An Act to amend the Crimes Act 1900 and the Criminal Procedure Act 1986 with respect to computer offences.
1 Name of Act
This Act is the Crimes Amendment (Computer Offences) Act 2001.
2 Commencement
This Act commences on a day to be appointed by proclamation.
3 Amendment of Crimes Act 1900 No 40
The Crimes Act 1900 is amended as set out in Schedule 1.
4 Amendment of Criminal Procedure Act 1986 No 209
The Criminal Procedure Act 1986 is amended as set out in Schedule 2.
Schedule 1 Amendment of Crimes Act 1900
(Section 3)
[1] Part 6
Omit the Part. Insert instead:Part 6 Computer offences308 General definitionsIn this Part:data includes:(a) information in any form, or(b) any program (or part of a program).data held in a computer includes:(a) data entered or copied into the computer, or(b) data held in any removable data storage device for the time being in the computer, or(c) data held in a data storage device on a computer network of which the computer forms part.data storage device means any thing (for example a disk or file server) containing or designed to contain data for use by a computer.electronic communication means a communication of information in any form by means of guided or unguided electromagnetic energy.serious computer offence means:(a) an offence against section 308C, 308D or 308E, or(b) conduct in another jurisdiction that is an offence in that jurisdiction and that would constitute an offence against section 308C, 308D or 308E if the conduct occurred in this jurisdiction.308A Meaning of access to data, modification of data and impairment of electronic communication(1) In this Part, access to data held in a computer means:(a) the display of the data by the computer or any other output of the data from the computer, or(b) the copying or moving of the data to any other place in the computer or to a data storage device, or(c) in the case of a program—the execution of the program.(2) In this Part, modification of data held in a computer means:(a) the alteration or removal of the data, or(b) an addition to the data.(3) In this Part, impairment of electronic communication to or from a computer includes:(a) the prevention of any such communication, orbut does not include a mere interception of any such communication.(b) the impairment of any such communication on an electronic link or network used by the computer,(4) A reference in this Part to any such access, modification or impairment is limited to access, modification or impairment caused (whether directly or indirectly) by the execution of a function of a computer.308B Meaning of unauthorised access, modification or impairment(1) For the purposes of this Part, access to or modification of data, or impairment of electronic communication, by a person is if the person is not entitled to cause that access, modification or impairment.(2) Any such access, modification or impairment is not unauthorised merely because the person has an ulterior purpose for that action.(3) For the purposes of an offence under this Part, a person causes any such unauthorised access, modification or impairment if the person’s conduct substantially contributes to the unauthorised access, modification or impairment.308C Unauthorised access, modification or impairment with intent to commit serious indictable offence(1) A person who causes any unauthorised computer function:(a) knowing it is unauthorised, andis guilty of an offence.(b) with the intention of committing a serious indictable offence, or facilitating the commission of a serious indictable offence (whether by the person or by another person),Maximum penalty: The maximum penalty applicable if the person had committed, or facilitated the commission of, the serious indictable offence in this jurisdiction.(2) For the purposes of this section, an is:(a) any unauthorised access to data held in any computer, or(b) any unauthorised modification of data held in any computer, or(c) any unauthorised impairment of electronic communication to or from any computer.(3) For the purposes of this section, a serious indictable offence includes an offence in any other jurisdiction that would be a serious indictable offence if committed in this jurisdiction.(4) A person may be found guilty of an offence against this section:(a) even if committing the serious indictable offence concerned is impossible, or(b) whether the serious indictable offence is to be committed at the time of the unauthorised conduct or at a later time.(5) It is not an offence to attempt to commit an offence against this section.308D Unauthorised modification of data with intent to cause impairment(1) A person who:(a) causes any unauthorised modification of data held in a computer, and(b) knows that the modification is unauthorised, andis guilty of an offence.(c) intends by the modification to impair access to, or to impair the reliability, security or operation of, any data held in a computer, or who is reckless as to any such impairment,Maximum penalty: Imprisonment for 10 years.(2) A conviction for an offence against this section is an alternative verdict to a charge for:(a) an offence against section 195 (Maliciously destroying or damaging property), or(b) an offence against section 308E (Unauthorised impairment of electronic communication).308E Unauthorised impairment of electronic communication(1) A person who:(a) causes any unauthorised impairment of electronic communication to or from a computer, and(b) knows that the impairment is unauthorised, andis guilty of an offence.(c) intends to impair electronic communication to or from the computer, or who is reckless as to any such impairment,Maximum penalty: Imprisonment for 10 years.(2) A conviction for an offence against this section is an alternative verdict to a charge for:(a) an offence against section 195 (Maliciously destroying or damaging property), or(b) an offence against section 308D (Unauthorised modification of data with intent to cause impairment).308F Possession of data with intent to commit serious computer offence(1) A person who is in possession or control of data:(a) with the intention of committing a serious computer offence, oris guilty of an offence.(b) with the intention of facilitating the commission of a serious computer offence (whether by the person or by another person),Maximum penalty: Imprisonment for 3 years.(2) For the purposes of this section, possession or control of data includes:(a) possession of a computer or data storage device holding or containing the data or of a document in which the data is recorded, and(b) control of data held in a computer that is in the possession of another person (whether the computer is in this jurisdiction or outside this jurisdiction).(3) A person may be found guilty of an offence against this section even if committing the serious computer offence concerned is impossible.(4) It is not an offence to attempt to commit an offence against this section.308G Producing, supplying or obtaining data with intent to commit serious computer offence(1) A person who produces, supplies or obtains data:(a) with the intention of committing a serious computer offence, oris guilty of an offence.(b) with the intention of facilitating the commission of a serious computer offence (whether by the person or by another person),Maximum penalty: Imprisonment for 3 years.(2) For the purposes of this section, produce, supply or obtain data includes:(a) produce, supply or obtain data held or contained in a computer or data storage device, or(b) produce, supply or obtain a document in which the data is recorded.(3) A person may be found guilty of an offence against this section even if committing the serious computer offence concerned is impossible.308H Unauthorised access to or modification of restricted data held in computer (summary offence)(1) A person:(a) who causes any unauthorised access to or modification of restricted data held in a computer, and(b) who knows that the access or modification is unauthorised, andis guilty of an offence.(c) who intends to cause that access or modification,Maximum penalty: Imprisonment for 2 years.(2) An offence against this section is a summary offence.(3) In this section:restricted data means data held in a computer to which access is restricted by an access control system associated with a function of the computer.308I Unauthorised impairment of data held in computer disk, credit card or other device (summary offence)(1) A person:(a) who causes any unauthorised impairment of the reliability, security or operation of any data held on a computer disk, credit card or other device used to store data by electronic means, and(b) who knows that the impairment is unauthorised, andis guilty of an offence.(c) who intends to cause that impairment,Maximum penalty: Imprisonment for 2 years.(2) An offence against this section is a summary offence.(3) For the purposes of this section, impairment of the reliability, security or operation of data is if the person is not entitled to cause that impairment.
[2] Section 428B Offences of specific intent to which Part applies
Omit from the Table to the section the matter relating to section 309 (2).
Schedule 2 Amendment of Criminal Procedure Act 1986
(Section 4)
Schedule 1 Indictable offences triable summarily
Omit “section 309 (2), (3) or (4) or 310” from item 14 of Table 1 (Indictable offences to be dealt with summarily unless prosecuting authority or person charged elects otherwise).Insert instead “section 308C (where the serious indictable offence to be committed is punishable by imprisonment for 10 years or less), 308D, 308E, 308F or 308G”.