Research On Data Crime From The Perspective Of Interpretation Theory

Under the background of the rapid development of big data and artificial intelligence technology,the number of illegal and criminal acts committed against data is increasing,and the types of illegal and criminal acts are constantly being renovated.Judicial officials often fall into the dilemma of judging the normative meaning of technical illegal criminal acts due to lack of professional computer network knowledge.It can be said that the breadth and depth of the current divergence in the field of data crime justice practice exceeds the normal threshold.Therefore,we should think about how to interpret the existing data crime criminal law norms in order to provide adequate criminal law protection for the increasingly important and ubiquitous types of electronic data.Based on this,this article chooses the following five aspects to study data crime:an overview of the basic issues of data crime,the current status of data crime judicial application and its causes,the protection of legal interest of data crime,the interpretation of the constitutive requirements of data crime,and the application of distinction between data crime and related crimes.The first chapter studies the “an overview of the basic issues of data crime”.Existing views on the concept and relationship of data and information can be divided into two levels and four types.The first level includes mixed use of data and information and distinguish between data and information,and the second level is set under the distinguish between data and information type,include three types: data range is larger than the range information,data range is smaller than the range information,and data range range cannot be compared with information range.Through the analysis of the positive law,in the fields such as civil law and administrative law,the early legislation has the problem of mixing use of data and information,while in recent legislation such as Cyber Security Law,General Principles of Civil Law and Civil Code,the concept of data and information are clearly used differently.In contrast,legislators distinguished the concept of data and information in the criminal law from the beginning,and set up criminal law provisions to protect data,such as paragraph 2 of Article 286 added when the Criminal Law was enacted in 1997,and paragraph 2 of Article 285 added in the Criminal Law Amendment(7).Therefore,The concepts of data and information should be distinguished in legal research.In addition,the relationship between data and numbers is relatively close.In the field of computer technology,the Arabic numerals “0 and 1” are arranged and combined according to binary coding rules,which can be transformed into electronic data with information bearing function.At present,There is a dispute over whether the data crime research is affirmative or not.Among them,the theory of negation should be denied because it has some problems,such as misunderstanding the differences between Chinese and German criminal legislation,underestimating the value of constructing computer crime system with data as the core,misunderstanding the significance of criminal law norms of personal information to identify standards,and so on.In view of the positive theory,it can be divided into broad sense theory,compromise theory and narrow sense theory.The broad sense theory is generalized and limited in meaning,so it should be denied.The compromise theory does not make a judgment on whether legal interest of data security has become a qualified legal interest of criminal law,which is the key word for defining the concept,so it should be questioned.The narrow sense theory takes into account the difference between the object of action and the protection of legal interest,using the object of action as the key word for defining the concept of data crime has reserved space for the debate on theories of legal interest of data crimes,so it is relatively more adoptable.However,although the narrow sense theory is based on statute law,it should be amended because it does not pay attention to the differences between Criminology and criminal law.In addition,taking the research approach as the standard,the positive theory of data crime can be divided into legislative theory and explanatory theory.The legislative theory is too flashy,the meaning is limited,and it is out of touch with practice.Therefore,this paper does not take this approach.The explanatory theory focuses on the interpretation of legal texts and pursues the proper application of norms,which is relatively more practical and adopted by this paper.To sum up,and combined with the investigation of the content of the statute law,the data crime can be understood from the perspective of interpretive theory as the illegal criminal act of obtaining,deleting,modifying or increasing the data stored,processed or transmitted in the computer information system in violation of national regulations,including Data-obtained crime(that is,the crime of illegally obtaining the data of computer information system)and Destructive data crime(that is,the criminal act of destroying the data of computer information system in Article 286,paragraph 2).Different from the previous definition,this definition takes into account the respect for the current criminal legislation,the distinction between the definitions of criminal law and criminology,and the emphasis on the legal attribute of data crime.The second chapter studies “the current status,problems and causes of the application of data crime justice”.Through empirical analysis,on the macro level,the judicial application of data crime has the characteristics of active judicial application,criminal purpose diversification,crime object generalization.The existence of these characteristics provides a practical value basis for the study of data crime interpretation theory,because in the growing number of data crime cases,judicial officials and other subjects have frequent differences in understanding of data crime,and these differences in understanding are exactly the problems to be solved by the study of interpretation theory.At the micro level,there are some problems in the judicial application of data crime,such as unclear understanding of the constituent elements and controversial qualitative behavior.These issues can be abstracted into three types: Firstly,the qualitative controversy of the same case is relatively large.For the same case,different litigation subjects,such as public