First, attach great importance to computer crime.
Like any technology, computer technology is also a double-edged sword. Its wide application and rapid development, on the one hand, greatly liberated social productive forces, on the other hand, brought unprecedented challenges to human society, especially computer crimes.
The so-called computer crime refers to all kinds of criminal acts committed by using computer technology, including both crimes against computers, that is, crimes targeting electronic data processing equipment, such as illegal intrusion and destruction of computer information systems, and crimes using computers, that is, crimes using electronic data processing equipment as criminal tools, such as theft and corruption. The former is a new type of crime caused by computer, which can be called computer crime in a pure sense or in a narrow sense; The latter is a traditional type of crime committed by computers, which can be called computer-related crime or generalized computer crime. ①
Since 1966, when the United States investigated and dealt with the first computer crime case, computer crimes around the world have increased at an alarming rate. Some data show that the annual growth rate of computer crime is as high as 30%, and the growth rate of developed countries and some high-tech regions far exceeds this ratio, such as 200% in France and 400% in Silicon Valley of the United States. Compared with traditional crimes, the losses caused by computer crimes are much more serious. For example, American statistics show that the average loss caused by each computer crime is as high as $450,000, while the average loss of traditional bank fraud and embezzlement cases is only $65,438+$9,000, the average loss of bank robbery cases is only $4,900, and the average loss of general robbery cases is only $370. Compared with property losses, using computers to commit terrorist activities and other crimes may be even more terrible. As Wen Schwatu, the communication consultant of Inter-Pact Company in the United States, warned: "When terrorists attack us, they knock on the keyboard, and millions of people may suffer from terror." The electronic warfare Pearl Harbor incident may happen at any time. "Therefore, it has become an indisputable fact in western countries to attach great importance to computer crime and its prevention and control. "There is no doubt that computer crime is a major issue worthy of attention today. In the future, this problem will be even bigger and more worthy of attention. " ⑥
Computer crime was first discovered in China in 1986. By the end of 1990, more than 30 computer crimes 130 have been discovered and cracked. ⑦ In 1990s, with the improvement of computer application and popularization in China, computer crimes showed a rapid growth trend. For example, from 1993 to 1994, the number of computer crimes in China reached more than 1200. According to incomplete statistics, there are at least thousands of computer crimes in China at present, involving banks, securities, insurance, foreign trade, industrial enterprises, national defense, scientific research and other departments. Pet-name ruby Some experts predict that "in the next five to 10 years, a large number of computer crimes will occur in China, thus becoming the most harmful and dangerous crime in society." ⑩
Second, the legislative investigation of computer crime abroad
Facing the surging computer crime, "our laws are like fish struggling on the deck, panting desperately, because the digital world is a completely different place." ⑾ In order to effectively punish and prevent computer crimes, all countries have strengthened their legislation in this field, not only because "legislation is an important means to prevent computer crimes", but also because "it is a factor that requires fair prevention and observation" ... Without borders, it is difficult to ensure that it will not affect and infringe on others. ”⒀
Since 1973, Sweden has taken the lead in formulating the first Swedish national data protection law that includes the punishment of computer crimes. Up to now, dozens of countries have successively formulated, revised or supplemented laws to punish computer crimes, including developed countries such as the United States, Europe and Japan that have entered the information society, and developing countries such as Brazil, South Korea and Malaysia that are entering the information society. ⒁
According to Barrett, a British scholar, different countries have adopted different schemes for the legislation of computer crimes in different situations: first, those new crimes that cannot be fully covered by laws in the non-information age, such as hacking, obviously need to be enacted by parliament or Congress; Second, by adding special clauses or precedents to "fill those special factors in the information age", the scope of application of the original law will be expanded, such as expanding the concept of "forging documents" to include the act of forging disks and expanding the concept of "property" to include "information"; Thirdly, it is further clarified through legislation that the original laws can be applied to crimes in the information age without any modification, such as theft (except stealing intangible property such as information), fraud, slander and so on. ⒂ In the first scheme (sometimes including part of the second scheme), there are mainly two different legislative modes: one is to formulate special legislation on computer crimes, such as the United States and Britain, and the other is to amend the criminal code to increase the provisions on computer crimes, such as France and Russia.
Next, select several representative countries to make a brief investigation on their computer crime legislation.
(1) USA
The United States has the highest computer and Internet penetration rate in the world. Even some European scholars admit: "Even from the perspective of a real European, American laws are very important, because the main systems, users and Internet content are all American. Therefore, the revision of American laws or the revision of the way laws are used will have an impact on the entire computer kingdom. " Therefore, the United States should be the first choice to study the legislation of computer crime.
