On March 22, Congress sent to the Executive the bill on computer crimes, which defines eight new criminal offenses, repealing the old law that governed this matter and adapting the regulations to the provisions of the Budapest Convention.
The new norm -which will come into effect once the law is enacted and published- penalizes various conducts, updating our regulations to the current reality and at the same time establishing the criminal liability of the legal person when these crimes are committed within an organization. that it has not implemented adequate models for the prevention of these crimes.
Indeed, the old Law No. 19,223, which has been in force since 1993, typifies criminal figures related to computing. it sanctioned only four types of conduct (computer sabotage, computer espionage, the disclosure and alteration of data) and was manifestly outdated. Thus, this new regulation covers these facts from a more adequate perspective, considering the advancement of technology and the possibilities of criminal behavior related to information technology.
In this sense, the penalty for computer fraud stands out in the first place, one of the most anticipated figures by legal operators to sanction scams committed through computerized means, such as fraud at bank tellers. In turn, improper access to computer systems and the receipt of computer data is sanctioned, this being one of the newest crimes, which punishes those who market, transfer or store computer data obtained through the commission of access crimes. illicit, interception or computer forgery.Additionally, computer forgery is typified, which includes the malicious introduction, alteration, deletion or suppression that generates inauthentic data with the purpose of making them pass as “authentic or reliable” by a third party. Another of the new crimes is illegal interception, which penalizes anyone who improperly intercepts, interrupts or interferes with non-public transmission between computer systems.
For its part, the abuse of devices punishes the facilitator of technological means and computer tools that are suitable for committing the crimes of attacks on systems and data, illegal access and computer interception, as well as for the perpetration of conduct. Finally, the attack on the integrity of a computer system and the attack on the integrity of computer data are penalized.
One of the controversial aspects of the bill was the restriction imposed on ethical hacking, since the crime of improper access was typified in a general way, allowing the violation of computer systems only with the authorization of its owner. Thus, unauthorized access, even when performed for the ethical purpose of identifying failures in computer systems and reporting them to the owner for repair, constitutes conduct sanctioned by the legislator.
In consideration of this new regulation, it is recommended that companies carry out a risk assessment and adapt their crime prevention model in order to implement the appropriate mitigation measures to reduce the risk of committing these acts within them.
For more information and advice on the adaptation of crime prevention models for the incorporation of these new legal risks, you can contact:
Jaime Winter | Director Criminal Litigation Group | firstname.lastname@example.org
Eduardo Anguita | Corporate Group Director | email@example.com
Sofia Reizin | Associate | firstname.lastname@example.org
Florence Fuentealba | Associate | email@example.com
During September 2021, Law No. 21,369 was published in the Official Gazette of Chile, which regulates sexual harassment, violence and gender discrimination in the field of Higher Education. This responds to the different demonstrations that have been carried out, in recent years, in the different study houses throughout the country, in which protocols and sanctions were required in these cases.
Article 1 of the law clearly establishes what the objective of the law is: to promote policies aimed at preventing, investigating, punishing and eradicating sexual harassment, violence and gender discrimination; protect and repair the victims; establish safe environments free of sexual harassment, violence and gender discrimination, for all people who attend higher education academic communities.
The law requires higher education institutions to have a comprehensive policy against sexual harassment, violence and gender discrimination, which must contain a prevention model and a sanction model. In addition, it is required that all the levels that make up the higher education institution participate in the drafting of said policy.
Although many universities and professional institutes have been adopting policies in case of sexual harassment, violence and discrimination, Law No. 21,369 establishes a series of requirements that the policies must contain, which will be subject to control by the authority, therefore in more than one case, it will involve modifying existing policies.
For example, in article 5 of the law, the measures that the prevention model must contain are established: diagnosis of activities that are carried out within the respective institution and may imply a risk; set of measures aimed at preventing risks; awareness and information campaigns on human rights, sexual harassment, violence and gender discrimination; training for officials and academics; incorporate content on human rights, sexual harassment, gender violence and discrimination in the curricular plans; and, include the policies in the induction processes.
Higher education institutions will have until September 15, 2022 to implement the prevention models and sanction models and, once implemented, they are given a period of 90 days -extendable for 30 days- to perfect the models. and staff orientation or training.
From the Superintendence of Higher Education they have been emphatic that they will sanction the houses of studies that do not comply with a comprehensive policy against sexual harassment, violence and discrimination, as established by law, to the point that they will not be able to obtain their accreditation. institutional.
All of the aforementioned translates into an exhaustive process that higher education institutions must carry out. The implementation of a prevention and sanction model in accordance with the requirements established in Law No. 21,369 aims to prevent, sanction and eradicate sexual harassment, violence and gender discrimination, and ensure safe environments.
This is possible to the extent that all the stages involved in this process are met, and understanding that the work does not end once the prevention and sanction models are drawn up, but that implementation, training and constant review and updating are key to to ensure the objectives established by law.
For more information you can contact:
Rodrigo Albagli | Partner Albagli-Zaliasnik | firstname.lastname@example.org
Daniela Hirsch | Compliance Group Director | email@example.com