security personnel,prosecutors,judges,lawyers and defendants,will come to different qualitative conclusions in different litigation stages.Among the 120 judicial precedents involving the crime of obtaining data,there are 38 judicial precedents with disputes over the application of the crime of illegally obtaining computer information system data and other crimes,accounting for 31%.There are 22 judicial precedents with disputes over the application of the crime in 49 cases involving the crime of destroying data,accounting for 44%.Secondly,the problem of different judgments in similar cases is prominent,which affects the implementation of judicial justice and the appropriateness of judicial judgments.Taking “stealing game currency”and “using Fiddler software to commit data crimes” as examples,it can be seen that for almost the same crimes,different Judicial officers often make different qualitative decisions on criminal acts.Even the judgments made by the same judicial person in the same type of cases also have opposite conclusions.Thirdly,there are different understandings on the form of the number of crimes.In the application of specific cases,there are often controversies about the application of one crime and several crimes.Taking the case of illegally obtaining computer information system data with citizen’s personal information attribute as an example,the judiciary puts forward different viewpoints in the judicial judgment,such as imaginative joinder of crimes,absorptive offenses,implicated offenses and combined punishment for several crimes.Through analysis,we can divide the causes of controversy over the application of data crimes into two types: appearance causes and essence causes.Among them,appearance causes means that the inadequacy of the interpretation and understanding of the constitutive elements of data crime by the existing criminal legislation,judicature and academic theories.For example,legislators used “national affairs,national defense construction,and cutting-edge science and technology fields” as the criterion to distinguish paragraph 1 of Article 285 and paragraph 2 of Article 285.However,there is no legislative interpretation of this term,and The Interpretation of Computer Crime formulated by the Supreme People’s Court and the Supreme People’s Procuratorate only puts forward procedural judgment standards,and there is no discussed about it in academic theory,which leads to the ambiguity of the applicable scope of the two clauses.Another example is that the new officials ignore old accounts in the judicial interpretations,which leads to the blurring of the boundary between crimes.There is an overlap between the interpretation of computer information system data in the 2011“Computer Crime Interpretation” and the interpretation of citizens personal information in the 2017 “Citizens Personal Information Crime Interpretation”,which leads to the unclear applicable boundary between the crime of obtaining data in paragraph 2 of Article 285 and the crime of infringing citizens personal information in Article 253-1.For another example,there are huge disputes about the understanding of the behavior object,behavior means,and behavior results of data crimes in academic theory,which lead to different judgments on the same or similar cases in judicial practice.However,the above-mentioned reasons are only appearance causes.The essential cause of the data crime judicial application problem is that the misunderstanding of the understanding of data crime protection legal interest in criminal law.By dividing the relevant legal interest theory into the traditional legal interest theory and the reflective legal interest theory,and dividing the traditional legal interest theory into the single legal interest theory and the plural legal interest theory,we can sum up more than ten different understandings about the legal interest of data crime protection.The dispute on the protection of legal interest of data crime directly leads to the difficulty in exerting the legislative critical function and criminal law interpretation function of data crimes,which in turn leads to the failure of legislators,judiciaries and researchers to make a correct understanding of data crimes.And,it finally leads to different forms of disputes in the judicial application of data crimes.The third chapter studies “ the legal interest of data crime”.After clarifying the difference of the concept of legal interest between the positive law and the former positive law,and that the concept of the former positive law is more reasonable,we can prove that data security is the legal interest protected by criminal law through the following judgment.First of all,data security is a useful interest for most people.Data security is the key factor to ensure the stable operation of economic production and national society in the macro level.In the micro level,data security is the first line of defense for personal security protection in Big data Era.And then,data security may be violated.In Big data Era,data security is not only vulnerable,but also the result of damage is gradually uncontrollable because of the time-space nature and technical convenience of data violations,as well as the vulnerability and vulnerability of data protection means.And last,data security has been protected by our criminal law.paragraph 2 of Article 286 of the criminal law of 1997 and paragraph 2 of Article 285 of the criminal law of 1997 clearly xingtake the data of computer information system as the object of protection.Therefore,it is the meaning of the criminal law of our country to understand the legal interest protected by protecting the data of computer information system as the legal interest of data security.Finally,the criminal law advocates protecting the legal interest of data security,which is not in conflict with the value goal of the constitution.On the contrary,it can be said that it is the concrete implementation of the basic rights to be protected by the Constitution,such as human freedom and dignity,stable economic and social operation,and national collective security and stability.After the above judgment,although data security can be called the interest protected by the criminal law,whether it belongs to the legal interest protected by the data crime in this paper needs to be further analyzed.Through the analysis of “computer protection regulations” and “network security law”,we can see that data security includes data confidentiality,integrity and availability.And,data security