On the crime of fraud in e-commerce - e-commerce
Relying on the development of the Internet, social economy, culture, and political life are undergoing an unprecedented change, and all kinds of Internet Crime poses a comprehensive challenge to this transformation that cannot be ignored. This article only puts forward its own views on the new characteristics of fraud crimes in e-commerce activities and is based on the standpoint of criminal law, in order to contribute to judicial practice and criminal law theory.
1. New features of the crime of E-fraud in e-commerce
The crime of fraud in e-commerce is to fabricate facts or conceal the truth through network information systems for the purpose of illegal possession. The act of defrauding a relatively large amount of property. In legal form, the crime of fraud in e-commerce spans the common crime of fraud and the crime of special fraud stipulated in the current criminal law, but in real life, it is just a manifestation of these crimes.
Traditional fraud crimes, using modern network technology means, generally fall into two categories: one is sending false information online to defraud the victim into agreeing to deliver a certain amount of property to the perpetrator; This category is the act of entering a specific network information system as another authorized person, adding and inputting certain information in the network information system, transferring the electronic currency owned or possessed by the authorized person to his own account, and then cashing it out. The former type of behavior is just a renovation of the behavioral means of the crime of fraud. From the perspective of criminal law, existing criminal law theories can be used to solve the problems. The latter type of objective behavior is different. It is very different from ordinary fraud and special fraud in criminal law. In order to distinguish it from the previous types of behavior in the scientific community and facilitate discussion, this article calls it E-fraud.
The main methods of using the Internet as a tool to commit crimes include: movable skylight, Trojan horsemanship, salami technique, data fraud, worms, logic bombs, impersonation, intrusion by opportunity, instrument scanning, and cracking Password interception information, etc. However, e-fraud only exploits some of these methods. In order to obtain electronic currency, perpetrators generally do not destroy information systems, but exploit technical weaknesses in the network to achieve their goals.
E-The main steps of fraud crime: the first step is to obtain authorized information. Authorized information includes access rights, such as the identity of the authorized person, usage rights, keys, and passwords. Methods to obtain authorized information include inquiring, tricking, collecting, etc., or using technology to intercept information. For example, actors can set up lines on the Internet or telephone networks, or install equipment that intercepts electromagnetic waves to obtain the transmission system. information. Some even obtain useful information by analyzing the parameters of the direction, flow, communication frequency, and length of information flow. The second step is to change the message. Such as changing the order and direction of information flow, adding, deleting, and changing information content. Because the network information system is affected by force, causing chaos in the operation of the equipment and facilities supported by it, or issuing erroneous instructions, the result is that electronic money in other people's accounts is transferred to the account opened by the perpetrator through the network. The third step is information redemption, that is, the actor spends the electronic currency in consumption or exchanges it for banknotes. This is because fraud is committed as a result.
Generally, the Internet is regarded as a virtual society, which is extremely important for understanding cybercrime. We might as well divide the places where cybercrimes occur into virtual space and real space. In this way, in addition to suspended crimes, E-fraud criminal activities also appear in three forms in criminal law: First, preparatory crimes that occur in the real stage , for example, the perpetrator seeks passwords and passes by analyzing the documents and papers abandoned by the victim. Second, preparatory crimes and attempted crimes occur in virtual space. Third, attempted crimes and completed crimes that occur in real space.
2. Targets of the crime of E-fraud
The crime of E-fraud and other types of fraud have different ways of obtaining property. In general fraud activities, the relationship between the perpetrator and a certain natural person is There is a certain communication of meaning, that is, "human-human dialogue"; but this is not the case for the crime of E-fraud. The perpetrators achieve the initial purpose more through "human-machine dialogue".
It is precisely because of the technical characteristics of human-computer dialogue that what the perpetrator obtains is only a digital symbol representing a certain amount of money. Therefore, there is currently no conclusion as to whether the object of this crime is data records, data carriers, or physical cash. When studying the use of computers to steal electronic funds, some scholars proposed that electronic funds should be used as the object of theft, so that the object of the crime is "electronic data records that exist in the electronic fund transfer system and represent certain asset ownership relationships."
