Responsibility for attacks on the safety of computer information is established by Article 272 of the Criminal Code of the Russian Federation. 273, 274 standards provide for the consequences of violating the operating procedure of a PC, computer system (network), including with causing substantial harm. Let us further consider the particular imputation of punishments for these crimes.
Article 274 of the Criminal Code
This norm establishes liability for entities violating the operating procedure of means for processing, storing, redirecting protected computer data, information and communication networks, terminal equipment, the procedure for access to them, which resulted in blocking, destruction, modification, copying of information and causing significant damage. For these acts, the perpetrator is charged with:
- Fine up to 500 thousand rubles. or in the amount of his income for 1.5 g.
- Correctional work, lasting 6 months. - 1 year.
- Restriction of freedom.
- Forced work.
- Imprisonment.
The duration of the last three sentences is 2 years. If the above acts entailed serious consequences or created a danger of their occurrence, the guilty person is sentenced to forced labor for a period of up to 5 years or to imprisonment for a similar period.
Article 274 of the Criminal Code: comments
As the key object of the attack are public relations related to ensuring the security of the use of PCs, computer networks (systems). Accordingly, the subject of crime is equipment used to store, transmit, process computer information. The composition of the act has a material construction. When assessing an act, the criteria are used, which are established by Article 272, 274 of the Criminal Code of the Russian Federation . The first norm, in particular, defines the consequences of the destruction, blocking, modification of information.
Liability Specifics
Article 274 of the Criminal Code of the Russian Federation is applicable only if the violated rules were duly adopted, fixed and brought to the attention of the user. In other words, the requirements should be developed by specialists, drawn up in writing on paper and signed by management. Familiarization of the user, as a rule, is carried out under his list. Rules may be present in departmental regulations, regulations, instructions, and technical descriptions.
Types of Requirements
Rules for the operation of equipment for the violation of which Article 274 of the Criminal Code of the Russian Federation formulates a punishment may contain technical requirements or provisions governing the work with various system products. The first, for example, include requirements for humidity, voltage, electromagnetic field, and so on. The second is the provisions on the sequence of commands / operations, the prohibition on the implementation of certain procedures, the control of the compatibility of different software products, the mandatory performance of certain actions in the event of specific circumstances, etc. In addition, the rules may contain a description of organizational events. For example, it can be operations to back up information, requirements to use an uninterruptible power supply. The requirements for compliance with these provisions depend on the specifics of the operation of a particular enterprise.
Nuances
The crime, the punishment for which is established by Article 274 of the Criminal Code of the Russian Federation , is recognized as completed at the time of modification, blocking, destruction of computer data in such an amount that their absence causes significant harm to the user or data owner. Materiality in this case acts as an evaluation concept. The amount of harm caused by a crime in violation of the rules for the operation of equipment will be determined by the aggregate of all data available to the court. In the second part, Article 274 of the Criminal Code of the Russian Federation provides for penalties for acts that have caused serious consequences. Their list in the law is not disclosed. However, in practice, the provisions on consequences established in Article 273 apply.
Subjective part
Any sane citizen of 16 years of age can be held accountable for the crime in question. Moreover, he must have access to a PC, computer system (network). In the last two cases, the subject of the crime is special, endowed with the appropriate official powers. A person is held accountable not only on the basis of the fact that he has access to a PC, network or computer system. Of no small importance during the qualification is passing them familiarization with the rules or instructing in the operation of the equipment. This fact should be documented. There must be a connection between the consequences and actions of the subject. Acts for which liability is recorded in Part 1 of Art. 274, are classified as small, and in the second part - of moderate severity.