Abstract
The Romanian Penal Code criminalizes as an offence misrepresenting false facts as being true, or of true facts as being false, in order to obtain undue material gains for oneself or for another, and if material damages have been caused. This is considered a ”classical” fraud. Meantime, the means of perpetration a fraud, in general, have evolved due to the large scale of utilization of information technology. As a consequence, computer fraud is criminalized. The paper tries to address the similarities and differences between the two offences that are more – or less, different forms of fraud.
Any utilization of computer in order to induce misrepresentation will trigger the applicability of article 249 – Computer fraud? Can the ”classical” fraud – misrepresentation be perpetrated through information technology?
Keywords: computer fraud, misrepresentation, property protection
The Romanian Penal Code criminalizes under article 244 first paragraph as an offence “misrepresenting false facts as being true, or of true facts as being false, in order to obtain undue material gains for oneself or for another, and if material damages have been caused”. The second paragraph of this article stipulates an aggravated form of the offence: ”Misrepresentation committed by using false names or capacities or other fraudulent means shall be punishable by no less than 1 and no more than 5 years of imprisonment. If the fraudulent means is in itself an offense, the rules for multiple offenses shall apply.” And, finally, within the third paragraph a special procedural provision is included: ”Reconciliation removes criminal liability.”
This is considered in a ”classical” fraud[2]. Meantime, the means of perpetration, in general, have evolved due to the large scale of utilization of information technology in our everyday life. As a consequence, in the present we have a significant number of offences that do criminalize conducts related to utilization of a computer system, as well as new means of perpetrations and, of course, new methods of investigation[3].
In this respect, the Romanian Penal Code includes expressly two categories of cyber crimes: In Title II – ”Offenses against property”, Chapter IV – ”Fraud committed using computer systems and electronic payment methods” (art. 249-252)[4], and Title VII – ”Offenses against public security”, Chapter VI – ”Offenses against security and integrity of computer systems and data” (art. 360 – 366)[5].
As concerning computer fraud, this offence in criminalized under article 249 of the Penal Code: ”Entering, altering or deleting computer data, restricting access to such data or hindering in any way the operation of a computer system in order to obtain a benefit for oneself or another, if it has caused damage to a person, shall be punishable by no less than 2 and no more than 7 years of imprisonment.”
The paper tries to address the similarities and differences between the two offences that are more – or less, different forms of fraud. Initially, due to the name of the offence it was considered that computer fraud is practically the ”computerized” form of misrepresentation, but if we look at the legal text and its interpretation, one can determine that the situation could be very different. Our attempt is important also from another perspective – ne bis in idem principle. The exact nature and features of the offence must be precisely determined and the exact, particular form of responsibility (civil, administrative or penal) must be triggered[6].
Both the offence of misrepresentation and computer fraud are regulated in Title II of the Criminal Code, entitled „Crimes against patrimony”, but in different chapters, the offence of misrepresentation being provided in Chapter III – “Crimes against property by breach of trust”, and computer fraud, in Chapter IV – “Frauds committed through computer systems and electronic means of payment”.
The offence of computer fraud was incriminated for the first time in Romanian legislation through Article 49 of Law no. 161/2003, as the provisions of the CyberCrime Convention signed at Budapest in 2001 were transposed in our legislation. Subsequently, the provision was included in the (new) Criminal Code, where at art. 249 provides for the crime of computer fraud.
The legal texts from article 49 of Law no 161/2003 and article 249 of the Criminal Code are almost identical and the new Penal Code does not bring any essential modification of the previous regulation as regarding the conditions of incrimination, there are no differences of regulation, the crime having the same content. However, only with regard to the sanctioning regime, the new Criminal Code provides for a reduction of the punishment limits, because if in the legislation prior to the entry into force of the new Criminal Code the crime was punishable by imprisonment from 3 to 12 years, according to the new regulation, the penalty is imprisonment from 2 to 7 years, which means that the latter is considered the lenient penal law.
From our point of view, to understand the similarities and differences between these offences we have to understand and to clarify what is the social value that is intended to protect under by criminalizing misrepresentation and computer fraud.
Why were needed two legal text? What is the reasoning of having two legal text?
The offence of misrepresentation is an offence that aim to protect the property of the persons (natural person or any legal entity) by safeguarding the trust in social relations[7]. One should not expect to be misled by another person at any time when they engage in social relations, irrespective of the nature of this relation. Trust (social trust) is a fundament of a civilized society. If we approach all our social relation without any form or level of trust then the effectiveness of those social relations would be minimum, because in each case you will need to be convinced that your partner is not misleading you. Of course, trust and precaution are not excluding each other, and people have to exercise both of them.