. The reasons are: first, the content of the crime of theft should continue to expand with the development and progress of society; second, electronic funds are different from general knowledge information, and the funds in other people's accounts must be secretly transferred to one's own account through the computer First, the funds in the victim's account must be reduced accordingly, otherwise the computer will refuse to operate; third, electronic funds are the same in nature as valuable payment vouchers, securities, and negotiable instruments, and since the latter can be regarded as objects of crime , there is no reason to refuse to regard the former as the object of the crime; fourth, the criminal law and judicial interpretations have stipulated that electricity, gas, natural gas and telecommunications services are the objects of the crime of theft, and electronic funds should also be regarded as the object of the crime of theft; Fifth, classifying electronic funds as a crime object of theft will help protect financial property.
The essence of these reasons is to propose that intangible objects can be used as objects of crime. Indeed, some scholars advocate: "The object of a crime is a person or an object. An object is an objectively existing substance that is not subject to human will; the form of existence of an object is time and space, and the external manifestation of an object is a state; objects include tangible Objects and intangible objects.”
This seems to support the above point of view. Because in the final analysis, electronic money is an intangible thing, just like electricity, gas, natural gas and telecommunications services.
In the past, the author believed that the object of this crime was the carrier representing electronic money, such as electronic bills, electronic wallets, electronic wallets, etc., but now that I have carefully considered it, I feel that it is inappropriate, and I believe that money and things are still The object of the crime. The reasons are: first, to grasp intangible objects as criminal objects without distinction is to almost equate objects in criminal law with objects in the philosophical category. In this way, the scope of investigation of criminal targets will undoubtedly be expanded. There are also differences in the legal attributes and value attributes of intangible objects. Take electronic currency symbols and gas as examples. The possession of the former is a specific loss or loss of value, while the possession of the latter is not enough to indicate the loss or loss of value of the corresponding object. , after the person with authority discovers that there is a problem with the funds in his or her account, he or she can issue a notification to thwart the perpetrator's intentions. It is reasonable to regard the former as the object of crime, but it is difficult to establish the analogy between the latter and the former and thus regard it as the object of crime. Secondly, if electronic currency symbols are used as the object of crime, it will lead to a conclusion that is completely opposite to the general crime of fraud. Traditional criminal law theory believes that "the object of a crime refers to an objectively existing specific person or specific object that is affected by criminal acts stipulated in the criminal law provisions."
The object of a crime is not only a specific object, but also must reflect the object damage. If electronic currency is considered to be the object of a crime, that is to say, the perpetrator possesses the symbol of electronic currency, causing actual harm, that is, the crime is completed. As mentioned before, the crime of E-fraud is an isolated crime, and the time and place between the behavior and the actual harm may be inconsistent; in addition, the crime is a result crime, and the perpetrator's possession of digital symbols does not mean that he has obtained money. The key to the standard for the crime of fraud is that the perpetrator has obtained a large amount of property. Therefore, using electronic currency symbols as the object of the crime will advance the standard for the crime to be completed and expand the scope of punishment under the criminal law. Thirdly, the author believes that for the crime of E-fraud, it is necessary to distinguish between the criminal object and the behavioral object. As an object of behavior, it is the preliminary purpose that the actor hopes to achieve when performing the behavior. It is a symbol of the object of the crime. The object of this crime is electronic currency or digital symbols. There is also a difference between electronic money and electronic money payment methods. Common and legally significant electronic currency payment methods in nerd business activities mainly include the following types:
1. Electronic tickets.
Common electronic tickets include: user opinions and product demand questionnaires, product buyer information feedback and maintenance or warranty information feedback forms, product (commodity) quotation application forms, quotations, and order forms. It should be noted that Electronic Data Interchange (EDI) is constantly improving and developing, and its purpose is to completely realize the electronic transmission of tickets, also known as paperless trade. At this stage, due to traditional concepts and technical limitations, only electronic tickets and paper tickets can be used at the same time. But if we look at the long term, I can never deny the significance of electronic tickets for crime. In fact, in many countries and some economically developed places in our country, paper tickets have been reduced from their previous sole or primary status to a secondary or auxiliary status, which is very telling.
