The states which are parties to the International Cybercrime Convention have identified modern communication and data processing technologies as a challenge in the fight against computer and cybercrime , especially due to the inherently transnational nature of the underlying technology [7, p. 700]. It can be difficult to assess where a criminal act has actually taken place, since data might have been uploaded in one country, the hosting provided in a second country and the victim could be sitting in a third country, while the stolen data was sent to a fourth jurisdiction .
The Convention on Cybercrime of the Council of Europe, the Budapest Convention , is the first binding international instrument on this issue [7, p. 698]. The preamble of the Budapest Convention describes its intention as follows: A “common criminal policy aimed at the protection of society against cybercrime”, and specifically intends “to deter action directed against the confidentiality, integrity, and availability of computer systems, networks and computer data as well as the misuse of such system, networks, and data by providing for the criminalization of such conduct” .
Illegal access (art. 2 CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally, the access to the whole or any part of a computer system without right.” […]
Interestingly, the provision further states that a party may require “that the offence be committed by infringing security measures”. This corresponds to Art. 5 lit. f GDPR, which sets the standard for appropriate protection  of data and is reflected accordingly in cif. 45 of the Explanatory Report to the Convention on Cybercrime . Setting this crime in analogy to the traditional crime of trespassing, this would correspond to obtaining a key for a door, and in fact opening that door, without having proper permission to do so.
Illegal interception (art. 3 CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally, the interception without right, made by technical means, of non-public transmissions of computer data to, from or within a computer system, including electromagnetic emissions from a computer system carrying such computer data.” […]
There seems no possibility to intercept any data without getting access first, but here the flow of data from the sender to the recipient will be interrupted and/or deviated [13, p. 540]. This provision aims to protect data privacy and is intended to mimic the violation of privacy that occurs via wiretaps and recordings of telephone conversations in the physical world [13, p. 540].
Data interference (art. 4 CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally, the damaging, deletion, deterioration, alteration or suppression of computer data without right.” […]
Is it very important that the action must be both “without right” [12, cif. 62] and “intentionally” [12, cif. 63], because system operators who might negligently interfere with data often would have a right to do so, and normally have no intention to cause any harm. Data interference can be viewed as corresponding to trespass to chattels, but here the subject of the crime is data and not physical items. A common case of data interference is the installation of ransomware in order to blackmail the lawful owner, thereby seeking to extort money from the victim by encrypting files [14, p. 226]. Typically, ransomware is performed in two configurations, either by encrypting some or all documents or files or locking the computer itself to prevent normal usage [14, p. 226].
System interference (art. 5 CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally, the serious hindering without right of the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data.”
The legal interest of system interference versus data interference is that in Art. 5 CCC the functioning of the system is in focus and not the availability and/or integrity of data [12, cif. 65, 13, p. 542]. Both articles have in common that ransomware is a typical tool to perform the illegal activity. The extortion or blackmailing is not required in either of these to qualify as a criminal act. The interference must be a “serious hindering without right” [12, cif. 67–68]. This clarification is of the utmost importance for all maintenance and/or network companies that typically might “interfere” with the functionality of a system by installing updates or bug-fixing but are doing so rightfully.
Misuse of devices (art. 6. CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally and without right: (a) the production, sale, procurement for use, import, distribution or otherwise making available of: (1) a device, including a computer program, designed or adapted primarily for the purpose of committing any of the offences established in accordance with Articles 2 through 5; (2) a computer password, access code, or similar data by which the whole or any part of a computer system is capable of being accessed, and with intent that it be used for the purpose of committing any of the offences established in Articles 2 through 5; and (b) the possession of an item referred to in paragraphs (1) or (2) above, with intent that it be used for the purpose of committing any of the offences established in Articles 2 through 5.” […]
With the rise of the “Internet of Things”, the misuse of devices is becoming even more important than presumably anticipated by the European Council when the convention was adopted. According to the Explanatory Report, the Council intended to penalize in particular the sale, procurement for use, import, distribution or otherwise making available of hacker tools in all forms [12, cif. 71–73]. Today, we enjoy the convenience of operating vacuum cleaners, using lawn-mowing robots remotely and letting the car park itself while we stand on the pavement and watch. These devices may serve hackers as an entry point to a network or simply enable them to misuse devices for improper use. Particularly worthy of note is the misuse of devices that are able to take orders via the user’s voice, which could be abused for example as wiretaps.
Computer-Related forgery (art. 7 CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally and without right, the input, alteration, deletion, or suppression of computer data, resulting in inauthentic data with the intent that it be considered or acted upon for legal purposes as if it were authentic, regardless whether or not the data is directly readable and intelligible.” […]
The purpose of this article is to fill the gap in criminal law related to traditional forgery, which requires visual readability of statements or declarations embodied in a document, and which did not previously apply to digitally stored data [12, cif. 81]. Because the data referred to in this provision is equivalent to a document with legal effects, the unauthorized input of correct or incorrect data can be compared to the production of a false paper document [12, cif. 83, 13, p. 545]. This article is gaining ever more relevance as we increasingly see legally relevant documentation produced electronically both in the private and in the public sector.
Computer-Related fraud (art. 8 CCC)
“Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally and without right, the causing of a loss of property to another person by: (1) any input, alteration, deletion or suppression of computer data, (2) any interference with the functioning of a computer system, with fraudulent or dishonest intent of procuring, without right, an economic benefit for oneself or for another person.”
Whereas fraud traditionally consisted of the element of manipulating someone in order to make him transfer goods or money into the perpetrator’s custody, the aim of this article is to criminalize undue manipulation in the course of data processing with the intention to effect an illegal transfer or property [12, cif. 86]. Phishing  mails, which mimic having a legitimate internal or external sender of emails while containing a request to transfer money, are a common scheme of computer-related fraud.
Expedited preservation of stored computer data (art. 29 cif. 1 CCC)
“A Party may request another Party to order or otherwise obtain the expeditious preservation of data stored by means of a computer system, located within the territory of that other Party and in respect of which the requesting Party intends to submit a request for mutual assistance for the search or similar access, seizure or similar securing, or disclosure of the data.” […]
Art. 29 regulates a very important aspect of the prosecution [16, p. 444], which is the access to evidence. It provides that a contracting party may request that data stored by means of a computer system in the territory of the requested contracting party be backed up without delay, and paragraph 3 requires each contracting party to create the legal conditions for this . This is to prevent the data from being modified, removed or deleted during the period necessary for the preparation, transmission and execution of a request for mutual legal assistance to obtain the data . If a state wants to refuse mutual legal assistance in order to preserve evidence in individual cases, this is only permissible under extremely restrictive conditions [16, p. 445]. This procedural provision in the Budapest Convention is absolutely crucial in the fight against cybercrime. Without efficient storage of evidence in a timely manner, the penalization of criminal actions would be extremely challenging to carry out .