Meantime, the computer fraud aims to protect the property of the persons (natural person or any legal entity) by safeguarding the trust in computer systems – utilization of the computer systems. The juridical object of the offence is described in different wordings among the doctrine, but all of these wordings do refer to the correct, the trustfulness and/or to the integrity of computer systems[8]. From our point of view is there is a question of integrity of the computer system, then the matter is addressed by article – alteration of computer data.
The most effective solution in case of the juridical object of computer fraud is to consider its complex and ”pluri-offensive nature”[9]. The main goal is to protect the patrimony, but is case of criminalizing computer fraud this goal is achieved by ensuring the trust in the utilization of computer systems. The offence is perpetrated by certain means that affect the trust in the utilization of computer systems.
From this perspective, if we add the constant multiplication of the influence of computers in every day life then a break of trust in utilization of computer systems could be devastating to the entire society.
Who can imagine a present society without computer systems? And, on the other hand, if one does not trust the utilization of computer systems, he or she will have at least a constant suspicion of fraud or misleading or even damage caused by utilization of computer systems.
As regarding the subject of both offences, the law does not require any special features or conditions. The active subject of misrepresentation is usually a person that has a significant power to persuade other people, in most cases the active subject has a high degree of social cleverness in misleading the passive subject; meantime the active subject of computer fraud does not necessarily enter in direct contact or engage in social relation with the passive subject, but she/he possess computer skills in order to perfume the conduct criminalized by the law.
But, as regarding the passive subject we can argue that she or he could be considered at least is at least negligent. Others consider that in certain proportion also the passive subject contributes with his naivety and lack of self-protection to the success of the perpetrator[10].
The conduct of the active subject is directed to the mind of the passive subject, in order to mislead him about the appearance of the situation presented and to ear his misplaced trust. On the other hand, the conduct of the active subject in case of computer fraud is directed to the computer system that host the computer data which will be transformed.
The misleaded person could be different that the person that has suffered a patrimonial harm through missrepresentation, and also in case o computer fraud the passive subject could be multiple since besides the person that owns the computer system, the patrimonial damage could be caused also to other persons. As a consequence, in both cases the patrimonial damage could be caused not only the persons primarily afected by the objective conduct, but to other persons who will be considered passive subjects also[11].
Moving further and looking to the nature of the (objective) conduct we can determine that there are significat differences and a few intereferences:
If we compare the conduct (conducts) prescribed by article 244 and article 249 of the Penal Code we can determine the following differences and similarities:
a) The feature of the objective conduct is different. Article 244 speaks about “misrepresenting false facts as being true, or of true facts as being false”, meantime article 249 stipulates a number of alternatives such as: “entering, altering or deleting computer data, restricting access to such data or hindering in any way the operation of a computer system”. As regarding the last aspect, it is important to underline that within the Penal Code there is a definition of computer system and digital data, in article 181 of the Penal Code:Computer systems mean any device or group of (functionally) interconnected devices, where one or several of such systems ensure automatic processing of data, using a computer program. Digital data means any representation of facts, information or concepts in a manner which allows processing by means of a computer system.
Practically, misrepresentation can be performed through computer systems through the simplest manner – for example when the person is using a computer to transmit an offer that will mislead the beneficiary of that offer.
For example, even under the previous regulation, High Court of Justice and Cassation – Criminal Section, through decision no. 2106 of June 14, 2013[12] reasoned that “Fictitious online sales of goods, made through the platform specializing in online goods trading, which causes damage to injured persons misled by entering computer data about the existence of the goods and thus determined to pay the price of non-existent goods, meet the constituent elements of computer fraud offenses must be in art. 49 of Law no. 161/2003. In this case, the constitutive elements of the crime of deception are not met, as the crime of computer fraud presents a variant of the crimes of deception committed in the virtual environment, and art. 49 of Law no. 161/2003 constitutes the special norm in relation to art. 215 of the Penal Code, which constitutes the general norm, being applicable exclusively the special norm.” This decision is important because it stipulates a principle of specialty between the two offences, and considers the provision from misrepresentation as the general law[13], meantime computer fraud as special provision.
Furthermore, in other caselaw, based on the principle stated above, one of most good explained reasoning can be found in the decision no. 88 from 03rd of April 2018 issues by Medias City Court[14]. In this file the court received a request from the defense to change of the legal classification of the offence from the crime of computer fraud as regulated by art. 249 of the Criminal Code in the crime of misrepresentation provided by art. 244 paragraph 2 of the same code. The court considered ”act of placing advertisements on the sale of certain products which the alleged seller does not own or does not display for sale for the real purpose of alienating them, meets the constituent elements of the crime of deception, including a modern variant, adapted to the current context of the development of trade documents in electronic form; the use of its own computer system to place those sales offers, without entering, modifying or deleting the computer data, restricting access to this data or preventing in any way the operation of a computer system belonging to another person, could not represents something other than a fraudulent means of committing the crime of deception, incriminated in the aggravated form in paragraph (2) of art.244 C. pen”. The decision is correct since misrepresentation is carried out through electronic means of perpetration.
