with the scientific collaboration of
ISSN 2611-8858



Confidentiality, Integrity and Availability of IT Systems as the Interest Protected by the Cyber-Crimes in the Spanish Criminal Code

The object of this paper is to study the legal interest protected by the crimes that punish certain attacks against information systems in the Spanish Criminal Code. Specifically, it concludes that the confidentiality, integrity and availability of IT systems is the protected interest. Once the existence and autonomy of this interest has been established, arguments are also put forward to justify the criminal policy need to criminalize conducts that harm or put in danger the said interest

Neutralization Theory: Criminological Cues for Improved Deterrence of Hacker Crimes

Delineating a profile for hackers and for cybercrime in general is a complex task. Yet, identifying a criminological theory capable of encompassing all the various “types” of hackers has become a necessity. The paper begins with a brief analysis of the three main macro-categories of hackers that have been defined at a scientific level (the so-called “black hat”, “gray hat”, and “white hat” hackers) and then proceeds to examine the compatibility of neutralization theory with the reasons behind the steep rise in cybercrime. The said theory – developed to describe the increase in juvenile crime in the US during the 1950s – points out a series of psychological processes that lead criminals to neutralize the moral and emotional counter-thrusts to delinquency. In a modern interpretation, these processes seem like a perfect fit for issues related to cybercrime. Through this re-proposal of neutralization theory, it becomes clear that a traditional manner of thinking of deterrence fails when it comes to repressing cybercrime, and that a multi-sectoral strategy is now required.

The Effects of Automation on Imputation Models: the Case of Online Platforms

Since the second half of XX century, thanks to the development of ICT and the opening to the public of the internet, automation has been applied for the first time. The new technologic medium significantly and profoundly evolved over the years, shaping new scenarios that need a proper regulation. With respect to the liability of a number of subjects, the complexity of the web poses several issues, especially with respect to criminal responsibility (if any) of the Internet service provider, i.e. private entities managing web services, whose role has deeply changed in recent years. Starting from the new legal framework at EU level, this paper aims to highlight the most recent developments on the topic. From the said perspective, a really controversial point refers to a criminal liability for omission of the ISP about the unlawful content uploaded by the users. Such a situation can induce scholars and the case law to rethink basic criminal law concepts, to be reshaped in light of the ICT peculiarities.

Crowdfunding @ ICOs: Commission Risk Prevention Needs of Crimes in the Era of the Digital Economy

In the last fifteen years, technological innovation has revolutionized the cultural and social aspects and the methods of consumption and production of products and services, transforming the web into a possible source of business for businesses. The regulatory “barriers” of the capital raising process requested by the banks and by the authorized financial intermediaries contributed to the affirmation of advanced financing instruments. Consider, in particular, Crowdfunding and ICOs, which are instruments of "disintermediation" of the collection of savings to finance, directly and without intermediaries, projects with global scale ambitions. It is clear that the opportunities that these new tools offer are accompanied by very serious threats, which intercept a worrying transmigration of entire sectors of economic and financial crime towards virtual space. In this perspective, technological innovation requires, today, the penal system to undertake a process of "de-individualization" of typical contrasting instruments, indeed, of a criminal law without a victim that aims to protect widespread and abstract interests.

Types and Features of Cyber Investigations in a Globalized World

The article discusses the issue of cyber investigations in a general perspective, identifying the elements that go beyond a specific national legislation. Three types of cyber investigations emerge (i.e. pretrial, reactive and reactive), contributing to outline a criminal system whose preventive and proactive character tend to increase. In addition, thanks to a reversal of perspective with respect to the traditional approach of the legal doctrine, rather than concentrating on the characteristics of digital evidence, the author focuses instead on the characteristics of the investigations aimed at gathering digital evidence. In particular, the main characteristics of these investigations (i.e. technical nature, transnationality and cooperation of private entities) are discussed and the fact that they can lead to structural changes of investigation activities is pointed out. Finally, the article identifies a new major challenge in automated investigations and proposes their bipartition in order to ensure the respect for fundamental rights.

La nuova fattispecie di “indebito utilizzo d’identità digitale"

La recente introduzione nel nostro codice penale della frode informatica aggravata dall’indebito utilizzo d’identità digitale pone una rilevante questione interpretativa. Nel presente contributo si analizza il rapporto tra la suddetta aggravante e quella di “furto d’identità digitale”, nonché le intersezioni con le fattispecie previste dal codice della privacy: mezzi diversi (e in cerca di autonomia) a tutela della “identità digitale”.

Verso una rivalutazione dell’art. 615 ter c.p.?

Integra il delitto di accesso abusivo ad un sistema informatico o telematico non soltanto la condotta di accesso ad un sistema informatico protetto senza autorizzazione, ma anche quella di accesso o mantenimento nel sistema posta in essere da soggetto abilitato ma per scopi o finalità estranei a quelli per le quali la facoltà di accesso gli è stata attribuita. In questi casi, infatti, il soggetto agente è stato ammesso dal titolare del sistema solo a determinate condizioni, in assenza o in violazione delle quali le condotte di accesso o mantenimento nel sistema non possono considerarsi assentite dall’autorizzazione ricevuta. (In motivazione la Suprema Corte ha precisato che, ai fini dell’integrazione del reato, rileva l’oggettiva violazione delle prescrizioni e dei limiti posti dall’avente diritto a condizione dell’accesso e non anche lo scopo – lecito o illecito esso sia – che ha motivato l’ingresso a sistema).