Computer Crime Research Center

staff/gva2.jpg

Criminal and Legal Aspects of Fighting Computer Crime

Date: March 04, 2004
Source: Computer Crime Research Center
By: Vladimir Golubev

Nowadays, intensive use of computer technologies in various spheres of human activity has significantly changed an idea of a place and a role of information in present-day society. National information resources have appeared as a new economic category. They became one of the most important factors of postindustrial world development. Society is getting features of an information society. This happens owing to development of computer technologies processing information.


Unfortunately, new kinds of crime as "computer crime", "cyber terrorism" and "information war" appeared.


Special anxiety is related to crimes in sphere of computers. Number of computers in developed countries is constantly growing. Trend of increase in such crimes is extending also to Ukraine. We have a number of cases illustrating computer technologies use for criminal purposes. Serious problems of information security constantly arise as homeland is integrating in the Internet.


A united policy is realized at the state level on purpose of national interests security maintenance from threats in information sphere; a balance of need for free information exchange and admissible restrictions for its distribution are established; the legislation of Ukraine in field of IS is being improved; activity of state authorities on safety in the information environment is being coordinated; state information resources are being protected at defense enterprises; native telecommunication and information means are being developed; information structure of IT development is being improved; means of search, collecting, storage, processing and the analysis of information are being unified on purpose of entering global information infrastructure.


The urgency of research in this issue is caused also by a problem of increase in efficiency of fighting computer criminality on the part of law enforcement. Creating of the corresponding legal base in law enforcement agencies is of high priority.


In process of studying the legislative experience in foreign countries, some separate scientists drafted recommendations and offers on criminal legal regulation of this field in native legislation.


According to D. Azarov [1] “regulations in the new Criminal Code of Ukraine concerning responsibility for crimes in sphere of computers and computer systems demand a careful analysis. We consider that it is necessary to take into account experience of other European countries in this sphere. Issues of criminalization and, probably, decriminalization of certain actions in sphere of computers, systems and networks demand a further studying. The international experience shows a presence of certain actions that belong to a category of computer crimes, and crimes of some other character, rather than those which attributes are determined in the Criminal Code of Ukraine”.


Especially, European Council experts in criminal law suggest to criminalize such socially dangerous acts in sphere of computer information:

1) computer fraud;

2) computer forgery;

3) damage of computer information or software;

4) computer sabotage;

5) unauthorized access;

6) unauthorized interception.


The analysis of law that regulates public information relations in Ukraine, allows to assert that our government takes measures of stimulating the infrastructure development on the basis of the newest technologies, along with necessary measures of containment and counteraction to negative events in sphere of computer technologies.


Among top-priority steps of state policy in sphere of counteraction to computer criminality is an appearance of new Section 16 in the Criminal Code of Ukraine - “Crimes in Sphere of Computers, Systems and Networks”. Having recognized information as a subject of theft, assignment, extortion and other criminal acts, criminal law has confirmed status of information as an object of the property right that is coordinated with substantive regulations of information legislation. Till recently, criminal legal doctrine unreasonably unfiled information from the list of possible subjects of theft or other property crimes.


In this connection, appearance of the mentioned section in the Code is natural and objective necessity of legal means in process of solving problems related to fundamental modification of technology, world outlook of people, international relationship under conditions of a wide scope computerization of information sphere.


As is well-known, the Section 16 includes three Articles: 361 “Illegal interference with operation of computers, systems and networks”, that is an illegal interference with operation of automated computers, systems or networks resulted in distortion or erasing of computer information or destroying its carriers, and also to spreading of computer viruses by using software and hardware designed for illegal penetration into these machines, systems or networks and capable of distortion or erasing computer information or destroying its carriers”; the Article 362 “Theft, misappropriation, extortion of computer information or its capture by swindling or abusing official position” and the Article 363 “Violation of automated electronic computer operating rules”: violation of operating rules of automated computers, systems or networks on the part of a person responsible for their operation, if it has entailed theft, distortion or erasing of computer information, security means, or illegal copying of computer information, or essential infringement of such facilities, systems or networks operation.


The components of crimes defined in the mentioned section are correlated with existing needs of public legal actuality. Also, they are aimed at protection maintenance of the corresponding rights, liberties and legitimate interests of individuals and legal entities. Unfortunately, these legal norms have some weaknesses at the same time. It is necessary to dwell on the analysis of some problems of crimes from the Section 16 of the Criminal Code [2].


Illegal interference with operation of computers, systems and networks (referring to the Article 361 of the Criminal Code of Ukraine). The Article 361 defines responsibility for illegal interference with operation of automated computers, systems or networks that has led to distortion or destruction of computer information, or carriers, and also to distribution of computer virus by application of software and other means with intent of illegal penetration into these machines, systems or networks and capable to entail distortion or destruction of computer information or carriers of such information.


The Article 361 protects the proprietor’s right to inviolability of information in automated computers, systems or networks. The owner of automated system is any person that legally uses services of information processing as the proprietor of such system (computer, systems or networks) or as the person that has the right to use such system.


Criminal act, responsibility for which is provided for by the Article 361, should consist of illegal intervention in work of automated computers, systems or networks. It always has a character of fulfilment of certain actions, and it can be a penetration into computer system by use of special technical means or software, allowing to overcome installed systems of protection from illegal application of obtained passwords or masking under a kind of a legal user with purpose of penetration into computer system [3].


So, Part 1 of the Article 361 defines “illegal interference with operation of automated computers, systems and networks that has led to distortion or destruction of computer information or carriers of such information” as penal action. This component of crime is of material character. Consequences are obligatory element of the crime. However, the law contains a limited list of harmful consequences in any other forms, except for specified in the Article 361. The person who has performed the specified actions in forms, not defined in the Article 361, is not subject to criminal liability.


The Criminal Code of Ukraine has established the responsibility for distribution of computer viruses. But an obligatory element of the objective side of this crime lies in the way of its commitment, namely: by application a software and/or other means with intent of illegal penetration into automated machines, systems and networks and capable to cause distortion or destruction of computer information or carriers of such information. If the person distributes a computer virus in a different way or by application of other instruments and means which are not bearing the above-stated attributes in aggregate, such person is not subject to the responsibility according to the Article 361 of the Criminal Code.


Direct object of a crime is the information property right, that is the broken right of the proprietor's ownership, use or control over information. Interpretation of this term in a context of automated systems is placed in the Article 1 of the Automated Systems Information Security Law of Ukraine: “... information in automated systems is a set of all data and programs used in automated systems, irrespectively of means of their physical and logic representation... ”.


Displays of the objective side of crime components are: actions like distortion or destruction of computer information or carriers of such information, and also distribution of...


Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo