Substantive Computer Criminal Law

With the invention and establishment of the PC, in particular with the development of the Internet, information technology has significantly changed our society in many areas. Due to the enormous potential of data processing in all respects, criminal acts with respect to information systems and its data but also the penal legislation concerning such systems and data did rapidly increase over the past few years. Objects of offence, just as the tools used for committing crimes, have changed considerably. They are not anymore of merely physical nature, but they are also ubiquitous information units in the form of digital data. Modern information technology systems are based on a quite multifaceted technology that is susceptible to manipulation, nor are there any national borders with respect to the technical environment. Information technology and its applications in criminal law indicate specific problems and challenges, in particular for legal policy, legal dogmatics, criminal tactics, and computer or data forensics. The aims of the present study are to describe the modern forms of cybercrime, and to analyze the substantive computer-specific offences as captured by the Austrian Penal Code, from the perspective of specific literature and, as far as available, relevant judgments. In addition, International and European legal acts are also considered in this elaboration. Based on the debate on the terms "cybercrime or "computer criminal law" and the concept of data as specified in the Austrian Penal Code, the specific substantive computer-specific offences, including the penal provisions of the Data Protection Code concerning the criminal protection of personal data, are presented and systematically discussed. Furthermore, the applicability and effectiveness of the relevant penal provisions with regard to the modern phenomena of computer crime (such as denial-of-service attacks, hacktivism, malware, cyber terrorism, cyber stalking, cyber grooming, child pornography, abuse of the payments, phishing, skimming, data tampering and so on) are analyzed. These considerations contain the authors approaches, which differ in various respects from prevailing opinions. Finally, the important results are summarized in detail, which gives rise to the postulation of five general theses on how to improve the discussed legal provisions.