In the eyes of many people, programmers (coders, engineers) have high-paying jobs with lucrative incomes and are enviable, but in the eyes of criminal lawyers, this is also a high-risk industry that is extremely prone to legal risks.
Lawyer Shao has also represented many programmers in criminal cases:
The company's business operations were suspected of copyright infringement, and the programmers were implicated as employees;
The software company provided illegal website building services to customers, and the company's legal person was suspected of aiding and abetting the crime;
An overseas virtual currency exchange was suspected of operating a casino, and its programmer was arrested as a domestic employee;
…
The People's Court of Changping District, Beijing, recently published a case in which an employee used his position to obtain virtual currency for profit, constituting the crime of illegally obtaining computer information system data and was sentenced to three and a half years in prison . This article uses this case as an example to analyze the relevant legal issues.
Author: Lawyer Shao Shiwei
0 1
Case Brief
Zhang, who was a blockchain engineer at a network company and was responsible for the development of the company's blockchain project, learned that there was a large amount of Ethereum in the project account while participating in the company's project in July 2020. So Zhang took advantage of his work and asked his colleagues for program codes and private keys that were beyond his work authority on the grounds of "code learning."
According to Zhang, he once joined a "technical exchange group", shared the code and private key with the group, and invited group member Jack to crack the code and attack the company account to obtain 106.15 Ethereum. After that, Zhang used the Ethereum to "launder the currency", converted the Ethereum into other forms of currency, transferred it through multiple accounts, and then transferred it back to his own account.
The company quickly reported the theft of virtual currency in its account. Zhang argued that he only shared the code address and project information in the "technical exchange group" and that the Ethereum was transferred by others by scanning the private key, and that 18 of the Ethereum were given to him by Jack as the labor income for sharing code and other information.
The Beijing Changping Court held that Zhang violated regulations by asking others for program codes and private keys, illegally obtaining Ethereum information from the company's computer system, profiting from part of the Ethereum transactions, and illegally obtaining virtual currency information stored in the form of computer data in the computer system without permission. His actions constituted the crime of illegally obtaining computer information system data.
After calculation, Zhang made a total illegal profit of RMB 38,329.76. The court sentenced Zhang to three years and six months in prison for illegally obtaining computer information system data.
0 2
Lawyer's Comments
1. Aren’t virtual currency transactions not protected by law?
After being arrested in this case, Zhang argued that " a certain project developed by the company itself is a risky transaction and the risk should be borne by the company itself ."
"Virtual currency transactions are not protected by law, and risks are borne by the individual" is a court opinion that we often see in virtual currency civil dispute cases. Because transactions are not protected, the contracts and entrustment matters signed by both parties are invalid, and the court will therefore rule that both the plaintiff and the defendant bear corresponding responsibilities.
So what Zhang said was not wrong. But why was it not accepted by the court?
This is the "different treatment" of virtual currency in criminal and civil cases in the current judicial practice of currency-related cases.
In civil cases, such as lending, entrusted investment, mining, etc., the current court rulings are somewhat "lying flat", with both parties being punished and bearing their own risks. The purpose is to make people realize that virtual currency transactions are not encouraged in my country.
However, if virtual currency is stolen and reaches the criminal filing standard for related crimes, according to the consultations and cases handled by Lawyer Shao, as the judicial authorities' understanding of virtual currency continues to deepen, and judging from the reports of victims, the number of cases filed by the public security authorities in various places is also increasing. It can also be seen that in criminal cases, the property attributes of virtual currency are recognized and protected by the judicial authorities.
2. Why is it charged as a crime to illegally obtain data from a computer information system?
Continuing from the above, since the property attributes of virtual currency are recognized by judicial authorities, why was the case convicted of the crime of illegally obtaining computer information system data? This is actually a bit contradictory and a bit subtle.
The logic of convicting computer crimes is that even though virtual currencies such as Bitcoin, Ethereum, and Tether can be exchanged for money and have property attributes, which are recognized by judicial authorities, the courts are trying their best to avoid discussions about the value of virtual currencies when making judgments, and instead change their perspective:
From the perspective that virtual currency has data attributes (generated based on computing power), it is believed that virtual currency is an object protected by computer crimes. However, according to the following judicial interpretations of the two high courts, the data obtained from the computer information system should be "identity authentication information", such as account numbers, passwords, digital certificates, etc. The data attributes of virtual currency are obviously not included in the aforementioned scope.
The Supreme People's Court and the Supreme People's Procuratorate issued the Interpretation on Several Issues Concerning the Application of Law in Handling Criminal Cases Involving Endangering Computer Information System Security (2011)
Article 1 Illegal acquisition of computer information system data or illegal control of computer information systems, if any of the following circumstances exists, shall be deemed to be "serious circumstances" as provided for in the second paragraph of Article 285 of the Criminal Law:
(1) Obtaining more than ten sets of identity authentication information for online financial services such as payment settlement, securities trading, and futures trading;
(2) Obtaining more than 500 sets of identity authentication information other than that listed in item (1);
(3) Illegal control of more than 20 computer information systems;
(4) Illegal gains of RMB 5,000 or more or economic losses of RMB 10,000 or more;
(5) Other serious circumstances.
Paradoxically, although the court deliberately avoided arguments about the value of virtual currency when reasoning and sentencing, it was inevitable to price virtual currency when sentencing the parties (in this case, Zhang made a profit of 18 Ethereums. Based on the currency price in July 2020 at the time of the incident, it was determined that Zhang had illegally made a profit of more than 38,000 yuan), and the defendant was sentenced based on the pricing amount.
0 3
Attorney Shao Shiwei reminds:
Back to what was mentioned at the beginning of the article, why is programmer considered to be in a “high-risk industry”?
Nowadays, cybercrime is rampant. Every platform involved in the crime, such as gambling websites, gambling games, fraud platforms, pornographic software, etc., has a lot of website developers and operation and maintenance personnel doing technical support work behind the scenes. This requires programmers to have a certain ability to identify the platform they serve.
When providing services for legal and compliant purposes, the legal risks faced by programmers often come from embezzlement (as in this case), such as stealing company property by taking advantage of loopholes in the company system or taking advantage of their own convenience or work convenience. Therefore, programmers should stick to their professional bottom line, enhance their legal awareness and sense of moral responsibility, and avoid engaging in any form of illegal activities.