The legislation of computer crime in the United States began in Illinois. 1978, Florida took the lead in promulgating the computer crime law. Since then, other states have followed suit. Now, all states except Vermont have enacted special computer crime laws. ⒄ These computer crime laws cover the following nine aspects :⒅
(1) Expand the traditional concept of "property". It is stipulated that electronic information and computer technology also belong to property, so that acts of stealing electronic information and computer technology can be handled according to charges such as theft.
(2) destruction. Many states make it a crime to "tamper with, damage, delete or destroy computer programs or files".
(3) Aiding and abetting. Some states explicitly stipulate the following acts as crimes: providing convenience for others to commit crimes such as corruption and fraud through computers.
(4) Infringement of intellectual property rights. These states make it a new crime to illegally invade computer systems, intentionally tamper with or erase computer data, and illegally copy computer programs or data. In this case, the criminal act is not required to cause actual damage. However, some states stipulate that unless this behavior is for profit, or causes certain economic losses to everyone, it does not constitute a crime.
(5) intentional illegal use. "Access" or "use" other people's computer systems without the owner's consent.
(6) obstructing the lawful use of computers. About 1/4 states stipulate that it is a crime to prevent legitimate users from fully obtaining the functions of computer systems, such as reducing the computer's ability to process information.
(7) illegal insertion or poisoning. These laws make it a crime to plant and spread "viruses", "worms" and "logic bombs" through telephone lines or floppy disks.
(8) Online invasion of privacy. In order to protect personal privacy in computers, some states stipulate that it is a crime to illegally invade computer systems and check the contents, even if nothing has been tampered with or extracted. However, some states stipulate that trespassing is not a crime if it is only for prying into other people's privacy.
(9) illegal possession. Some countries regard illegal possession of computer systems and their contents as an independent crime.
At the federal level, although Congress discussed the legislation of computer crimes as early as 1979, it was not until 1984 that a special law, Forged Access Devices and Computer Fraud and Abuse Act, was enacted to punish computer crimes. Subsequently, it was revised several times in 1986, 1988, 1989, 1990, 1994 and 1996 respectively. On the one hand, it constantly expands the scope of the law, on the other hand, it further clarifies some provisions and finally forms the law. The amendment stipulates that the following seven acts are criminal acts: ⒇
(1) Deliberately entering a computer system without permission or beyond the scope of permission, so as to obtain national defense and diplomatic information protected by the US government, or 1954 restricted data stipulated in the Atomic Energy Law;
(2) Deliberately entering the computer system without permission or beyond the scope of permission to obtain the financial information of financial institutions or credit card issuers specified in Article 15 of the United States Code, or information about consumers;
(3) Intentionally accessing non-public computers or government-specific computers of U.S. government agencies or institutions without permission, or affecting the operation of computers used by or serving the U.S. government under non-special circumstances;
(4) Access a protected computer without permission or beyond the scope of permission for the purpose of fraud and obtaining valuable things;
(5) A legitimate user causes the spread of programs, information, codes or commands, and intentionally damages the protected computer; Unauthorized users access the protected computer without permission, whether intentionally or unintentionally or recklessly damaging the protected computer;
(6) Deliberately using unauthorized passwords to invade government computer systems or interstate or foreign commercial systems with the intention of engaging in fraudulent transactions;
(7) Deliberately extort any money or other valuable things from any person, company, association, educational institution, financial institution, government entity or other legal entity; In interstate or foreign trade, spreading information containing any threat to destroy the protected computer.
According to the amendment, the above-mentioned crimes can be sentenced to fixed-term imprisonment or fines ranging from 1 year to 20 years. Attempted should also be punished, and the same punishment as accomplished. The amendment also stipulates that in view of the particularity of computer crimes, the US Federal Bureau of Economic Intelligence can directly investigate computer crimes according to the decision of the Minister of Finance and the Minister of Justice when necessary.