is not the direct legal interest infringed by data acquisition crime and data destruction crime.In the legal interest system,the system function security interests are at the same level as the data security interests,and their upper-level similar interests are system operation safety,and then higher-level similar interests are system safety.Specifically,data confidentiality is the legal interest of the crime of illegally obtaining data,which means that only the legally authorized users can access the data,restrict other people’s illegal access to the data,and pay attention to the confidentiality in the process of data storage,processing or transmission.In judicial practice,the common violations of data confidentiality legal interest include packet sniffing,phishing,recycle bin retrieval,key and mouse operation records,Trojan horse and so on.The integrity and availability of data is the legal interest of the crime of destroying data,which means that the characteristics of data can not be changed without authorization,and the data can not be illegally deleted,modified,added and other destructive operations,so as to ensure that the data will not be modified,damaged and lost in the process of storage,processing and transmission,and ensure that the data of computer information system is not damaged and complete Status.The common violations of data integrity legal interest in judicial practice include Samira attack,data spoofing tools,session hijacking and so on.Data availability refers to the feature that authorized entities can access and use data and resources when needed.The integrity of data is closely related to the availability,and the destruction of the integrity usually affects the availability,so the two can be put together for overall protection.Based on the comparative analysis of legal interest of data security,we can see that the theories of information security,system security,operation security,functional security,national management order and other different types of legal interest of data crime protection are unreasonable.In addition,when studying the legal interest of data crime protection,we should pay attention to the difference between the legal interest of data security and that of big data,network data,data information,etc.At the same time,it can be seen from the judgment of the newness of legal interest by taking the time of entering the law as the form and the concrete content as the real quality that the legal interest of data security has been focused by the criminal legislators of various countries in the early stage of the governance of computer crimes,rather than the new criminal legal interest that has been focused by the criminal legislators until the Big data Era.These conclusions should become the basic consensus of data crime research in China.The fourth chapter studies “legal interest and the interpretation of the constitutive elements of data crime”.In the aspect of behavior object,the different understanding of the behavior object of the crime of illegally obtaining data can be divided into expansion theory and limitation theory,and the different understanding of the behavior object of the crime of destroying data can be divided into justice theory and explanation theory.From the three aspects of legislative expression,legislative intent and judicial interpretation,the view of the expansion of the crime of illegally obtaining data should be denied.At the same time,the opinion on the limitation of the crime of illegally obtaining data and the crime of destroying data should also be denied,because the suggestion of restricting the interpretation of computer information system data will make the criminal law have loopholes in the protection of data security legal interest.In addition,the author also finds that the viewpoint that data crime has been pocket can not be established by examining the premise of argument held by the limit theorists.Because the increase of the judicial application of data crime can not prove that it has become a bag of mouth crime.Empirical research can not prove that the judicial inertia and judicial inertia exist in the judicial system.Although the legal penalty of data crime is slightly higher,it does not affect the judicial inertia and judicial inertia The crime of data destruction is shaped.Therefore,this paper believes that the computer information system data of the behavior object of data crime should be interpreted as all the data stored,processed or transmitted in the computer information system including cloud data and RFID data.In the aspect of behavior means,the crime of illegally obtaining data is a multiple behavior crime,including “illegal invasion / other technical means + acquisition”.Generally speaking,illegal intrusion is understood as the act of entering other people’s computer information system without authorization or beyond authorization.It can be seen that the key to understand illegal intrusion lies in the interpretation of unauthorized and beyond authorized.Some theories put forward that because our country’s legislation does not make clear the unauthorized or beyond authorization,there is also collective aphasia in the judiciary.Therefore,our country should learn from the United States,take the procedure code limitation standard as the only standard to judge unauthorized,and make a clear explanation of beyond authorization.However,this paper holds that the judgment of unauthorized and beyond authorization in criminal justice of our country is not arbitrary without standards.The common standard of procedure code limitation,service agreement limitation and agent rule have corresponding cases in criminal justice of our country,and the understanding of unauthorized and beyond authorization in Criminal Justice of the United States is not impeccable truth.Therefore,in practice,we should not be too superstitious about foreign practices.We should make a specific judgment on unauthorized and unauthorized cases.Using other technical means refers to the behavior of counterfeiting or setting up a false website,or using gateway deception technology,the actor does not need to enter other computer information systems to obtain other computer information systems to store,process or transmit data.At present,there is a view that the acquisition of the crime of illegal acquisition of data is equal to the acquisition in daily language.However,acquisition in daily language refers to control or possession,and the key point is the transfer of control.The key point of the