations, including the gathering and use of digital evidence and has encouraged Sri Lanka to strengthen its domestic data protection and privacy legislation, drawing on European best practices.  Sri Lanka has also joined GLACY+ – Global Action on Cybercrime Extended – a joint project of the European Union and the Council of Europe to help countries around the world improve domestic criminal justice procedures and cooperate with their peers.

Action to Counter Regional Cyber Threats
The scope and impact of global cyber attacks from both criminals and hostile states are increasing, with malicious acts becoming ever more focused and skilled.  Unfortunately, many public and private sector organisations still under-invest in cyber security protection and remain vulnerable as a result.  The growth of cloud computing and the proliferation of mobile devices has seen data storage increasingly outsourced to various cloud providers but as information is decentralised and opportunities to access it from a range of devices expands, organisations risk losing control of their data and their ability to effectively respond to data breaches.

Sri Lanka law enforcement targets information hacking, social media malpractices and financial frauds at home while helping other nations in the region strengthen their capacity.  SLCERT offers technical consultancy and training to Togo and Bhutan, for example, while Sri Lankan experts have helped train judges in Nepal in cyber-crime issues and evidence.

Sri Lankan efforts to join international conventions, tackle cyber-crime at home and co-operate with other nations show what can be done with good will, hard work and positive intentions.  Digital connectivity is a tremendous force for good in the world, encouraging communication, understanding and trade, and every effort must be made to protect it for the good of us all.