Cybercrime is going global — and so is the fight against it. Parliament backs new UN treaty

From AI-powered scams to ransomware attacks targeting hospitals and companies, cybercrime is becoming a growing global headache — and harder for national authorities to tackle alone. The European Parliament backed a new UN convention designed to improve international cooperation against digital crime.

The United Nations Convention against Cybercrime, also known as the Hanoi Convention, is the first global treaty of its kind. The main goal is to establish an international framework to prevent and combat illegal online activities.

The initiative comes amid increasing concern over the scale and sophistication of cybercrime. Europol’s Internet Organised Crime Threat Assessment 2026 describes fraud as the fastest organised crime, with AI making it more convincing.

Ransomware also remains a dominant threat. Europol reported more than 120 active ransomware brands in 2025, with criminal groups increasingly combining data theft, and pressure on victims.

A global response

To combat this, supporters of the convention argue that international cooperation is essential to investigate and prosecute offences. It requires participating states to criminalise certain cyber offences. This includes illegal access to information systems, data interference, online fraud and offences linked to child exploitation.

Besides, it sets out procedures for the preservation, collection and exchange of electronic evidence across borders. With the agreement, evidence may be stored in one country, victims may be located in another, and perpetrators may operate from a third jurisdiction. It provides for technical assistance and capacity-building, particularly for countries seeking to strengthen their cybercrime response.

Adopted today in #Eplenary:
🇪🇺 signing of the @UNODC Convention on Cybercrime

Rapporteur: @moritzkoerner
Read the recommendation: https://t.co/C0hJxYQ4PY pic.twitter.com/za35JuI1wu
— LIBE Committee Press (@EP_Justice) May 20, 2026

MEPs approved the recommendation on Wednesday with 497 votes in favour, 91 against and 46 abstentions. In April, the Committee on Civil Liberties, Justice and Home Affairs (LIBE), adopted the report by 51 votes in favour.

The treaty is seen as a replacement to the 2001 Council of Europe Convention on Cybercrime, dubbed the Budapest Convention. It was the first major international treaty on cybercrime and has long served as the main framework for harmonising cybercrime offences, investigative powers and international cooperation.

Rights concerns remain

Despite the intentions to face crime, the UN convention has faced criticism from civil society organisations and service providers. Concerns focus on the risk that broad investigative powers or cross-border evidence-sharing mechanisms could be misused, particularly in countries where judicial independence, media freedom or civic space are under pressure.

LIBE’s report acknowledged these concerns, stressing that the protection of fundamental rights and values will depend on how the convention’s safeguards are applied by competent authorities.

IT security researchers protest against UN Cybercrime Convention: https://t.co/xVxHKeDpYu

But it comes with many more problems, as I explained last week. 👇 https://t.co/m5d7F9xsmO

The EU should quit the negotiations now and let this agreement die!
— Patrick Breyer #JoinMastodon (@echo_pbreyer) February 8, 2024