crime of illegally obtaining data is the confidentiality of data.No matter whether the right of control is transferred or not,the way of downloading,copying,browsing,etc.can be evaluated as the acquisition of the crime of illegally obtaining data as long as it causes damage to the confidentiality of data.There are three kinds of behavior means of the crime of destroying data,such as deleting,modifying or adding.When we understand it,we should not take “may cause the complete loss of the utility of data use” as the standard,but recognize that the infringement of the legal interest of data integrity will affect the availability of data,and the damage of data availability can be divided into partial damage and total damage.Therefore,in a specific case,whether the integrity and availability of data are partially damaged or all damaged,it can constitute the crime of destroying data.In the aspect of behavior consequence,this paper holds that the following two points should be clearly recognized when explaining the seriousness of the crime of illegally obtaining data.Firstly,the serious circumstances are the elements of illegality,including the subjective and objective aspects.In the future,when “Two supreme judicial” explain the seriousness of the crime of illegally obtaining data can increase the data standard in addition to the existing objective elements(pay attention to the classification and proportion of the standard setting)and the number of computer information systems standard.In the subjective aspect,we can use “know or should know that others want to commit a crime” as the judgment standard of the seriousness of the crime of illegally obtaining data.Secondly,the judgment of the seriousness of the crime of illegally obtaining data should prevent the intervention of preventive punishment and meet the requirements of responsibility punishment.Having received administrative or criminal punishment,recidivism,voluntary surrender,meritorious service and other preventive circumstances can only be considered in the sentencing stage after the establishment of the crime.At present,the standard of the number of identity authentication information groups in the judgment standard of serious circumstances listed in the interpretation of computer crime should be deleted.Before the deletion,the requirement of the number of identity authentication information groups should be appropriately increased.The standard of illegal income and economic loss can be retained,but it should be restricted to interpretation.There are three understandings about the serious consequences of the crime of destroying data in the practical and academic circles:(1)it is necessary to destroy data and applications to a serious degree.(2)it is necessary to destroy the data to a serious degree.(3)it is necessary to destroy the data to the extent that the system function and operation are abnormal.Comprehensive use of interpretation methods such as literal interpretation,systematic interpretation and objective interpretation,we can see that the correct understanding of the second paragraph of Article 286 is that both before and after are the objects of criminal law protection,but the establishment of data crime does not require to infringe on both before and after protection,and the harmfulness of the behavior does not need to reach the degree that the computer information system cannot operate normally.At present,there are some problems in the interpretation of the serious consequences of the crime of destroying data in “the interpretation of computer crime”,such as the lack of a differentiated standard for determining the serious consequences according to the three items of Article 286,and the lack of data volume as the standard for judging the serious consequences.The same as the crime of illegally obtaining data,the interpretation of the illegal gains and economic losses of the crime of destroying data should be limited.It should be clear that the “necessary expenses for users to recover data and functions” need to be related to the direct economic losses,and the expenses paid by the direct economic loss person.Otherwise,it can not be evaluated as the economic losses caused by data crime.The fifth chapter studies “the distinction between data crime and related crimes”.Data crime and other computer crimes can be divided into three cases: firstly,data crime and the crime of illegally invading the system.The key to distinguish between the crime of illegally obtaining data and the crime of illegally invading the system lies in the reasonable interpretation of the meaning of “state affairs,national defense construction and the field of cutting-edge science and technology” in the first paragraph of article285.In the short term,the criminal law should make a limited interpretation to strengthen the protection of the legal interest of data security,so that more illegal access to data can be adjusted by the crime of illegal access to data,which is a felony.The distinction between the crime of destroying data and the crime of illegally invading the system is relatively simple.The illegally invading the system in the key field for the purpose of destroying data causes damage to the data smoothly.At this time,Intrusion into the system and data destruction constitute a implicated relationship.If the perpetrator is under the control of two different criminal intentions to carry out the behavior of invading the system and destroying the data,and both behaviors constitute a crime,it should be punished for several crimes.Secondly,the distinction between data crime and illegal control system crime.