Second Additional Protocol to the Cybercrime Convention on enhanced co-operation and disclosure of electronic evidence (CETS No. 224) 

Official text and translations

  Treaty Office: English Second Additional Protocol

  Treaty Office: French Second Additional Protocol

  Treaty Office: Official and non-official languages

Council of Europe Publications

 PDF Booklets (Convention, Protocols and Guidance notes ) EN / FR / ES / PT / ARA

 Special edition of the Second Additional Protocol  

While cybercrime is proliferating and the complexity of obtaining electronic evidence that may be stored in foreign, multiple, shifting or unknown jurisdictions is increasing, the powers of law enforcement are limited by territorial boundaries. As a result, only a very small share of cybercrime that is reported to criminal justice authorities is leading to prosecutions or court decisions.

The Protocol responds to this challenge and provides tools for enhanced co-operation and disclosure of electronic evidence - such as direct cooperation with service providers and registrars, effective means to obtain subscriber information and traffic data, immediate co-operation in emergencies or joint investigations - that are subject to a system of human rights and rule of law, including data protection safeguards.

What is the Second additional Protocol?

 

  • Watch the video in FR or  ES

Tools of the Second Additional Protocol

  • Direct requests to registrars in other jurisdictions to obtain domain name registration information
  • Direct co-operation with service providers in other jurisdictions to obtain subscriber information
  • More effective means to obtain subscriber information and traffic data through government-to-government co-operation
  • Expeditious co-operation in emergency situations
  • Joint investigation teams and joint investigations
  • Video conferencing
  • A strong system of human rights and rule of law safeguards, including for the protection of personal data
lATEST NEWS

Back CyberSPEX: Domestic meeting on the implementation of the Second Additional Protocol to the Convention on Cybercrime in Italy

CyberSPEX: Domestic meeting on the implementation of the Second Additional Protocol to the Convention on Cybercrime in Italy

The CyberSPEX project supported the Ministry of Justice of Italy in the organisation of a domestic meeting with national authorities and service providers on the implementation of the Second Additional Protocol (2AP) to the Convention on Cybercrime (Budapest Convention). The event took place in Rome on 6 February 2026, bringing together representatives from national authorities, the private sector, and other relevant stakeholders involved in cybercrime investigations and electronic evidence management.

The meeting provided a platform for participants to exchange views on domestic legislative and operational challenges related to the implementation of the 2AP, particularly in relation to public-private cooperation and the EU e-Evidence framework. It focused on the mechanisms established under articles 6 to 10 of the Protocol, which facilitate direct co-operation between competent authorities and service providers across jurisdictions and emergency international co-operation.

Participants included representatives from the Ministry of Justice, the National Anti-Mafia and Anti-Terrorism Directorate (DNAA), the national Eurojust desk, the Postal Police and Cybersecurity Service, national service providers, the National Naming Authority, and other key stakeholders. Council of Europe experts contributed to the discussions by providing insights on the provisions of the Protocol, their interaction with national legislation and practices from other countries.

Through plenary discussions, attendees explored the strategic ways in the implementation of the 2AP, identified legislative solutions, and discussed the specific needs of authorities and private entities. The event supported Italy’s ongoing efforts to implement the 2AP for enhancing the international co-operation on transborder criminal investigations involving electronic evidence.

This meeting is part of CyberSPEX’s objective to assist EU member states in implementing the Second Additional Protocol, ensuring that authorities and service providers can co-operate efficiently to access electronic evidence in compliance with international legal standards.

Cybercrime Convention (Budapest Convention)

 Second Additional Protocol to the Convention on Cybercrime, on enhanced co-operation and disclosure of electronic evidence

 Explanatory Report to the Second Additional Protocol to the Convention on Cybercrime

Cybercrime Programme Office (C-PROC)

 CyberSPEX Project

Rome, Italy 6 February 2026
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
In brief

52

signatories in total*

4

countries have ratified the Protocol (out of the 52 signatories)*

See the full list on the Treaty Office webpage

timeline

15 April 2026

Costa Rica became the fourth state to ratify the Second Additional Protocol to the Convention on Cybercrime

5 February 2026

Hungary became the third state to ratify the Second Additional Protocol to the Convention on Cybercrime - Cybercrime

14 November 2025

Bosnia and Herzegovina became the 52nd State to sign the Second Additional Protocol to Convention on Cybercrime - Cybercrime

9 July 2025

Norway becomes the 51st State to sign the Second Additional Protocol

5 June 2025

Fiji signs the Second Additional Protocol (becoming the 50th State)

 27 March 2025

Latvia becomes the 49th State to sign the Second Additional Protocol

12 December 2024

Peru becomes the 48th State to sign the Second Additional Protocol

24 September 2024

Paraguay becomes the 47th State to sign the Second Additional Protocol

20 June 2024

 Czechia and Sierra Leone become the 45th and 46th States to sign the Second Additional Protocol

17 June 2024

 Georgia becomes the 44th State to sign the Second Additional Protocol

16 November 2023

 Armenia becomes the 43th State to sign the Second Additional Protocol

28 June 2023

 Hungary, Cabo Verde and Ghana become 40th, 41rst and 42nd states to sign the Second Additional Protocol

22 June 2023

 Malta becomes the 39th State to sign the Second Additional Protocol

20 June 2023

 Canada becomes the 38th State to sign the Second Additional Protocol

31 May 2023

 Mauritius becomes the 37th State to sign the Second Additional Protocol

27 February 2023

Albania becomes the 36th State to sign the Second Additional Protocol

16 February 2023

Argentina becomes the 35th State to sign the Second Additional Protocol

30 January 2023

The Dominican Republic becomes the 34th State to sign the Second Additional Protocol

 27 January 2023

France and Germany become the 32nd and 33rd signatories

 20 January 2023

Greece becomes the 31rst signatory

 30 November 2022
 6 Parties sign the Second additional Protocol [Croatia, Moldova, Slovenia, Sri Lanka, Ukraine and the United Kingdom]

 13 June 2022
Costa Rica becomes 24th signatory

20 May 2022
Andorra becomes 23rd signatory

12 May 2022
 22 Parties sign the Second additional Protocol at the opening for signature conference [Austria, Belgium, Bulgaria, Chile, Colombia, Estonia, Finland, Iceland, Italy, Japan, Lithuania, Luxembourg, Montenegro, Morocco, Netherlands, North Macedonia, Portugal, Romania, Serbia, Spain, Sweden and the United States of America]

 17 November 2021
 The Second additional Protocol is adopted by the Committee of Ministers

 
#cyber2AP

Opening for signature, 12 May 2022

Watch the videos of the event, scroll through the photo gallery and read all of our resources from panel members on the event page