PEOPLES REPUBLIC OF CHINA

In China many cybercrime issues are covered in laws and regulations that refers to Internet related crimes. The two most important organizations responsible for internal and external security are the Public Security Bureau (PSB), responsible for the internal security, and the Ministry State Security (MSS), which handles external security. The responsibilities of the Public Security Bureau (PSB) are formally codified in: “Computer Information Network and Internet Security, Protection and Management Regulations”, approved by the State Council, December 11, 1997, and published December 30, 1997. But the responsibility for maintaining Internet security lies with the ISP’s, and violations by users will result in the cancellation of the ISP’s business license and its network registration, fines and possible criminal prosecution of both the company staff and the users, see Articles 20-23.

The Ministry of Information Industry (Department of Policies, Laws and Regulations) is one of the main institutions in the current law reform since 1996.

Criminal Law of the People's Republic of China
(March 14, 1997)

Article 285. Whoever violates state regulations and intrudes into computer systems withinformation concerning state affairs, construction of defense facilities, and sophisticatedscience and technology is be sentenced to not more than three years of fixed-termimprisonment or criminal detention.

Article 286. Whoever violates states regulations and deletes, alters, adds, and interferesin computer information systems, causing abnormal operations of the systems and graveconsequences, is to be sentenced to not more than five years of fixed-term imprisonment orcriminal detention; when the consequences are particularly serious, the sentence is to benot less than five years of fixed-term imprisonment.

Whoever violates state regulations and deletes, alters, or adds the data or applicationprograms installed in or processed and transmitted by the computer systems, and causes graveconsequences, is to be punished according to the preceding paragraph.

Whoever deliberately creates and propagates computer virus and other programs which sabotagethe normal operation of the computer system and cause grave consequences is to be punishedaccording to the first paragraph.

Article 287. Whoever uses a computer for financial fraud, theft, corruption,misappropriation of public funds, stealing state secrets, or other crimes is to be convictedand punished according to relevant regulations of this law.

HONGKONG

Telecommunication Ordinance

Section 27A: Unauthorized access to computer by telecommunication:

(1) Any person who, by telecommunication, knowingly causes a computer to perform any function to obtain unauthorized access to any program or data held in a computer commits an offence and is liable on conviction to a fine of $ 20000.
(2) For the purposes of subsection (1)-
(a) the intent of the person need not be directed at-
(i) any particular program or data;
(ii) a program or data of a particular kind; or
(iii) a program or data held in a particular computer;
(b) access of any kind by a person to any program or data held in a computer is unauthorized if he is not entitled to control access of the kind in question to the program or data held in the computer and-
(i) he has not been authorized to obtain access of the kind in question to the program or data held in the computer by any person who is entitled;
(ii) he does not believe that he has been so authorized; and
(iii) he does not believe that he would have been so authorized if he had applied for the appropriate authority.
(3) Subsection (1) has effect without prejudice to any law relating to powers of inspection, search or seizure.
(4) Notwithstanding section 26 of the Magistrates Ordinance (Cap 227), proceedings for an offence under this section may be brought at any time within 3 years of the commission of the offence or within 6 months of the discovery of the offence by the prosecuter, whichever period expires first.

Section 161: Access to computer with criminal or dishonest intent.

(1) Any person who obtains access to a computer-
(a) with intent to commit an offence;
(b) with a dishonest intent to deceive;
(c) with a view to dishonest gain for himself or another; or
(d) with a dishonest intent to cause loss to another,
whether on the same occasion as he obtains such access or on any future occasion, commits an offence and is liable on conviction upon indictment to imprisonment for 5 years.
(2) For the purposes of subsection (1) "gain" and "loss" are to be construed as extending not only to gain or loss in money or other property, but as extending to any such gain or loss whether temporary or permanent; and-
(a) "gain" includes a gain by keeping what one has, as well as gain by getting what one has not; and
(b) "loss" includes a loss by not getting what one might get, as well as a loss by parting with what one has.