Menu

Computer Offences

Hacking

A person who dishonesty either inside or outside the State operates a computer within the State with the intention to make a gain or causing a loss to another is guilty of an offence.  It may be prosecuted on indictment with a maximum jail sentence of 10 years. This crime is part of the set of dishonesty-based offences provided for under general criminal law.  See our chapter on fraud and theft offences.

The crime contemplates computer-based fraud, in particular with the intention of dishonesty procuring funds transfers.  A person acts dishonestly if he does so without a claim of right in good faith.  There must be a specific intention of making a gain or causing another a loss.  The gain or loss must relate to money or other property.

It is an offence for a person without lawful excuse to operate a computer within the State with the intent of accessing data kept out within or outside the State or outside the State with the intent of accessing data kept in the State.  It is not necessary to actually succeed in accessing the data.

In broad terms, the offence relates to hacking into another’s computer.  This may happen remotely or by physically accessing another’s computer without consent. A

Absence of Consent

A person has a lawful excuse if he believes that he has the consent of the person entitled to give consent or if the person would’ve consented if he had known of the accessing and the circumstances.  If a person honestly believes that he has consent, he is not guilty of the offence.

With some IT system, a person may have access to a product or system which itself is protected and coded and allows limited access only.  For example, computer software may be copyrighted, and limited rights may be granted in relation to the use of the intellectual property concerned. If a person accesses data or information beyond that permitted, typically protected by the coding or restricted access, the offence may be committed.

IP & E-Commerce Offences

The accessing of software without consent or other proper basis may constitute a separate offence under copyright legislation.  Under that legislation, the person who removes or alters, rights management information from copyright works of recordings, performances or copies of databases knowing or having reason to believe the primary purpose or effect of such a move or alteration is to induce, enable, facilitate, or conceal an infringement of any right concerned is guilty of an offence.

E-commerce legislation contemplates electronic signatures and signature devices.  It is an offence for a person to knowingly access copy or otherwise obtain, possess, recreate a signature creation device of another person without his authorisation for the purpose of creating,  allowing or causing another person to create an unauthorised electronic signature using the signature creation device.

There are similar offences for those who access, alter, disclose or use a signature creation device of a certification service provider without authorisation or in excess of lawful authority for the purpose of creating, allowing or causing another to create an unauthorised electronic signature using the signature creation device.

Varuous Offences

The offence of theft is constituted if a person dishonestly appropriates property without the consent of the owner and with the intention of depriving the owner of it.  Property includes intangible property.  It’s not clear whether confidential information on a computer or IT system constitutes property.

The Data Protection Act provides that a person who obtains access to personal data or information constituting such data without the consent of the data controller or data processor and discloses the information to another person is guilty of an offence.

Damaging data and information is an offence under the Criminal Damage Act.  Property, as defined by the Act, includes information in a form that can be accessed by a computer and a computer program.

Interference with Information Systems

An EU framework decision requires member states to ensure certain provisions and protections to ensure police and judicial cooperation in the area of offences related to attacks on information systems. Member states are expected to provide criminal sanctions against

  • illegal access to information systems
  • illegal system interference
  • illegal data interference.
  • instigation, aiding abetting and attempting the same.

The legislation provides for information sharing between member states.

Existing legislation largely covers the above areas. Member states must ensure that corporate bodies may be held liable for cybercrimes committed for their benefit or any person acting on their behalf. The company or other legal person may be held liable where the lack of sufficient supervision or control, has made the commission of the offence possible for the benefit of that legal person.  This is not to preclude criminal offences against persons involved in the offence.

Related Posts

error: Content is protected !!