“Two supreme judicial” define the crime corresponding to the second paragraph of article 285 as “the crime of illegally obtaining computer information system data and illegally controlling computer information system”.However,the establishment of this selective charges not only does not conform to the principle of establishment because of the difference in the protection of legal interest,but also may lead to improper conviction and aggravation of penalty.Therefore,in the future,“Two supreme judicial”can consider setting up two independent charges against paragraph 2 of Article 285.Considering the guiding value of the judicial interpretation of “Two supreme judicial”,this paper holds that paragraph 2 of Article 285 should be interpreted on the basis of the legal interest of criminal law before “Two supreme judicial” makes any amendment.Because the direct legal interest infringed by the illegal acquisition of data and the system control behavior regulated in paragraph 2 of Article 285 are not the same,it is not a typical selective crime,and the possibility of the combined punishment for several crimes is not ruled out in the judgment.In detail,if the two acts performed by the perpetrator conform to the principle of implicated criminal law,the selective charge should be “quoted in full name” and given a heavier punishment within the range of statutory punishment.If the perpetrator is under the control of two independent criminal intentions to illegally obtain data and control the system,then the decomposed charges should be quoted separately and punished for several crimes.At the same time,considering that the legal interest protected by the various decomposed charges of this selective charge are not the same legal interest,therefore,when the perpetrator carries out two kinds of acts at the same time,because he does not meet the core requirement of the same legal interest of the standard of “cumulative calculation of the amount of crimes of the same kind”,so we should not make a cumulative calculation of the amount involved.In the differential application of the crime of destroying data and the crime of illegal control system,the legislative theory suggests that it can play a positive role in the process of legislative amendment in the future,but the key now is to clarify the relationship between the two crimes through interpretation,so as to promote the proper application of relevant criminal provisions.In dogmatics,illegal control should not be understood as the control that completely excludes the control of users.Even if the control that does not completely exclude the control of users is also the regulatory object of the crime of illegal control system.The key point of distinguishing between the crime of destroying data and the crime of illegally controlling system is not how to explain the relationship between “control” and “destruction”,but how to judge the legal interest.The former is to protect the integrity and availability of data,while the latter is to protect the exclusive use right of the information system obligee.Therefore,the key to determine whether the actor constitutes the crime of destroying data is to judge whether the actor has carried out the act of destroying data,and whether the corresponding act has damaged the integrity and availability of data.As for whether the act has violated the exclusive use right of the information system obligee at the same time,it is not the investigation content of the crime of destroying data.Thirdly,the distinction between data crime and the crime of providing procedures and tools.The first,it is necessary to make it clear that the legal punishment of the crime of illegally obtaining data is the same as that of the crime of providing procedures and tools.The second,the judgment of the harmfulness of criminal acts by providing special procedures and tools can not completely cut off the relationship with the assisted criminal acts.It only means that when it is impossible to find out whether there is a downstream crime,it can be criminalized directly according to the number and times of special procedures and tools.When the circumstances of downstream crimes can be identified,it should be used as a reference factor to provide special procedures and tools for judging the harmfulness of criminal acts.The judgment of the harmfulness of knowingly providing procedures and tools is closely related to the crime of illegally obtaining data.To constitute this crime,the perpetrator must know that the crime of illegally obtaining data is committed by others.whether the aided person commits an illegal act or a criminal act has an impact on the judgment of the harmfulness of the crime act.The first problem that distinguishes the crime of destroying data from the crime of providing procedures and tools is whether the assisted behavior of the crime of providing procedures and tools includes the crime of destroying data? From the perspective of balance between crime and punishment,we should give a negative answer to this question.The second problem is how to identify the provider who knowingly provides procedures and tools for others to commit the crime of data destruction,but the provider does not commit the crime of data destruction? Taking the illegal and criminal act of “knowing that others have used the application to intercept and tamper with the API call results to defraud the first order of hungry” and providing programs and tools for it as an example,it can be seen that if the perpetrator knows that others have committed a destructive data crime and provided programs and tools for him,the programs and tools provided do not have the ability to help others implement illegal intrusion data acquisition and system control function,criminal behavior can constitute destroy the data crime of joint crime.When the programs and tools provided have the functions of helping others to illegally invade the system,acquire data and control the system,criminal behavior can constitute a joint crime of the crime of providing programs,tools and the crime of destroying data at the same time.The judiciary should pay attention to the fact that even if the provider of procedure and tool does not commit the act of destroying data crime,what is excluded is only the possibility that the criminal behavior constitutes the principal offender of destroying data crime,not the possibility of helping to commit the crime.The key to distinguish data crime from other crimes committed by computer is to make clear the meaning of article 287 of the criminal law.This paper holds that the theory of legal fiction should be negated because it does not conform to the meaning of legislation,does not conform to the basic principles of legal fiction,may lead to light and serious crimes,and affects the realization of the dual functions of punishment and prevention.It should be denied that there are similar problems between the theory of attention regulations and the theory of legal fiction.Therefore,it is more reasonable to pay attention to the specific analysis of specific problems in the theory of attention regulations.Theoretically,the behavior regulated by article 287 of the criminal law can be classified as follows: firstly,the perpetrator carries out means behavior and purpose behavior under the control of the same criminal purpose.Means behavior is the use of computer information system,and purpose behavior is the i...