In addition, in addition to special computer crime legislation, there are at least 40 other laws in the United States that can be used to accuse some computer-related crimes. These laws include: Copyright Law, State Stolen Property Law, Mail and Telegraph Fraud Law, Telecommunication Privacy Law, Child Pornography Prevention Law and so on. (2 1)
(2) Britain
"Unlike the situation in the United States, there are no corresponding state and federal laws in Britain, and all laws are applicable to the whole country (although the laws in Scotland are different in many ways, the laws on computer abuse and related aspects are the same)." (22) The legislation of computer crime has gone through a process in Britain: 198 1 year, the concept of "forged documents" was expanded by amending the Forged Documents and Currency Act, and forged electromagnetic records were included in the scope of "forged documents"; (23) 1984 stipulates in the Law on Public Safety and Criminal Evidence that "the police can use the information in the computer as evidence", thus clarifying the evidential effect of electronic records in criminal proceedings; (24) 1985 by amending the copyright law, the act of copying computer programs is regarded as a criminal act, and the corresponding punishment is given; (25) 1990 promulgated the Computer Abuse Law (hereinafter referred to as the Abuse Law). In the abuse law, the following three kinds of computer crimes are mainly stipulated: 1, the crime of illegally invading computers. According to the provisions of Article 1 of the Abuse Law, the crime of illegally hacking into a computer refers to the behavior of an actor who intentionally intrudes into a computer system to obtain its programs or data without authorization. This kind of behavior does not need specific procedures or data, that is to say, even general browsing behavior constitutes a crime as long as it is intentional illegal intrusion. The offence is punishable by a fine of less than 2,000 pounds or imprisonment of less than 6 months, or both. 2. The crime of illegally invading a computer together with other criminal attempts. According to Article 2 of the Abuse Law, if someone illegally invades a computer? Is it beautiful? Common agreement? What about calcium? Hey? Hey? How many > men ⒔? Last name? ┑ Dental caries? Hook yarn ψ 8? Xia Wei round tube? Food writing? Imprisonment of up to years or unlimited fine. 3. Crime of illegally modifying computer programs or data. According to Article 3 of the Abuse Law, the perpetrator intentionally and illegally modifies the program or data in the computer, which will constitute this crime and can be sentenced to fixed-term imprisonment of not more than five years or unlimited fine. (26)
(3) France
The new French Criminal Code, which was adopted in 1992 and came into effect in 1994, has a special chapter "Crimes against automatic data processing systems", which provides for computer crimes. According to the provisions of this chapter, * * has the following three kinds of computer crimes: 1, the crime of invading the automatic data processing system. Article 323- 1 of the Criminal Law stipulates: "Anyone who fraudulently enters or refuses to exit the automatic data processing system in whole or in part shall be sentenced to imprisonment of 1 year and a fine of 1 10,000 francs. If you delete or change the data stored in the system or disrupt the operation of the system, you will be punished with two years' imprisonment and a fine of 200,000 francs. " 2. Crime of obstructing the operation of automatic data processing system. Article 323-2 of the Criminal Law stipulates: "Anyone who obstructs or disturbs the operation of the automatic data processing system shall be sentenced to three years' imprisonment and a fine of 300,000 francs." 3. Crime of illegally inputting, deleting or changing data. Article 323-3 of the Criminal Law stipulates: "Anyone who improperly inputs data into the automatic processing system, or cancels or changes the data stored in the system shall be sentenced to three years' imprisonment and a fine of 300,000 francs. "In addition, this chapter also stipulates that legal persons can also constitute the above crimes and be fined; For natural persons and legal persons, they can also be sentenced to qualifications such as "prohibiting from engaging in professional or social activities that commit crimes during activities or activities"; Attempted will also be punished. (27)
(4) Russia
The new criminal code adopted by Russia 1996 and coming into effect in 1997 also stipulates computer crimes in the name of a special chapter "Crimes in the field of computer information". Article 272 of this Law stipulates the crime of illegally obtaining computer information: it refers to the act of obtaining computer information protected by law by improper means, which leads to the loss, locking, variation or copying of information and damages the work of electronic computers, electronic computer systems or electronic computer networks. Article 273 stipulates "the crime of compiling, using and disseminating harmful computer programs": it refers to the act of compiling computer programs or modifying existing programs, knowing that these programs and modifications will lead to unauthorized loss, locking, variation or copying of information and damage to computers, computer systems or their network work, and using or disseminating these programs or machine carriers with these programs. The article also stipulates: "If the above acts and negligence cause serious consequences, they shall be sentenced to deprivation of liberty of not less than three years but not more than seven years." Article 274 stipulates "the crime of violating the rules of use of electronic computers, electronic computer systems or their networks": it refers to the act that a person who has access to electronic computers, electronic computer systems or their networks violates the rules of use of electronic computers, electronic computer systems or their networks, resulting in the loss, locking or variation of computer information protected by law and causing great damage. The article also stipulates that those who cause serious consequences due to negligence shall bear criminal responsibility. (28)
Third, China: Problems and Improvements
During the comprehensive revision of the Criminal Code from 65438 to 0997, the provisions on computer crimes were added in a timely manner, namely, the crime of illegally invading computer information systems stipulated in Article 285, the crime of destroying computer information systems stipulated in Article 286 and the traditional crime of using computers stipulated in Article 287. Recently, the State Council invited the National People's Congress Standing Committee (NPCSC) to consider the proposal of the draft decision on maintaining network security and information security, which clearly stipulated 15 acts such as theft, fraud and slander: "If a crime is constituted, criminal responsibility shall be investigated in accordance with the relevant provisions of the Criminal Law." (29) The promulgation of these regulations will undoubtedly play an important role in preventing and controlling computer crimes and promoting the healthy development of computer technology in China. However, at the same time, we should also see that China's current legislation in this area is far from meeting the needs of the development of the situation, and there are still many places to be improved. The brief analysis is as follows, and combined with foreign advanced legislative experience, some suggestions for improvement are put forward.
