Back to homepage

Milestones: 20 years of action


Cybercrime is not a new form of crime, it has been around for some 50 years. The Council of Europe began to work on criminal justice responses to cybercrime from the mid-1980s onwards.

In 1997, the Council of Europe then decided that it was time to negotiate a binding international treaty on cybercrime. On 23 November 2001, the Convention on Cybercrime was opened for signature in Budapest. We invite you to explore below the key milestones!



  2. 23 November 2001

    Convention opens for signature

  3. 28 January 2003

    1st Additional Protocol on the criminalisation of acts of a racist and xenophobic nature

  4. 2001 – 2005

    Albania, Croatia, Estonia, Hungary, Lithuania, North Macedonia, Romania, Slovenia, Bulgaria, Cyprus, Denmark join the Convention

  5. 1 July 2004

    Convention enters into force

  6. 2006– 2010

    Armenia, Bosnia and Herzegovina, France, Netherlands, Norway, Ukraine, Finland, Iceland, Latvia, Italy, Slovakia, Germany, Moldova, Serbia, Azerbaijan, Montenegro, Portugal, Spain and the United States of America (in 2006), as the first non-member of the Council of Europe, join the Convention

  7. 2012

    The T-CY begins to carry out assessments of implementation and to adopt Guidance
    Read more about assessments and Check the Guidance Notes

  8. 2013

    Guidance Notes on DDOS attacks, the provisions of the Budapest Convention covering botnets, identity theft and phishing in relation to fraud, new forms of malware and critical information infrastructure attacks.

  9. 2014

    Cybercrime Programme Office of the Council of Europe (C-PROC) in Bucharest becomes operational

  10. 2014

    T-CY “Transborder Group” (2012-2014)
    Guidance Notes on transborder access to data and spam
    Read the Guidance Notes

  11. 2011 – 2015

    Switzerland, United Kingdom, Australia, Austria, Belgium, Georgia, Japan, Malta, Czech Republic, Dominican Republic, Luxembourg, Mauritius, Panama, Turkey, Canada, Poland, Sri Lanka join the Convention

  12. 2016

    Guidance Note on terrorism
    Read the Guidance Notes

  13. 2017

    T-CY “Cloud Evidence Group” (2015-2017)
    Guidance Note on production orders for subscriber information
    Read the Guidance Notes

  14. 2019

    Guidance Note on election interference
    Read the Guidance Notes

  15. 2016 - 2021

    Andorra, Israel, Liechtenstein, Chile, Costa Rica, Greece, Monaco, Senegal, Tonga, Argentina, Cabo Verde, Morocco, Paraguay, Philippines, Ghana, Peru, San Marino, Colombia, Sweden join the Convention

  16. May 2021

    2nd Additional Protocol on enhanced cooperation and disclosure of electronic evidence  – approved by the Cybercrime Convention Committee

  17. November 2021

    Adoption of the 2nd Additional Protocol by the Council of Europe 

  18. 12 May 2022

    Opening for signature of the 2nd additional Protocol by the Council of Europe 

  19. To be continued...