However, the two offences can be concurrent offence in case when the fraudulent means as stipulated under the second paragraph of article 244 could be classified a computer fraud. In this perspective, the courts should look very closely to the relation between the two offences in order to make the best decision within each particular file.
In this respect, we mention the decision no. 88/2014[15] issued by Vâlcea County Tribunal where the court sentenced the perpetrator for committing a multiple offence – misrepresentation (author) and computer fraud (accessory): ”The deeds committed by the defendant DC, consisting in the fact that he knowingly joined an organized criminal group, supporting one of the members of the group, repeatedly and on the basis of the same criminal resolution, between January and April 2009, to carry out the activities of deception consisting in misleading fraudulent transactions on the Internet, of the foreign nationals referred to, by opening in his name a bank account in which the victims were instructed to transfer the value of the goods subject to the transactions, as well as facilitating the appropriation by MV of the unjust material use, consisting in taking from the account these sums which, after deducting the agreed percentage, he handed over to the perpetrator of the above mentioned facts, meet the constitutive elements of the crimes continued by complicity in the crime of misrepresentation in conventions and of accessory in the crime of computer fraud and in ideal competition.” In the findings the court considered the computer fraud the means to perpetrate the misrepresentation.
In other case, decision no. 160/2020 Prahova County Tribunal the court ruled that the misrepresentation was carried out through forgery and not computer fraud, since the perpetrator falsified the documents as regarding the property documents as well as identity documents: ”based on a prior agreement, on 16.12.2015 he handed over to the defendant a forged identity document with the identity data of P and the photo of the suspect to collect the amount of 1931 euros from the exchange agency. The defendant signed the form attesting to the withdrawal of money on behalf of P and gave the amount raised to G, stopping a 10% commission. After receiving the amount, the defendant stopped a 10% commission, sending the difference to the person who had posted the ad. The money raised came from a computer fraud committed by another person, who had posted an advertisement on the Internet selling a Skoda car even though he had no right to the property.” although, initially the charge was computer fraud as well as forgery, the final decision was to change the classification into misrepresentation – and since there was a mediation and a conciliation with the victim as a result the perpetrator was convicted only for forgery.
b) the condition of obtaining undue material advantages for oneself or for another is present, although the wording is a little different, also in the legal text of computer fraud. It is important for both offences that the perpetrator to obtain a benefit for himself or for another person. Still, if we look closely, there is a slight difference – in case of computer fraud the legal text is referring to material benefit, and in case of misrepresentation the expression used by the law is “undue patrimonial damage”. It could happen that the damage caused by the computer fraud could refer to a benefit that is not contrary to the law, for example when that person did does have the right to obtain the benefit, but she/he did not exercise that right, and through computer fraud the perpetrator activates that benefit.
c) the condition of causing a damage is identical for both offences, and most of the doctrine considers that the legal text refers to material damage. But, in our opinion, we cannot excludedeplano also non-material damages such as moral damages as a secondary social value that is affected. In this case since still we have to have also material damage, otherwise we cannot talk about an offence against the property.
As regarding the subject element both offence must carried out with intent, and the purpose should be ”present” in the perpetrator s mind, since both legal texts require that the act must be performed in order to obtain material advantages for oneself or for another.
Finally, we have to underline other category of differences referring to the sanctioning conditions stipulated by the law. There are certain differences, misrepresentation in sanctioned with imprisonment from 6 mounts to 3 years in basic form and from 1 year to 5 year in case of aggravated form; meantime computer fraud is sanctioned with imprisonment from 2 to 7 years. Also, in cases of misrepresentation, there is the possibility that reconciliation removes criminal liability, and this institution is used very common the judicial practice, especially when the damage is recuperated. On the other hand, computer fraud is investigated by special body from prosecutor’s office, that also investigates organized crime and terrorism.
The conclusion of the paper would be that both offences have similar features since the legislator aimed to protect the property. But, we have to pay attention to the reasoning of the law, and to classify in a correct manner the act perpetrated using computer systems or involving digital data. Not in all cases when computer systems or digital data are used the offence is a computer fraud. Also, we have to bear in mind the possibility of multiple offence – misrepresentation and computer fraud, especially when misrepresentation is carried out using fraudulent means.
[1] Faculty of Law, University of Oradea (Romania), Assoc. prof.