First of all, the scope of conviction is narrow and needs to be appropriately expanded. For example, the crime of illegally invading computer information systems stipulated in Article 285 of the Criminal Law only limits the criminal object to computer information systems in the fields of state affairs, national defense construction and cutting-edge science and technology, which is obviously too narrow. In fact, the security of computer information systems is in some fields, such as finance, medical care, transportation and shipping. , is also extremely important, illegal invasion of computer information systems in these fields also has serious social harm. Therefore, it is appropriate to expand the criminal object of this crime to include computer information in these fields. For another example, Article 286 of the Criminal Law only stipulates the destruction of computer information systems by technical means, and the object of destruction is only computer software, which cannot include the destruction of computer hardware or accessories by physical means, which may also cause computer system failure or other more serious consequences. Moreover, the act of stealing computer services is currently in a legislative blank. Article 265 of China's Criminal Law stipulates that the act of stealing communication systems can be punished according to the provisions of Article 264 of the Criminal Law on theft, but this article does not include the act of stealing computer services. Of course, because most foreign laws hold a unitary view of crime, that is, they do not distinguish between illegality and crime, and violation is a crime, while our laws hold a dual view of crime, that is, they distinguish between illegality and crime. General violations are dealt with according to the regulations on administrative penalties for public security, and serious violations are dealt with according to the criminal law. Therefore, when drawing lessons from foreign legislative cases, we can't copy them. Some acts regarded as crimes abroad can be dealt with by the regulations on administrative penalties for public security in China. For example, the illegal intrusion into the computer information system mentioned above, if the object of intrusion is only the computer system of ordinary users, should not be treated as a crime, and can be included in the scope of regulation of the Regulations on Administrative Penalties for Public Security. (30)
Secondly, the design of crime constitution is unreasonable, and it is necessary to increase corporate crime and negligent crime. At present, the subject of computer crimes is limited to natural persons, but in practice, all kinds of computer crimes are committed by legal persons, (3 1). Therefore, adding a legal person can become the subject of computer crime, which is a practical need. Furthermore, the crime of destroying computer information system stipulated in Article 286 of the Criminal Law is limited to intentional crime, which is not enough. At least, if some important computer information systems are destroyed due to serious negligence, resulting in serious consequences, criminal sanctions should be imposed, otherwise the purpose of effectively preventing and controlling such crimes cannot be achieved.
Third, the penalty setting is unscientific, and fine penalty and qualification penalty should be added. Computer crimes often cause huge economic losses, many of which are for profit, so it is natural to impose property penalties such as fines on them. At the same time, because most computer criminals are obsessed with their criminal methods, it is correct to punish them with certain qualifications, such as depriving them of the qualification to engage in a computer-related occupation or engage in a computer-related activity for a long time or a short time. Therefore, it is a common practice to punish computer crimes with freedom punishment as the main punishment, supplemented by fine punishment and qualification punishment. However, it is a great pity that Articles 285 and 286 of China's Criminal Law neither stipulate fine punishment nor qualification punishment for computer crimes.
Fourth, the criminal procedure law and other related laws are not perfect and need to be kept up. Although it is important to legislate on computer crimes, "it is equally important to enact relevant laws to ensure the compliance and enforcement of these laws". (32) The main problems we face in this respect are: 1. The seven kinds of evidence stipulated in China's current criminal procedure law do not include electromagnetic records, and there are still differences on the evidence effect of electromagnetic records in practice, which should be clarified as soon as possible; 2. The transnational characteristics of computer crime are very obvious. "On the Internet, the world is like a small village." (33) This will inevitably lead to an unprecedented increase in the number of extraditions for such crimes, thus calling for the re-enactment of China's extradition law. 3. Due to the inherent nature of criminal law, it is decided that it must be based on other relevant administrative laws and civil and commercial laws, which is the so-called "secondary principle of criminal law". (34) At present, the relevant administrative laws and civil and commercial laws in the computer field in China are still far from perfect, so we should pay close attention to this work to ensure the coordination and correct positioning of criminal law and them.
