Second Additional Protocol to the Cybercrime Convention on enhanced co-operation and disclosure of electronic evidence (CETS No. 224) 

Official text and translations

  Treaty Office: English Second Additional Protocol

  Treaty Office: French Second Additional Protocol

  Treaty Office: Official and non-official languages

Council of Europe Publications

 PDF Booklets (Convention, Protocols and Guidance notes ) EN / FR / ES / PT / ARA

 Special edition of the Second Additional Protocol  

While cybercrime is proliferating and the complexity of obtaining electronic evidence that may be stored in foreign, multiple, shifting or unknown jurisdictions is increasing, the powers of law enforcement are limited by territorial boundaries. As a result, only a very small share of cybercrime that is reported to criminal justice authorities is leading to prosecutions or court decisions.

The Protocol responds to this challenge and provides tools for enhanced co-operation and disclosure of electronic evidence - such as direct cooperation with service providers and registrars, effective means to obtain subscriber information and traffic data, immediate co-operation in emergencies or joint investigations - that are subject to a system of human rights and rule of law, including data protection safeguards.

What is the Second additional Protocol?

 

  • Watch the video in FR or  ES

Tools of the Second Additional Protocol

  • Direct requests to registrars in other jurisdictions to obtain domain name registration information
  • Direct co-operation with service providers in other jurisdictions to obtain subscriber information
  • More effective means to obtain subscriber information and traffic data through government-to-government co-operation
  • Expeditious co-operation in emergency situations
  • Joint investigation teams and joint investigations
  • Video conferencing
  • A strong system of human rights and rule of law safeguards, including for the protection of personal data
lATEST NEWS

Back CyberSPEX: Roundtable on the implementation of the Second Additional Protocol to the Convention on Cybercrime in Romania

CyberSPEX: Roundtable on the implementation of the Second Additional Protocol to the Convention on Cybercrime in Romania

On 21 April 2026, on the margins of the 12th anniversary of the Cybercrime Programme Office (C-PROC) of the Council of Europe, a dedicated roundtable on the implementation of the Second Additional Protocol (2AP) to the Convention on Cybercrime (Budapest Convention) in Romania was organised, focusing on enhancing the legislative and operational framework. The event was supported by the CyberSPEX Project and convened 28 professionals from key national institutions including the National Police, the National Institute of Magistracy, the Ministry of Justice, the Directorate for Investigating Organized Crime and Terrorism, the National Cybersecurity Directorate, and the Bucharest Court of Appeal.

Opening remarks were delivered by Matthias Kloth (Head of the Council of Europe’s Digital Governance and Sport Department), Aisling Kelly (Head of the Cybercrime Division), Virgil Spiridon (Head of the Cybercrime Programme Office, C-PROC), and Jutta Dinca (Programme Manager, CyberSPEX), who emphasized the importance of continued engagement for effective implementation of the Second Additional Protocol, referenced achievements and ongoing co-operation with national and international partners.

Discussions centered on legislative and practical challenges of implementing the Second Additional Protocol, with a focus on mechanisms under articles 6 to 10, namely direct co-operation with service providers, 

expedited disclosure of electronic evidence, and emergency mutual assistance. Participants exchanged views on competent authority designation, procedures for emergency requests, and practical solutions for cross-border co-operation. The importance of harmonizing domestic definitions with Protocol standards and establishing effective internal mechanisms for adequate responses was highlighted. The meeting also aimed at  strengthening the understanding of the Protocol’s provisions, identify legislative and organizational needs, addressing similarities and differences with EU e-Evidence instruments and exploring domestic solutions.

The roundtable was organised as part of the CyberSPEX project’s efforts to support EU member states in the implementation of the Second Additional Protocol to the Budapest Convention and was a catalyst for Romanian authorities to progress towards effective cross-border co-operation and streamlined access to electronic evidence in line with international standards. 

 

Newsroom: 12 years of cooperation between Romania and the Council of Europe to strengthen capacities in the field of cybercrime - Cybercrime

Cybercrime Programme Office of the Council of Europe (C-PROC)

CyberSPEX Project

 

Bucharest, Romania 21 April 2026
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
In brief

52

signatories in total*

4

countries have ratified the Protocol (out of the 52 signatories)*

See the full list on the Treaty Office webpage

timeline

15 April 2026

Costa Rica became the fourth state to ratify the Second Additional Protocol to the Convention on Cybercrime

5 February 2026

Hungary became the third state to ratify the Second Additional Protocol to the Convention on Cybercrime - Cybercrime

14 November 2025

Bosnia and Herzegovina became the 52nd State to sign the Second Additional Protocol to Convention on Cybercrime - Cybercrime

9 July 2025

Norway becomes the 51st State to sign the Second Additional Protocol

5 June 2025

Fiji signs the Second Additional Protocol (becoming the 50th State)

 27 March 2025

Latvia becomes the 49th State to sign the Second Additional Protocol

12 December 2024

Peru becomes the 48th State to sign the Second Additional Protocol

24 September 2024

Paraguay becomes the 47th State to sign the Second Additional Protocol

20 June 2024

 Czechia and Sierra Leone become the 45th and 46th States to sign the Second Additional Protocol

17 June 2024

 Georgia becomes the 44th State to sign the Second Additional Protocol

16 November 2023

 Armenia becomes the 43th State to sign the Second Additional Protocol

28 June 2023

 Hungary, Cabo Verde and Ghana become 40th, 41rst and 42nd states to sign the Second Additional Protocol

22 June 2023

 Malta becomes the 39th State to sign the Second Additional Protocol

20 June 2023

 Canada becomes the 38th State to sign the Second Additional Protocol

31 May 2023

 Mauritius becomes the 37th State to sign the Second Additional Protocol

27 February 2023

Albania becomes the 36th State to sign the Second Additional Protocol

16 February 2023

Argentina becomes the 35th State to sign the Second Additional Protocol

30 January 2023

The Dominican Republic becomes the 34th State to sign the Second Additional Protocol

 27 January 2023

France and Germany become the 32nd and 33rd signatories

 20 January 2023

Greece becomes the 31rst signatory

 30 November 2022
 6 Parties sign the Second additional Protocol [Croatia, Moldova, Slovenia, Sri Lanka, Ukraine and the United Kingdom]

 13 June 2022
Costa Rica becomes 24th signatory

20 May 2022
Andorra becomes 23rd signatory

12 May 2022
 22 Parties sign the Second additional Protocol at the opening for signature conference [Austria, Belgium, Bulgaria, Chile, Colombia, Estonia, Finland, Iceland, Italy, Japan, Lithuania, Luxembourg, Montenegro, Morocco, Netherlands, North Macedonia, Portugal, Romania, Serbia, Spain, Sweden and the United States of America]

 17 November 2021
 The Second additional Protocol is adopted by the Committee of Ministers

 
#cyber2AP

Opening for signature, 12 May 2022

Watch the videos of the event, scroll through the photo gallery and read all of our resources from panel members on the event page