Computer Hacking in Queensland
In today’s interconnected world, businesses and individuals are increasingly reliant on computer systems to store and transmit sensitive information.
The Landscape of Computer Hacking in Queensland
Queensland is said to have witnessed a surge in computer hacking incidents in recent years.
In 2022-2023 Queensland accounted for 30% of the nation’s cybercrime reports[1].
In layman’s terms, people can be accused of activities such as identity theft, ransomware attacks, and phishing scams.
The Offence of Computer Hacking in Queensland
Despite its prevalence, many people don’t appreciate exactly what constitutes computer hacking in Queensland.
The charge covers much broader situations than just the traditional image of a tech genius using their skills to access secret information.
Computer hacking is an offence under section 408E of the Criminal Code Act 1899 (Qld). This makes it an offence to use a restricted computer without the consent of the controller.
The maximum penalty for this offence is two years imprisonment.
Penalties for Computer Hacking in QLD
If the unauthorised use of the restricted computer causes or intends to cause detriment or damage, or gains or intends to gain a benefit, the offender commits a crime and is liable to imprisonment for 5 years.
If the unauthorised use causes a detriment or damage or obtains a benefit for any person to the value of more than $5,000, or intends to commit an indictable offence, the offender commits a crime and is liable to imprisonment for 10 years.
In addition to criminal penalties, individuals and businesses that fall victim to computer hacking may also pursue civil action against the person (or persons) responsible to recover damages and losses.
The elements of the offence of computer hacking are as follows:
(a) The defendant “used” a computer;
(b) The computer was a “restricted computer”; and
(c) The use was without the consent of the computer’s “controller”.
These are defined in section 408E(5) of the Criminal Code.
“computer” means all or part of a computer, computer system or computer network and includes, for example, all external devices connected to the computer in any way or capable of communicating with each other as part of a system or network.
“controller” means a person who has a right to control the computer’s use.
“damage” includes damage to any computer hardware or software and regarding information, any alteration, addition, removal or loss of, or other damage to, information.
“detriment” includes any detriment, pecuniary or otherwise, to any person.
“information” includes data, file, document, or computer language or coding.
“restricted computer” means a computer for which:
- a device, code or a particular sequence of electronic impulses is necessary in order to gain access to or to use the computer; and
- the controller
- withholds or takes steps to withhold access to the device, or knowledge of the code or of the sequence or of the way of producing the code or the sequence, from other persons; or
- restricts access or takes steps to restrict access to the device or knowledge of the code or of the sequence, or to the way of producing the sequence, to a person or a class of persons authorised by the controller.
“use“, of a restricted computer, includes accessing or altering any information stored in, or communicating information directly or indirectly to or from, the restricted computer, or causing a virus to become installed on or to otherwise affect, the computer.
Comment
Wise readers will note that restricted computers are not limited to devices controlled by a government body or a large corporation. Hacking can be said to have occurred with any computer that is found to be restricted, including an individual’s personal device in their home.
We have seen examples where people have been accused of computer hacking that falls short of this definition – i.e. the conduct does not meet the definition required by law for a conviction.
Put simply, innocent people can be wrongfully accused of computer hacking.
Recent Case
A recent example of how this offence applies to any situation is the case of Commissioner of Police v Punchard [2021] QCA 186.
In that case, the defendant was a police officer who pleaded guilty to computer hacking with respect to his accessing the Queensland Police Service computer systems to do up to nine “non-official” address checks using licence plates.
Although he was authorised to access those systems (and so was, himself, a controller in one sense, in that he had a right to use the computer), that authorisation only extended to access in connection with his official duties.
By using the police systems for private/non-authorised purposes, he was taken to have “used” the computer without the consent of the relevant controller, being the Commissioner of Police.
Recently Mark Williams represented an IT company in regional Queensland on charges of Extortion and Computer Hacking.
Charged with Computer Hacking? Seek Legal Advice
If you have been charged with computer hacking in Queensland, it is important to seek legal advice immediately.
We will work tirelessly to defend your case and ensure that you receive the best possible outcome.
Request a free online consultation or call our Gold Coast Law Office on (07) 5532 3133 or our Brisbane Law Office on (07) 3221 4999 for assistance from our team of expert Criminal & Civil Lawyers.
[1] Australian Signals Directorate Cyber Threat Report 2022-2023