Tapatybės vagystė elektroninėje erdvėje: technologiniai aspektai ir baudžiamasis teisinis vertinimas

LTStraipsnyje analizuojamas vienas iš sukčiavimo elektroninėje erdvėje etapų – neteisėtas disponavimas konfidencialiais asmens tapatybę elektroninėje erdvėje patvirtinančiais duomenimis. Straipsnyje apžvelgti ne tik technologiniai asmens identifikavimui elektroninėje erdvėje naudojamų duomenų neteisėto gavimo būdai, bet ir pagrindinės tokio pobūdžio nusikalstamų veikų kvalifikavimo problemos. Taip pat, atsižvelgiant į teismų praktiką, pasiūlyti kylančių tapatybės vagystės kvalifikavimo problemų sprendimo variantai. [Iš leidinio]Reikšminiai žodžiai: Asmens tapatybė; Tapatybės vagystės; Elektroninė erdvė; Personal identity; Identity theft; Cyberspace.

ENArticle analyses one of the stages of fraud in cyberspace, i.e. illegal disposal of confidential data proving personal identity in cyberspace. The specifics of fraud in cyberspace, particularities of identity verification in cyberspace and various e-services (e-banking, e-shops, etc.) allow us considering different issues concerning criminal legal assessment of illegal receipt of data, proving personal identity in the cyberspace, their possession at one’s disposal and use. The article discusses currently the most frequent illegal methods to receive data used for identification in cyberspace, such as phishing, pharming, malware, skimming. In addition, considering the evolving jurisprudence, various problematic aspects of qualification of such act are also discussed. According to the authors, only fraud norm, specified in the Article 182 of the Criminal Code of the Republic of Lithuania (hereinafter – CC), is insufficient for a comprehensive criminal legal assessment of fraud in cyberspace. Whereas such criminal act is related to various breaches of security of electronic data and information systems, in addition to the CC Article 182, the perpetrator should also be incriminated offences, specified in the CC Chapter XXX and (or) the CC Articles 215 and 214. Considering quite different qualification practice, identity theft problem solving options are suggested in the article. First of all, it is suggested to qualify the perpetrator’s actions, using various methods to receive data for verification of personal identity in cyberspace, as an independent criminal act. Depending on the chosen method, the features of criminal acts, specified in the CC Chapter XXX, may be determined in the act.Secondly, the article emphasises that if the perpetrator unlawfully receives data with all features, specified in the CC Article 214, the special norm, indicated in the CC Article 214 is applicable instead of the norms, indicated in the CC Articles 198 or 1982, in order to qualify his act. Thirdly, if it is determined that data, enabling identification of a consumer in electronic service system, have been illegally used for the connection to this system (thus breaching the security measures of this system), it is suggested to qualify such act pursuant to the CC Article 1981. And fourthly, it is concluded that dangerous act, featuring the initiation of illegal transaction, using data for verification of consumer’s identity for online payment measures, should be qualified by applying the CC Article 215, not 198. [From the publication]