On October 26, 2010 Taiwanese prosecutor and Berkman Fellow Doreen Tu presented on web exceptionalism and the evolving treatment of computer-related criminal offenses in Taiwan.\u00a0 Doreen\u2019s lively and thoughtful presentation offered interesting insights into the practice of law in Taiwan, on a subject of transnational import\u00a0\u2014 as criminal impulses increasingly find their outlet online.<\/p>\n
[Apologies to all \u2014 and especially Doreen \u2014 for the delay in writing up these notes.\u00a0 Brad A.]<\/em><\/p>\n In 2003 Taiwan amended its Criminal Code to add a new chapter describing computer-related crimes.\u00a0 Prior to these amendments, Taiwan prosecuted computer-related offenses under the existing laws, which for the most part were adequate to reach online conduct of concern to prosecutors.\u00a0 A series of criminal complaints in the early 2000s put this assumption to the test, and ultimately the state determined that it needed computer-specific crimes on the books.<\/p>\n Doreen asked: do we need to define specific \u201ccybercrimes,\u201d or are cybercrimes simply an online manifestation of ordinary criminal conduct, albeit accomplished with different tools (and against different targets)?<\/p>\n For a period of time, the principal \u201ccybercrimes\u201d that had the attention of prosecutors in Taiwan were crimes with obvious \u201chard-copy\u201d analogues that perpetrators had carried over onto the Internet.\u00a0 The existing Criminal Code was appropriately enforced against online instances of fraud, illegal gambling, child pornography and copyright infringement.\u00a0 Efforts to prosecute unauthorized access to or destruction or deletion of electronic data required a further analytical step: the law was required to treat electronic data as \u201cproperty\u201d or \u201cdocuments.\u201d\u00a0 Nonetheless, once this interpretation took hold, the state could bring appropriate charges under the existing laws proscribing vandalism or theft.<\/p>\n Then \u201cLineage\u201d came along to challenge this paradigm.\u00a0 Lineage is a popular online computer game, and Doreen credits it for triggering the 2003 amendments to the Taiwanese Criminal Code.\u00a0 The game originated in South Korea \u2014 we\u2019ve translated the title to mean \u201cLineage,\u201d whereas in Chinese the game\u2019s title means \u201cHeaven.\u201d\u00a0 The game made a splash in Taiwan around 2000.\u00a0 It requires a user ID and password, and through gaming effort players obtain \u201cvirtual property\u201d (e.g.<\/em>, weapons, jewelry) that can be traded among the players.\u00a0 These properties are valuable enough \u2014\u00a0that is, they require enough of an investment of in-game time and effort to acquire \u2014\u00a0that they have real-world value to the players.\u00a0 As a result, websites have appeared to facilitate exchange of Lineage properties.<\/p>\n One especially valuable Lineage resource is the invisibility cloak, about which Doreen tells the following story:<\/p>\n A teenage Lineage player traded for an invisibility cloak.\u00a0 He later entered his user ID and password into Lineage, logged into the game, and found that he did not have it anymore.\u00a0 It had vanished.\u00a0 The player took his complaint to prosecutors.\u00a0 \u201cMy invisibility cloak was stolen,\u201d the youth told the Prosecutor on Duty, a colleague of Doreen\u2019s.\u00a0 The Prosecutor on Duty had no idea what to make of this, but following the investigator\u2019s handbook, he asked appropriate questions, including \u201cWhere did you last have it?\u201d\u00a0 \u201cHeaven,\u201d the complainant answered.\u00a0 This answer did little to relieve the PoD\u2019s confusion.<\/p>\n A cascade of similar complaints to Doreen\u2019s office\u00a0\u2014 each involving lost or stolen Lineage artifacts\u00a0\u2014 followed.\u00a0 A common element emerged: all of the victims had been playing Lineage in the same Internet caf\u00e9.\u00a0 Investigators came to understand that a single perpetrator had infected the machines, managed to obtain the user IDs and passwords Lineage players had entered at the cybercaf\u00e9\u2019s terminals, and, having appropriated the online identities of the users, disposed of their Lineage properties.<\/p>\n Prosecutors struggled to identify appropriate criminal charges for this conduct.\u00a0 The \u201cinvisibility cloak\u201d was an \u201celectromagnetic record,\u201d and therefore a form of property under Taiwanese law.\u00a0 A theft charge would stick, as a legal matter.\u00a0 And yet the government came to realize that the Criminal Code did not describe offenses that would reach the conduct prosecutors wanted to punish\u00a0\u2014 namely, the infection of the caf\u00e9\u2019s computers with malware and the abuse of third-party user authentication information. Infecting a computer with the malware necessary to swipe the ID information would not qualify as \u201cdestruction\u201d of or damage to property sufficient to support a vandalism charge.\u00a0 Likewise, there was no specific criminal charge available under Taiwanese law to punish the unauthorized access to another person\u2019s Lineage account.\u00a0 You could use that unauthorized access that to accomplish theft (as here), or, conceivably to defraud a third party.\u00a0 But the access itself was no crime.<\/p>\n Nor was the Criminal Code written to punish other, more advanced forms of cybercrime, like a distributed denial-of-service attack.<\/p>\n