2. Electronic wallet. It is issued through the certification center of the network system, which includes certified credit cards, ID cards, etc. Users can use electronic wallets to complete operations anytime and anywhere, and personal, credit card, and password information are directly transmitted to the bank for payment settlement.
3. Smart card. It can make small cash payments directly in the network, and can download cash from bank accounts through the Internet, ensuring the convenience of using electronic cash. It can also have a password attached, making it secure to use. In addition, it also has functions such as identity authentication and issuing government benefits. For example, in schools, smart cards can be used to verify the identities of teachers and students; they can also be used as electronic currency to pay for meals, copies, laundry, etc., and even as dormitory keys. In the United States, an estimated 80% of financial transactions are paid electronically.
4. Electronic bills. Instruments include money orders, cashier's checks, and cheques. Electronic bills are mainly electronic checks. As early as 1995, some large banks and computer companies in the United States jointly developed and publicly demonstrated an electronic check transaction system using the Internet, and predicted that "this system may cause a revolution in banking transactions." Singapore has also developed Asia's first electronic check system in recent years. In our country, due to the restrictions of the Negotiable Instruments Law implemented in 1996, electronic bills are still blank. However, the author is convinced that with the establishment of the China Financial Certification Center and the determination of the legal status of digital signatures in electronic payments, coupled with the development of network technology and the strengthening of practical needs, electronic bills will definitely become an important means of payment in the future.
5. Electronic bank account. E-banking provides businesses or individuals with information inquiry, currency payment, savings business, settlement, online investment, financial management and other services. Among them, online payments such as savings and fund transfers for individuals and companies must go through the rights holder's account on the electronic bank. The author might as well regard electronic bank accounts as the basis for realizing electronic money transfers.
These means of payment are generally tangible, and they are the carriers through which electronic money can be transferred. In other words, without these carriers, electronic currency transfer cannot be realized. Furthermore, it can be said that perpetrators rely on these carriers to commit economic E-fraud. But they are not the subject of a crime. Because they do not directly reflect the violations suffered by the criminal object of property relations or economic order relations. If the perpetrator steals another person's smart card and he withdraws cash or uses it, there is a time interval. During this period, the original cardholder can report the loss to avoid property damage; or the perpetrator does not use the smart card, and the right holder's property will be lost. No losses were suffered. Therefore, what determines whether an offender will be held criminally liable is not the carrier of the electronic currency, but the actual possibility of taking or not using the electronic currency, and the extent of the harm he has caused to the property rights embodied in the electronic currency.
3. The unfinished state of E-fraud crime
(1) Regarding the start of the execution of the act.
The initiation of a crime is the boundary that distinguishes the preparation for a crime and the attempt to commit a crime. It refers to "the offender's commencement of the specific crime stipulated in the criminal law provisions."
So in the field of E-fraud, when or where does the execution begin? The author believes that, first of all, realistic link behaviors should be excluded. The reasons are:
First, the realistic link behavior does not have the characteristics of implementation behavior.
The beginning of the implementation of the act is the act of starting to implement the specific constituent elements of the criminal law. When judging it, we must consider not only the specific crimes stipulated in the law, but also the content and form of the committed act.
In other words, we must examine the formal and substantive legal characteristics of the behavior in a unified manner. Actual behaviors do not yet have the conditions to be close to the object of the crime, so it is impossible to cause harm to the object of the crime, and therefore do not have the harmfulness to carry out the behavior; and the behavior at this stage usually creates conditions for the behavior in the virtual phase. , more in line with the characteristics of crime preparation behavior.
