New Zealand

Crimes Amendment Act 2003 No 39 Part 1 s 15, of July 7th

‘Crimes involving computers

‘‘248 Interpretation
For the purposes of this section and sections 249 and 250,—
‘‘access, in relation to any computer system, means instruct,
communicate with, store data in, receive data from, or otherwise
make use of any of the resources of the computer system
‘‘computer system—
‘‘(a) means—
‘‘(i) a computer; or
‘‘(ii) 2 or more interconnected computers; or
‘‘(iii) any communication links between computers or
to remote terminals or another device; or
‘‘(iv) 2 or more interconnected computers combined
with any communication links between computers
or to remote terminals or any other device;
and
‘‘(b) includes any part of the items described in paragraph (a)
and all related input, output, processing, storage,
software, or communication facilities, and stored data.

‘‘249 Accessing computer system for dishonest purpose
‘‘(1) Every one is liable to imprisonment for a term not exceeding
7 years who, directly or indirectly, accesses any computer
system and thereby, dishonestly or by deception, and without
claim of right,—
‘‘(a) obtains any property, privilege, service, pecuniary
advantage, benefit, or valuable consideration; or
‘‘(b) causes loss to any other person.
‘‘(2) Every one is liable to imprisonment for a term not exceeding
5 years who, directly or indirectly, accesses any computer
system with intent, dishonestly or by deception, and without
claim of right,—
‘‘(a) to obtain any property, privilege, service, pecuniary
advantage, benefit, or valuable consideration; or
‘‘(b) to cause loss to any other person.
‘‘(3) In this section, deception has the same meaning as in section
240(2).

250 Damaging or interfering with computer system
‘‘(1) Every one is liable to imprisonment for a term not exceeding
10 years who intentionally or recklessly destroys, damages, or
alters any computer system if he or she knows or ought to
know that danger to life is likely to result.
‘‘(2) Every one is liable to imprisonment for a term not exceeding
7 years who intentionally or recklessly, and without authorisation,
knowing that he or she is not authorised, or being reckless
as to whether or not he or she is authorised,—
‘‘(a) damages, deletes, modifies, or otherwise interferes with
or impairs any data or software in any computer system;
or
‘‘(b) causes any data or software in any computer system to
be damaged, deleted, modified, or otherwise interfered
with or impaired; or
‘‘(c) causes any computer system to—
‘‘(i) fail; or
‘‘(ii) deny service to any authorised users.

‘‘251 Making, selling, or distributing or possessing software for committing crime
‘‘(1) Every one is liable to imprisonment for a term not exceeding
2 years who invites any other person to acquire from him or
her, or offers or exposes for sale or supply to any other person,
or agrees to sell or supply or sells or supplies to any other
person, or has in his or her possession for the purpose of sale
or supply to any other person, any software or other information
that would enable another person to access a computer
system without authorisation—
‘‘(a) the sole or principal use of which he or she knows to be
the commission of a crime; or
‘‘(b) that he or she promotes as being useful for the commission
of a crime (whether or not he or she also promotes
it as being useful for any other purpose), knowing or
being reckless as to whether it will be used for the
commission of a crime.
‘‘(2) Every one is liable to imprisonment for a term not exceeding
2 years who—
‘‘(a) has in his or her possession any software or other information
that would enable him or her to access a computer
system without authorisation; and
‘‘(b) intends to use that software or other information to
commit a crime.
Compare: 1961 No 43 ss 216D(1), 229, 244

‘‘252 Accessing computer system without authorisation
‘‘(1) Every one is liable to imprisonment for a term not exceeding
2 years who intentionally accesses, directly or indirectly, any
computer system without authorisation, knowing that he or
she is not authorised to access that computer system, or being
reckless as to whether or not he or she is authorised to access
that computer system.
‘‘(2) To avoid doubt, subsection (1) does not apply if a person who
is authorised to access a computer system accesses that computer
system for a purpose other than the one for which that
person was given access.
‘‘(3) To avoid doubt, subsection (1) does not apply if access to a
computer system is gained by a law enforcement agency—
‘‘(a) under the execution of an interception warrant or search
warrant; or
‘‘(b) under the authority of any Act or rule of the common
law.

‘‘253 Qualified exemption to access without authorisation offence for New Zealand Security Intelligence Service
Section 252 does not apply if—
‘‘(a) the person accessing a computer system is—
‘‘(i) the person specified in an interception warrant
issued under the New Zealand Security Intelligence
Service Act 1969; or
‘‘(ii) a person, or member of a class of persons,
requested to give any assistance that is specified
in that warrant; and
‘‘(b) the person accessing a computer system is doing so for
the purpose of intercepting or seizing any communication,
document, or thing of the kind specified in that
warrant.

‘‘254 Qualified exemption to access without authorisation offence for Government Communications Security Bureau
Section 252 does not apply if the person that accesses a
computer system—
‘‘(a) is authorised to access that computer system under the
Government Communications Security Bureau Act
2003; and
‘‘(b) accesses that computer system in accordance with that
authorisation.