① See Michael Hatcher, Jay McDannell and Stacy Ostfeld: Computer Crime, American Criminal Law Review, Summer 1999. Many domestic works have also introduced and discussed the concept or definition of computer crime from many angles. For information about this, please refer to the following works: Liu Guangsan: On Computer Crime, Renmin University of China Press1June 1999, pp. 60-66; Zhao Tingguang, Zhu Huachi and Pi Yong: Conviction and Sentencing of Computer Crime, People's Court Press, March 2000, p. 19-33; Yu Zhigang: Research on Computer Crime, China Procuratorate Press, 1999, 10, pp. 56-68; Chen Xingshi and Fu Dongyang: Computer, Computer Crime and Computer Crime Countermeasures, China Procuratorate Press, July 1998, pp. 20-23. In addition, by the way, the relationship between computer crime, computer crime, Cyber Crime, Digital Crime and cyber crime is explained here: computer crime, cyber crime and digital crime have the same meaning, "computer crime" appears in the works of mainland scholars, and "computer crime" appears in the works of Taiwan Province scholars, while cyber crime and digital crime are translated from English respectively, the former comes from English. As for cyber crime, its meaning should be narrower than computer crime. Although cyber crime has become the main form of computer crime since the invention of the Internet, there are still stand-alone crimes that are not cyber crimes but computer crimes.
② The case happened in 1958 Silicon Valley, USA. It was a computer engineer who stole the bank balance by tampering with the program, but it was not discovered until 1966. (See Yu Zhigang: Research on Computer Crime, China Procuratorate Press, 1999, 10, p. 7. This can be taken as an example of the extremely high number of computer crimes. Some scholars have analyzed that due to the inherent concealment and professionalism of computer crimes, and the fact that injured companies and enterprises rarely report cases for fear of reputation damage, most computer crimes have not been discovered and investigated in practice, only 15%-20% have been discovered. (See Zhuang: On Computer Crime Investigation, Criminal Science of Taiwan Province Province, No.39, 127- 128. )
③ Quoted from Yu Zhigang: Research on Computer Crime, China Procuratorate Press, 1999, 10, pp. 7-8.
④ Quoted from Zhou Guangbin: Computer Crime and Information Security Abroad, in Proceedings of the Seminar on Informatization and Legal Construction in China,1March 1997, Beijing.
⑤ Quoted from Chen Xingshi and Fu Dongyang: Computer, Computer Crime and Computer Crime Countermeasures, China Procuratorate Press, July 1998, p. 39.
⑥ Excerpted from the report of American Bar Association and quoted from Liu Guangsan: On Computer Crime, Renmin University of China Press, June 1999, p. 74.
⑦ See Yu Zhigang: Research on Computer Crime, China Procuratorate Press, 1999, 10, pp. 8-9.
⑧ See Wu: Research on High-intelligence Crime, No.3 of Police Science, 1997.
9 See Liu Guangsan: On Computer Crime, Renmin University of China Press, June 1999, p. 86. It should be pointed out that it was not until 1997 that pure computer crimes such as the crime of illegally invading computer information systems and the crime of destroying computer information systems were added to China's criminal law. Judging from the examples of computer crimes listed above, in addition to those crimes in the criminal sense of using computers for theft and corruption, it also includes other illegal acts and anomie acts that are not stipulated as crimes in the criminal law but are harmful to society, such as making computer viruses. Therefore, the concept of "crime" here should be understood in the sense of criminology, not in the sense of criminal law. The same is true of the concept of "crime" used and quoted elsewhere in this article. Please pay attention. For the similarities and differences between the concepts of "crime" in criminal law and criminology, please refer to Kang Shuhua: Criminology-History, Present Situation and Future, People's Publishing House, September 1998, pp. 42-44. )
See Zhao Tingguang, Information Age, Computer Crime and Criminal Legislation, edited by Gao Mingxuan, Suggestions on Criminal Law Revision, Renmin University of China Press, 1997.
⑾ See Nicola Negroponte, translated by Hu Bing and Fan Haiyan: Digital Survival, Hainan Publishing House, 1997, p. 278.