Unauthorised modification of data with intent to cause impairment is an offence under section 308D of the Crimes Act 1900, which carries a maximum penalty of 10 years in prison.
To establish the offence, the prosecution must prove beyond reasonable doubt that:
- You caused the modification of data on a computer
- The modification was unauthorised
- You knew the modification was unauthorised, and
- You intended by the modification to impair access to, or the reliability of, the security or operation of data held in the computer or were reckless as to any such impairment.
‘Data’ includes information in any form and any program.
‘Data held in a computer’ means:
- Data entered or copied into a computer
- Data held in any removable storage which was in a computer for a time, or
- Data held in any data storage device on a computer network of which a computer forms a part.
‘Modification’ of data means any alteration or removal of data or any addition to data.
‘Impairment’ of an electronic communication includes:
- The prevention of any such communication, and
- The impairment of any such communication on an electronic link or network.
‘Impairment’ does not include the mere interception of a communication.
A modification or impairment is ‘unauthorised’ if you were not entitled to cause it, however, your actions are not unauthorised merely because you had an ulterior motive for them, or if:
- You were an ‘authorised person’ such as a police or other law enforcement officer
- The computer or device was in your lawful custody, and
- Your actions were to preserve, or to prevent the concealment, fabrication, destruction or loss of, evidence of any offence.
Duress is a defence to the charge.