Second, it is against the spirit of legislation to regard actual link acts as executive acts. Paragraph 3 of Article 196 of the Criminal Law stipulates: "Whoever steals a credit card and uses it shall be punished in accordance with Article 264 of this Law." Provides for conviction and punishment." That is to say, it will be punished as the crime of theft. With this provision, the author can infer that if the perpetrator only stole the credit card and did not use it, it should not be punished as a crime, at least regardless of the completed form of the crime. At this time, the property rights of the right holder have not been substantially damaged, but at most they have been threatened to a certain extent. To turn this threat into actual harm, the perpetrator must perform virtual actions. So the provisions of the criminal law are correct. It can serve as a reference for dealing with similar situations. Based on the same principle, if the behavior of stealing or defrauding other people's electronic signatures and digital passwords is treated as a crime, it will be contrary to the spirit of the criminal law.
Third, treating actual link acts as executive acts will cause embarrassment in judicial application. If the actual link behavior is regarded as the execution act, the preparatory behavior of the crime will undoubtedly be considered in advance, and some insignificant behaviors will be regarded as criminal acts, such as counterfeiting smart cards, which is a preparatory act. If it is regarded as the execution act, it will The previous purchase of materials will be regarded as a preparatory act for a crime, and criminal liability can also be pursued. The legal significance of this behavior is not significant, and it is inappropriate to treat it as a crime. In addition, if the implementation behavior is considered in advance, is the behavior in the virtual stage considered an implementation behavior? If it is, then there are two types of execution behavior, which will naturally disintegrate the criminal law theory and is not in compliance with the provisions of the criminal law; if not, it can only be regarded as a post-implementation behavior, and there will be no negative cessation of crime. If Even if the perpetrator did not perform the virtual sex act at all, the crime will still be considered a completed crime. This obviously makes no sense.
Secondly, the initial behavior of entering the network system is not an implementation behavior. Although the time between entering the network system and the perpetrator completing the online crime is extremely short, sometimes only a few seconds, it is still necessary to correctly understand the nature of this behavior. One of the reasons why it is said that it is not an act of execution is that the act does not have the nature of an act of execution. In order to complete a specific crime in the network, the perpetrator generally needs to enter a specific information system. Before that, he may need to log into other information systems with accessibility features. The second reason is that from the perspective of criminal policy, these behaviors are not considered to be of a practical nature and can help prevent perpetrators from further committing criminal acts. If the behavior at this stage is only preparatory, it will undoubtedly give the perpetrator plenty of time to stop committing the crime, subjectively prompting incomplete representation of his criminal intent. On the other hand, this will also help judicial organs fully identify the perpetrator's subjective state of mind and provide more credible evidence for punishing crimes.
The author believes that only the virtual link behaviors implemented after entering a specific information system are implementation behaviors. The reasons are: 1. The act has the reality of infringing the object of the crime. If it is not affected by other factors, it will be completed; 2. The act has the characteristics of an execution act in criminal law, that is, it is a direct act that causes the constitutive element. .
(2) Regarding attempted crime
There are many opinions in the academic circles regarding the criteria for distinguishing completed crimes from attempted crimes, such as "criminal purpose realization theory", "criminal result occurrence theory", " "The elements that constitute a crime are all in place" and so on. Although the last view is currently dominant, other different views still exist.
In order to more accurately identify the completion state of a crime, the "Complete Theory of the Complete Elements of a Crime" further distinguishes two situations: consequential crimes (including dangerous crimes) and behavioral crimes (including behavioral crimes). E-When it comes to the completed form of the crime of fraud, it is first necessary to distinguish between the crime of result and the crime of conduct.
