Prompted by the message by Mr. Brunnstein in RISKS-15.11, I thought RISKS
readers might find it interesting to know that a "Computer Crime" act is
currently under review by the Italian Parliament (to the best of my knowledge,
one of its two branches has approved it).
I have enclosed a tentative translation as well as the original text of the
article related to "malicious programs". The whole act also addresses other
issues such as unauthorized entry or possession of access codes, etc.
A bit of personal comment about the wording of the article: while the Swiss
text focuses on the concept of (lack of) "authorization" in order to define
the illegal behaviour of both people and programs, there is no such "keyword"
in the Italian proposal. Moreover, the provision against "programs ... having
the effect of ... damaging a computer or ... the programs or data contained in
... it" is even more RISKy. It seems to me that, besides viruses, most of the
bugs usually found in SW could fall under this article, since the
unintentionality is not regarded as a matter of exclusion from the punishment.
Having followed the VIRUS-L forum for a while, I am perfectly aware that it is
almost impossible to draw a satisfactory border between malicious programs and
legitimate ones, but I feel that this text misses the point by more than a
bit. Comments welcome.
Luca Parisi.
--Proposed Translation--
--Disclaimer: Please note that I'm not a lawyer, so people in the legal
field might find it inaccurate; feel free to correct it if needed--
Article 4 of the [Proposed] computer crime act:
[material deleted]
"Article 615-quinquies of the Penal Code (Spreading of programs aimed
at damaging or interrupting a computer system).
Anyone who spreads, transmits or delivers a computer program, whether
written by himself or by someone else, aimed at or having the effect of
damaging a computer or telecommunication system, the programs or data
contained in or pertaining to it, or interrupting in full or in part or
disrupting its operation is punished with the imprisonment for a term of
up to two years or a fine of up to It. L. 20,000,000."
--Original Text--
--Excerpt from: Camera dei Deputati - Disegno di Legge presentato dal
Ministro di Grazia e Giustizia (Conso), recante "Modificazioni ed
integrazioni alle norme del codice penale e del codice di procedura
penale in materia di criminalita' informatica." - N. 2773--
Art. 4 [omissis]
"Art. 615-quinquies. - (Diffusione di programmi diretti a danneggiare o
interrompere un sistema informatico). - Chiunque diffonde, comunica o
consegna un programma informatico da lui stesso o da altri redatto,
avente per scopo o per effetto il danneggiamento di un sistema
informatico o telematico, dei dati o dei programmi in esso contenuti o
ad essi pertinenti, ovvero l'interruzione, totale o parziale, o
l'alterazione del suo funzionamento, e' punito con la reclusione sino
a due anni e con la multa sino a lire venti milioni." [Luca Parisi via risks-digest Volume 15, Issue 13]
22:48
#
G!
