Unauthorised access to commercial information, including Internet crime. Chapter 2
| Date | 01 January 2005 |
| Author | Leani Marlie Van Schalkwyk |
| Published date | 01 January 2005 |
| DOI | 10.10520/EJC74044 |
| Pages | 12-45 |
CHAPTER 2
UNAUTHORISED ACCESS TO COMMERCIAL
INFORMATION, INCLUDING INTERNET CRIME
1. Introduction
In this chapter the unauthorised access to personal data is inves-
tigated.
The issue of access touches two levels.The first involves the ques-
tion of how to prevent information from falling into the hands of a
person with unacceptable intentions.The second level concerns the
protection of information from the knowledge of third parties.
Under the first level, computer crime and especially information
crime is considered as well as the problems that prosecutors face
pertaining to the definition of “property”.
The second level of access contentious topics such as data mining,
spam and hacking50 receives attention.
2. Unauthorised access to personal data
The implication attached to the disclosure of information is that it
becomes accessible to another person. The desire to gain unau-
thorised access to computer systems can be prompted by a number
of motives, from simple curiosity to computer espionage.
Access is often accomplished from a remote location along a tele-
communications network. Perpetrators can take advantage of lax
security measures to gain access or by finding loopholes in exist-
ing security measures. They can impersonate legitimate users and
gain access to networks by bypassing passwords.
2.1 First level access: Protect information from misuse
2.1.1 Computer crime51
This aspect deals with the first level of unsolicited access mentioned
above: to prevent information from falling into the hands of a person
with unacceptable intentions.
Since the main perspective adopted in this study originates from
issues concerning the Internet, Internet crime (or cybercrime) as
12
50 For definitions of these terminologies see page 103 for a list of defi-
nitions.
51 Computer crime is also referred to as information technology crime
(IT
-crime), but since the former is embedded in public perception, it
will be used subsequently.
a component of computer crime will receive more attention. It is true,
however that not all research documents make this distinction and
the words “computer crime” in many instances also depict situations
applying to Internet crime.
The history of computer crime dates back to the 1960s when the
first articles on cases of so-called “computer crime” or “computer-
related crime”52 were published in the public press and in scientific
literature. These cases primarily included computer manipulation,
computer sabotage, computer espionage and the illegal use of com-
puter systems.53
To define the concept of computer crime proves to be a mammoth
task. The United Nations Manual on the prevention and control of
computer-related crime54 states that a global definition of computer
crime has not been achieved but that functional definitions are often
proposed. These functional definitions usually only serve a purpose
in the context of the study in which they appear.
In the South African Green Paper on e-commerce55 “cybercrime” is
described as
illegal acts, the commission of which involves the use of an
electronic system, networks, technologies and devices such
as the telephone, microwave and satellite.56
It is functional to make a distinction between “computer crimes”
and “computer related crimes”.The latter requires computers to be
used as tools or targets of the criminal offence, but knowledge of
the workings of a computer is not essential for the successful com-
mission of the offence.Computer crime can thus be regarded as
a criminal offence for which the knowledge of computers is a pre-
requisite for the successful commission of the crime.
Van der Merwe suggests57 that the working definition submitted by
the OECD58 in 1986 is adequate for purposes of discussing the sub-
ject “computers and criminal law”. This definition reads that “com-
puter abuse is considered as any illegal, unethical or unauthorized
13
52 Sieber (1998:19) uses both terms synonymously here.
53 Sieber 1998:19.
54 1994 par. 21.
55 Available at www.polity.org.za/govdocs/green_papers/greenpaper/
56 See Van der Merwe 2003:33 for a detailed discussion on the relevant
definitions proposed by different bodies and authors that does not need
further elaboration here.
57 LAWSA Vol.5 par. 11.
58 The United Nations division “Organisation for Economic Cooperation
and Development”.
behaviour relating to the automatic processing and the transmis-
sion of data”. This definition is also preferred by Professor Sieber
in his study on computer crime commissioned by the European
Commission in 1998.59
A comprehensive definition for computer crime is provided by the
Council of Europe in its report on computer crime:
The input, alteration, erasure or suppression of computer data
or computer programmes, or other interference with the
course of data processing, that influences the result of data
processing thereby causing economic loss or possessory
loss of property of another person, or with the intent of pro-
curing an unlawful economic gain for himself or for another
person.60
Based on this definition a division of five categories of computer crime
can be made:61
• unauthorised access;
•unauthorised use;
• dishonest manipulation;
• computer sabotage, and
• theft of information.62
This definition is functional and wide enough to incorporate hacking
and virus-planting.63
Sieber64 distinguishes between four main parts of computer crime
with subdivisions:
(i) Infringements of privacy
(ii) Economic offences
a. Computer hacking
b. Computer espionage
c. Software piracy and other forms of product piracy
d. Computer sabotage and computer extortion
e. Computer fraud
14
59 Sieber 1998:20.
60 Recommendation No R (89) 9 adopted by the Council of Ministers on
13 September 1989. (Available at http://cm.coe.int/ta/rec/1989/89r9.htm):
245.
61 Van der Merwe 2000:166; 2003:34.
62 See discussion under chapter 2 (2.1.1.2.1).
63 Virus-planting and Trojan horses are not discussed within the context
of this study, but for interest sake it is noted that the Electronic Com-
munications and Transactions Act 25 of 2002 prohibits it in section
86(2). See page 103 for a list of key terms.
64 1998:39.
To continue reading
Request your trial