For consequential offenders, the occurrence of statutory harmful consequences or the emergence of a statutory dangerous state is the criterion for the completion of the crime. However, does this result occur in virtual space or in real space? For example, if electronic currency is stolen, is it the result of the electronic currency being transferred from one account to another, or is it the result of the actual property of the right holder being reduced? The meaning of this question is self-evident. The author advocates that the result of the crime in real space should be used as the standard for the completion of the crime. The reasons are:
First, this is consistent with the spirit of modern criminal law. Modern criminal law is based on the function of protecting society and taking into account the function of protecting human rights. The two cannot be neglected. In order to achieve this goal, in criminal legislation, we do not adopt a one-size-fits-all approach, but distinguish different types of crimes. On the boundary of completed crimes, some require specific harmful results, some require specific dangerous states, and some only require It requires the implementation of a certain behavior, and some even only require a certain action. This is because the function of criminal law can be balanced by taking into account the differences in social interests reflected in various social relationships. The object of the E-fraud crime does not go beyond the scope of general crimes. Therefore, in terms of grasping the results, if it deviates from the requirements of other crimes and determines other standards, it will destroy the balance point of the current criminal law and will inevitably be inconsistent with the modern criminal law. Mental conflict.
Second, there is still a separation in time and space between the results of virtual space and reality. The result of the virtual stage is only a change in the meaning or information data of the rights record. Whether it will inevitably damage the rights and interests of the right holder must also depend on the perpetrator's further deepening of the behavior, resulting in real property infringement of the right holder, thereby causing actual property infringement. The actual results are real, and the deepening method of behavior can be completed by the actor himself, by others, or by tools. Only at this stage, the actor can also make new actions, such as making a new action, to cancel the virtual results caused by the previous action and restore it to the original state. In this way, it is difficult for rights holders to realize that their rights have been threatened, and a certain legal order will not be disrupted. From a criminal policy perspective, it also helps perpetrators stop committing crimes.
Third, and what most scholars worry about, is that if cybercrimes are handled in the above-mentioned way and illegal acts committed in the network system are not punished, it will be tantamount to encouraging perpetrators to commit crimes. There's no need to worry. The author can combine the preparatory form of the crime and the crime of damaging computer information systems and punish them based on the principle of dealing with implicated offenders.
For behavioral crimes, it only requires that the perpetrator's execution of the act meets the conditions stipulated in the criminal law to constitute the completion of the crime. Therefore, it cannot be said that the crime was completed.
3. The distinction between fraud and theft
According to the traditional criminal law theory, the distinction between fraud and theft does not seem to be a big problem; however, the use of credit cards after theft and theft are blank. There have been different views on the qualitative nature of invoices, checks and other blank documents of value and their subsequent use. Some provisions made after the promulgation of the new criminal law and relevant judicial interpretations have clarified some of these entanglements, and have made the distinction between theft and fraud more clear. For example, Article 196 of the Criminal Law stipulates: "Anyone who steals a credit card and uses it shall be convicted and punished in accordance with the provisions of Article 264 of this Law." However, with the advancement of science and technology, originally simple problems have become complicated in the field of online finance.
Credit cards are the earliest carriers of electronic money. Today, carriers that embody electronic money also include other electronic wallets, electronic bills and smart cards. Therefore, the methods of crime are even more complex and diverse. For example, in Japan, there are cash automatic teller machines (ATMs) everywhere that are connected to the national network and are connected to various banks. ATMs and credit cards are very popular; crimes against ATM cards are also quite rampant.
From stealing other people's ATM cards and then deciphering the password, then withdrawing cash, to forging the main ATM card, and then to "online crime" of directly stealing account funds through network connection to the bank's computer information system.
There is also another method that perpetrators often use to commit crimes, which is to monitor the victim 24 hours a day somewhere, take the opportunity to steal their account number and password, and then use these stolen account numbers and passwords to steal the victim's information online. The electronic money is transferred to your account.
The difficulty lies in the fraudulent nature of the virtual link and the theft of the real link. The virtual link takes place on the Internet, and the real link takes place in the real society.
