-
- Art. 5a FC
- Art. 6 FC
- Art. 10 FC
- Art. 16 FC
- Art. 17 FC
- Art. 20 FC
- Art. 22 FC
- Art. 29a FC
- Art. 30 FC
- Art. 32 FC
- Art. 42 FC
- Art. 43 FC
- Art. 43a FC
- Art. 55 FC
- Art. 56 FC
- Art. 60 FC
- Art. 68 FC
- Art. 75b FC
- Art. 77 FC
- Art. 96 para. 2 lit. a FC
- Art. 110 FC
- Art. 117a FC
- Art. 118 FC
- Art. 123b FC
- Art. 136 FC
- Art. 166 FC
-
- Art. 11 CO
- Art. 12 CO
- Art. 50 CO
- Art. 51 CO
- Art. 84 CO
- Art. 143 CO
- Art. 144 CO
- Art. 145 CO
- Art. 146 CO
- Art. 147 CO
- Art. 148 CO
- Art. 149 CO
- Art. 150 CO
- Art. 701 CO
- Art. 715 CO
- Art. 715a CO
- Art. 734f CO
- Art. 785 CO
- Art. 786 CO
- Art. 787 CO
- