IT
Italiano
EN
English
  • Search
Home

The United Chambers of the Italian Supreme Court regarding the unlawful access to an IT system

In the opinion of the Supreme Court there are two key points regarding the unlawful access to IT systems:

1) In spite of being authorized to access a certain IT system, a person can still be found guilty of this particular crime, if it is ascertained that the performed operation did not fall within the given authorization;

2) The competent Court shall be the one having its seat where the access took place.

The most recent rulings of the United Criminal Chambers of the Supreme Court focus, in fact, on the aforementioned issues.

With specific reference to the first one, the Supreme Court set the following principles of law:

-       The Public Official or the Public Service Officer who, despite being authorized and whose conduct seems to be in compliance with the formal requirements provided by the owner of the protected IT system (in this particular case, the Register of Criminal Offences), can be held liable of the crime described by the article 615-ter, second paragraph, n. 1, of the Italian Criminal Code, if he accesses or remains in the system for reasons different from those for which the right of access was attributed to him (United Criminal Chambers of the Supreme Court, decision n. 41210 of 2017); and

-       The offence of unlawful access to a protected IT system, ex art. 615-ter of the Italian Criminal Code, is committed when the person, authorized by the owner of a protected IT system, accesses and remains in the system, violating the conditions and the limits resulting from the requirements given by the owner for the purposes of limiting the access. The reason why the access to the system was made or maintained is not relevant to the prosecution of the criminal offence (United Criminal Chambers of the Supreme Court, decision  n. 4694 of 2011). 

As for the second issue, the Supreme Court declared the following principle of law:

-       The place in which the crime of unauthorized access to an IT system is perpetrated, as per Article 615-ter, is the one in which the person who carries out or maintains the abusive access is located. (United Criminal Chambers of the Supreme Court, decision n. 17325 of 2015).