Studying data crime cases, under the condition that the theory and practice are not completely connected at present, can systematically summarize the identification standards of judicial practice, help private enterprises, entrepreneurs and employees to establish a "guide to avoiding pits", establish a sense of compliance and establish a risk prevention system, which is conducive to the stable development of the national economy and the healthy development of private enterprises.
Based on the above purpose, we searched Peking University Magic Weapon Database with "data" as the key word, and screened out criminal cases from 20 17, and obtained 2 relevant notification cases, 27 guiding cases, 42 typical cases and 29 reference cases. We screened out some representative cases and tried to summarize the law of judicial practice.
Representative cases
Judicial practice appraisal method
First, the main crimes involved in data crimes
According to the case search, the main crimes that data crimes may involve are: (1) the crime of destroying computer information system, (2) the crime of illegally controlling computer information system, (3) the crime of illegally obtaining computer information system data, (4) the crime of infringing citizens' personal information and (5) the crime of infringing commercial secrets.
In addition, according to the author's practical experience, the related crimes include: (6) the crime of illegally invading the computer information system, (7) the crime of providing tools for invading and illegally controlling the computer information system, (8) the crime of infringing copyright, (9) the crime of illegal business operation, (10) covering up and concealing the crime, (165433).
Second, the focus of data crime
1. The nature and type of data. For example, whether it involves personal information, copyright, trade secrets, etc. , whether it is public data, etc.
2. How to obtain data. For example, what is the acquisition method, what kind of "computer information system" is involved, whether it belongs to "illegal intrusion" (that is, whether it involves unauthorized or ultra-authorized, breaking through technical means), whether it interferes with or destroys computer information systems, etc.
3. Use of data. For example, do you know the source and legitimacy of the data, whether it involves illegal business, whether it involves competitive applications, whether or how to provide or sell it to others.
Third, the core evidence of data crime
Judging from the evidence, data crime often involves the examination and application of electronic evidence, which is a highly professional work. Procuratorial organs usually intervene in handling cases in advance, instruct investigation organs to collect and preserve evidence, supplement investigations by themselves, and request appraisal institutions and external experts to give guidance on key personnel, technical principles, on-site inspection, electronic evidence collection and evidence review.
Fourth, the defense strategy of data crime.
The defense opinions of public case are generally put forward from the aspects of jurisdiction, evidence confirmation and lenient circumstances. But generally speaking, the research value of these defense opinions is limited, because many disputes, discussions, compromises or transactions in practice can not be reflected in the judgment documents, and only the agent can clearly know the ins and outs of the whole case, as well as the tortuous process or intervention factors of the judgment. Therefore, lawyers' practical experience is particularly valuable, which is irreplaceable by online public judgment documents. Later, I will further share my practical experience in defending data crime cases.
The new characteristics of verb (verb's abbreviation) data crime
Judging from the facts of the case, data crime is generally closely related to cyber crime, with the characteristics of strong professionalism, strong technology and cross-regional (possibly involving overseas). For example, the typical case of 12 network science and technology crimes issued by the People's Procuratorate of Haidian District, Beijing involves many new types of science and technology crimes such as "data hijacking", "deleting database" and "illegal login".
The closing date of the above searchable important cases is earlier than the effective date of a series of new regulations such as the Data Security Law, the Personal Information Protection Law and the Cyber Security Law. With the application and further refinement of the new law in practice, there may be more important cases under the general crimes of infringing citizens' personal information and refusing to perform the obligation of network security management, and the new obligation of data security protection may also lead to criminal risks involving national security. Criminal acts involving data may include a series of acts from collection, storage, use, processing, transmission, provision to disclosure. Different objective behaviors and subjective consciousness in data processing may completely touch on multiple charges. With the joint efforts of legislation and supervision, the extension and connotation of data-related crimes will be further clarified, and we will continue to pay attention to it.