[2] R. Bodea, B. Bodea, Drept penal. Partea Specială, ”Hamangiu” Publishing House, Bucharest, 2018, p. 273; Mihai-Adrian Dinu, Fraudă informatică sau înşelăciune?, available at: https://www.juridice.ro/517449/frauda-informatica-sau-inselaciune.html#_ftn1, last visited at 14.03.2021;
[3] C. Miheş, Consideraţii asupra necesităţii adaptării unor instituţii tradiţionale ale dreptului penal în condiţiile societăţii dominate de tehnologia informaţiei in F. Ciopec, L.M. Stănilă, I.C. Paşca (editors) – ”Previzibilitatea legislaţieiţi jurisprudenţei în materie penală”, “Universul Juridic” Publishing House, Bucharest, 2015, p. 103–117; L.M. Stănilă, Inteligenşa Artificială Dreptul penalţi sistemul de justiţie penală, Ed. “Universul Juridic” Publishing House, Bucharest, 2020, p. 65–71; also the EU position on Criminal Law did change: M. Pătrăuş, Drept european instituţional, Prouniversitaria Publishing House, Bucharest, 2018, p. 44-45.
[4] Within this chapter are included: Computer fraud; Making fraudulent financial operations; Accepting transactions made fraudulently
[5] Within this chapter are included: Illegal access to a computer system; Illegal interception of computer data transmissions; Altering computer data integrity; Disruption of the operation of computer systems; Unauthorized transfer of computer data; Illegal operations with devices or software
[6] About the posible conflict and the problems related to the enforcement of this principle please see: Elek Balázs, The “criminal nature” requirement – The dual administrative and criminal procedures, The Journal of Faculty of Law Oradea, issue no. 2/2020, p. 35-41; Krisztina Karsai, Transnational ne bis in idem principle in the Hungarian fundamental law, in C.D. Spinelis, N. Theodoraki, S. Billis, G.Papadimitrakopoulos (editors) – ”Europe in Crisis: Crime, Criminal Justice, and the Way Forward”, ”Ant. N. Sakkoulas” Publishers L.P., Athens, 2017, p. 409-440.
[7] G. Antoniu, T. Toader, Explicaţiile Noului Cod Penal, vol. III, “Universul Juridic” Publishing House, Bucharest, 2015, p.534; H. Kádár, Drept Penal. Partea Specială, Infracțiuni contra patrimoniului, ”C.H. Beck” Publishing House”, Bucharest, 2019, p. 150;
[8] G. Zlati, Frauda informatică aspect controversate, Universul Juridic Premium nr. 3/2020, available at: https://www.universuljuridic.ro/frauda-informatica-aspecte-controversate/accessed at 14.03.2021 ; H. Kadar, Drept Penal…, p. 202; G. Antoniu, T. Toader, Explicaţiile…, p. 599, V. Cioclei, Drept penal. Partea Specială I, second edition, ”C.H. Beck” Publishing House”, Bucharest, 2017, p. 380; Norel Neagu, Fraude comise prin sisteme informaticeţi mijloace de plată electronice – variante speciale ale infracţiunii de înşelăciune? in Revista Română de Drept Penal al Afacerilor nr. 3/2019 and Universul Juridic Premium nr. 2/2020, available at: https://www.universuljuridic.ro/fraude-comise-prin-sisteme-informatice-si-mijloace-de-plata-electronice-variante-speciale-ale-infractiunii-de-inselaciune/, last accessed at 14.03.2021.
[9] G. Zlati, Frauda informatică aspect controversate, Universul Juridic Premium nr. 3/2020, available at: https://www.universuljuridic.ro/frauda-informatica-aspecte-controversate/
[10] The perpetrators of deception – misrepresentation have to demonstrate a special capacity for persuasion, meantime the perpetrator of computer fraud must have IT/computer skills. Practically the consent of the victim in affected and is considered no longer valid both. Also, in Civil Law we have deception as a vice of consent (for details of this institution in Romania please see: F. Morozan, Drept Civil, partea generală, University of Oradea Publishing House, 2014, p. 174–175).
[11] Norel Neagu, Fraude comise prin sisteme informatice şi mijloace de plată electronice – variante speciale ale infracţiunii de înşelăciune? in Revista Română de Drept Penal al Afacerilor nr. 3/2019; Universul Juridic Premium nr. 2/2020.
[12] Available at: https://www.scj.ro/1093/Detalii-jurisprudenta?custom Query%5B0%5D.Key=id&customQuery%5B0%5D.Value=83717, last accessed at 14.03.2021.
[13] Misrepresentation could be also the ”general law” in cases of intelectual property violations, for details please see: Cristian Miheș, Carmen Oana Mihăilă, A Few Considerations Regarding the Criminal Protection of Intellectual Property, The Journal of Faculty of Law Oradea, issue 2/2018, p. 38.
[14] Available at: http://www.rolii.ro/hotarari/5ad5ead1e49009401f00003b; last accessed at 14.03.2021.
[15] Available at: http://www.rolii.ro/hotarari/599ea517e49009042d0009ce, last accessed at 14.03.2021.