Proving computer theft

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search

Proving computer theft

The California computer crime law contains a typical provision defining computer theft: "Any person who intentionally accesses or causes to be accessed any computer system for the purpose of:

  1. devising or executing any scheme or artifice to defraud or extort or
  2. obtaining money, property, or services with false or fraudulent intent, representations, or promises, is guilty of a public offense."FN22

Proof of computer theft pursuant to this statute will require:

  • Access: California, like most states defining the term, includes instruction of, communication with, storing data in, or retrieving data from a computer system in the definition of access. In essence, the definition is intended to cover virtually any interaction with a computer system. Consequently, it is likely that there will be proof that some form of access to a computer has taken place. The most difficult part of proof of access will be establishing that the defendant is the person who has made the access in question.FN23 Usually there is documentation to establish that the computer has been "accessed," or in its absence, circumstantial evidence in the form of testimony that but for access, property would not have been transferred to someone with no right to that property.
  • Computer system: Most computer crime prosecutions clearly involve access to a computer system.FN24 There are occasionally difficulties in applying the definition of "computer system" to paperwork that is intended to be used in a manual system, or to output from a computer system.
  • Purpose: The most difficult element of proof in many computer theft cases is intent. Though interpretations vary from jurisdiction to jurisdiction, the most appropriate starting point for defining intent is the law concerning federal wire and mail fraud statutes. Both are drafted in terms of a scheme to defraud. The federal statute, upon which most computer crime laws were based, was drafted with the language of the wire and mail fraud statutes.

To prove a violation of the mail fraud statute, and inferentially a computer crime statute using the same language, it must be demonstrated that the defendant had a specific intent to defraud. The specific intent required is an intent "to injure another to his or her own advantage by withholding or misrepresenting material facts."FN25 The defendant must be found to have known the representations were false, or he or she must be chargeable with some substitute for actual knowledge.FN26