Confidentiality, Integrity and Availability of IT Systems as the Interest Protected by the Cyber-Crimes in the Spanish Criminal Code
The object of this paper is to study the legal interest protected by the crimes that punish certain attacks against information systems in the Spanish Criminal Code. Specifically, it concludes that the confidentiality, integrity and availability of IT systems is the protected interest. Once the existence and autonomy of this interest has been established, arguments are also put forward to justify the criminal policy need to criminalize conducts that harm or put in danger the said interest
Delineating a profile for hackers and for cybercrime in general is a complex task. Yet, identifying a criminological theory capable of encompassing all the various “types” of hackers has become a necessity. The paper begins with a brief analysis of the three main macro-categories of hackers that have been defined at a scientific level (the so-called “black hat”, “gray hat”, and “white hat” hackers) and then proceeds to examine the compatibility of neutralization theory with the reasons behind the steep rise in cybercrime. The said theory – developed to describe the increase in juvenile crime in the US during the 1950s – points out a series of psychological processes that lead criminals to neutralize the moral and emotional counter-thrusts to delinquency. In a modern interpretation, these processes seem like a perfect fit for issues related to cybercrime. Through this re-proposal of neutralization theory, it becomes clear that a traditional manner of thinking of deterrence fails when it comes to repressing cybercrime, and that a multi-sectoral strategy is now required.
Since the second half of XX century, thanks to the development of ICT and the opening to the public of the internet, automation has been applied for the first time. The new technologic medium significantly and profoundly evolved over the years, shaping new scenarios that need a proper regulation. With respect to the liability of a number of subjects, the complexity of the web poses several issues, especially with respect to criminal responsibility (if any) of the Internet service provider, i.e. private entities managing web services, whose role has deeply changed in recent years. Starting from the new legal framework at EU level, this paper aims to highlight the most recent developments on the topic. From the said perspective, a really controversial point refers to a criminal liability for omission of the ISP about the unlawful content uploaded by the users. Such a situation can induce scholars and the case law to rethink basic criminal law concepts, to be reshaped in light of the ICT peculiarities.
In the last fifteen years, technological innovation has revolutionized the cultural and social aspects and the methods of consumption and production of products and services, transforming the web into a possible source of business for businesses. The regulatory “barriers” of the capital raising process requested by the banks and by the authorized financial intermediaries contributed to the affirmation of advanced financing instruments. Consider, in particular, Crowdfunding and ICOs, which are instruments of "disintermediation" of the collection of savings to finance, directly and without intermediaries, projects with global scale ambitions. It is clear that the opportunities that these new tools offer are accompanied by very serious threats, which intercept a worrying transmigration of entire sectors of economic and financial crime towards virtual space. In this perspective, technological innovation requires, today, the penal system to undertake a process of "de-individualization" of typical contrasting instruments, indeed, of a criminal law without a victim that aims to protect widespread and abstract interests.
The article discusses the issue of cyber investigations in a general perspective, identifying the elements that go beyond a specific national legislation. Three types of cyber investigations emerge (i.e. pretrial, reactive and reactive), contributing to outline a criminal system whose preventive and proactive character tend to increase. In addition, thanks to a reversal of perspective with respect to the traditional approach of the legal doctrine, rather than concentrating on the characteristics of digital evidence, the author focuses instead on the characteristics of the investigations aimed at gathering digital evidence. In particular, the main characteristics of these investigations (i.e. technical nature, transnationality and cooperation of private entities) are discussed and the fact that they can lead to structural changes of investigation activities is pointed out. Finally, the article identifies a new major challenge in automated investigations and proposes their bipartition in order to ensure the respect for fundamental rights.
La recente introduzione nel nostro codice penale della frode informatica aggravata dall’indebito utilizzo d’identità digitale pone una rilevante questione interpretativa. Nel presente contributo si analizza il rapporto tra la suddetta aggravante e quella di “furto d’identità digitale”, nonché le intersezioni con le fattispecie previste dal codice della privacy: mezzi diversi (e in cerca di autonomia) a tutela della “identità digitale”.