.jpg?v=4)
The Convention on Cybercrime was entered into in Budapest, the capital of Hungary, on November 23, 2001. This Convention was signed by the States belonging to the Council of Europe plus Canada, Japan, South Africa, and the United States of America. As stated in the preamble of the Convention, it was created because of the need to combat cybercrime through appropriate legislation. It also recognizes the importance of acknowledging the risk of using technology to commit crimes.
Because of this convention, Law 1273 of 2009 was enacted in Colombia, which added nine cybercrimes to the Colombian Criminal Code to protect data and computer programs, just as material goods are protected from deliberate damage. However, although these crimes have not been further developed by the Supreme Court of Justice of Colombia, Fernando León Bolaños Palacio in a judgment of August 3, 2022 (SP2699-2022) developed the characteristics of the crime of informatic damage (Section 269D of the Colombian Criminal Code).
This criminal offense establishes that whoever is not authorized to destroy, damage, delete, deteriorate, alter, or suppress an information system or computer data and does so will be sentenced to a prison term of 48 to 96 months plus a fine that may vary between 100 to 1000 legal monthly minimum wages in force. For example, if a worker in the human resources area of a company is dismissed and on his last day of work decides to delete files from the sales area as revenge for his dismissal, he could incur in the commission of this crime under the modality of "deleting" data.
Situations such as these demonstrate the need for greater awareness in the prevention of conduct that threatens computer systems. This means that companies must create mechanisms to prevent and reduce computer risks. This can be done through simple actions, such as changing passwords on a regular basis, creating security policies, constantly monitoring who accesses the documents, and even installing an antivirus.
However, regardless of whether it is a large, medium, or small company, all of them, can become victims of these crimes. Therefore, from the very beginning, it is extremely important to protect oneself in the best possible way to reduce these risks. In the legal sphere, one of the purposes of criminal law is general prevention, which is understood as the implementation of measures so that the general population avoids committing certain acts. This figure is relevant to the introduction of these crimes, since by raising awareness of their existence and their consequences, potential criminals may be persuaded to avoid committing such acts knowing that they may end up in prison. However, there will always be those who are willing to take the risk.
Consequently, it is necessary to have the capacity to react to the occurrence of a cybercrime. It is important to have mechanisms by virtue of which it is possible to have a backup and protect the information that may be affected. For example, having physical or digital copies in the cloud, or making use of platforms such as SharePoint that automatically save copies and versions of all files. These measures, in addition to providing data protection, will also be very useful during a criminal proceeding, since they make it possible to preserve evidence and prove elements of the crime, such as data corruption. This last point is extremely relevant because in many cases when a cybercrime is committed, the criminal process is truncated because there is no traceability of the affected information or because the file that is intended to prove that it was damaged was not saved or protected in time and disappears.
Awareness of the existence of these crimes is more relevant today than ever. After the COVID-19 pandemic, a rise in the digitization of all types of information is evident. Therefore, it is necessary to adapt to technological advances and ensure effective law enforcement. For this reason, there must be a substantial jurisprudential development of these criminal types introduced to the legal system, as well as the implementation of practical mechanisms to reduce the possibility of the commission of these crimes and even more important, to have the ability to react to these situations. Therefore, it is necessary to invest in digital information protection mechanisms and seek legal advice immediately after such a situation occurs.