In order to prevent cybercrime, a complete set of security technologies is generally set up in virtual links. The first is the password mechanism. Encrypting information is the most commonly used secure transaction method, which can prevent unauthorized leakage of information during transmission and storage, interception, illegal access to databases and other threats. The second is digital signature technology. It is a set of passwords. When the sender sends a message, he sends this set of passwords. After the recipient receives the message, he performs calculations based on the rules agreed upon by both parties to determine the identity of the sender. In essence, it is similar to a signature on paper, which not only confirms that the message was sent by the signer, but also proves that the message has not been modified in any way from the time it was issued to the time it was received. The third is the timestamp. The date a document is signed is just as important as the signature. In electronic transactions, digital timestamps can provide security protection for the publication time of electronic documents. The fourth is the authentication mechanism. It is used to confirm the authenticity of the identity of the counterparty. The fifth is the firewall. This is a rather defensive technical measure. It is the only information channel between different networks or network security domains, and is responsible for preventing external attacks. However, these security technologies are by no means perfect, and every technology has flaws, which provides opportunities for online fraud. For example, tampering with the digital signature of other people's electronic bills, or changing the textual content of electronic bills, or defrauding electronic cash from electronic banks.
In order to obtain or misappropriate other people’s electronic money, there are two methods that actors can adopt in the virtual space: one is to destroy the normal operation of the information system and take the opportunity to achieve the goal; the other is to impersonate other rights People deceive the trust of "system administrators" to obtain or use the electronic currencies of other rights holders. The possibility of using the first method to achieve the goal is almost zero in the network field, so the second method is common. In this case, deceptive means must be used. In order to make deception more effective, it is undoubtedly what the perpetrator pursues to obtain the right holder's password, signature and other real information as soon as possible. Some actors use technical methods to decipher the rights holders' passwords on the Internet and obtain their relevant information; others use traditional theft methods to obtain these key information. In the latter case, theft and fraud coexist.
In this regard, based on the provisions of our country's criminal law, combined with traditional criminal law theory, and fully considering the characteristics of electronic money, to distinguish whether a certain behavior is the crime of theft or fraud, we must consider the practical link in which it occurs. nature of behavior. Because through the previous analysis, the author can see that most of the behaviors that occur in the virtual space are of a fraudulent nature, but if all network economic crimes are treated as fraud, it is obviously inconsistent with the provisions of the law; in addition, from a legal point of view , the crime of theft is a felony compared to the crime of fraud. When the two conflicts occur, they must be treated as implicated offenders and should be classified as the crime of theft. Furthermore, if the behavior that occurs in the actual link is fraud, the subsequent virtual link will constitute the crime of fraud; if the behavior that occurs in the actual link is theft, the subsequent virtual link will constitute the crime of fraud. constituted the crime of theft.
Every time the drawer issues a bill, he first digitizes the content of the bill, and then uses the saved key and link to encrypt the message and obtains an authentication code, which is used as a certificate of authenticity of the bill and is transmitted to the bill together with the bill. Payee. The payee repeats the same calculation process and gets another identification code. As long as the two identification codes are the same, the bill is considered authentic. Since the authentication code is a function of the key and the message, any change in the message will change the authentication code, and the authentication code cannot be calculated without using the key. As a result, the traditional explanation has almost no application value. At this time, it will be difficult, perhaps impossible, to forge rights, but it may be difficult to distinguish the content of alteration from traditional forgery.
The author believes that it is not so much the forgery of electronic signatures as the fraud of electronic signatures. Only when the electronic signature of the perpetrator and the electronic signature of the right holder must be consistent will there be any real consequences of infringement of legal interests. In order to achieve this result, the perpetrator must do everything possible to obtain the electronic signature data of the right holder, and the method can only be characterized by fraud.
/lunwen/xingfa/200603/19992.html
/hudong/lue/MANAGE/articleshow.asp?id=2201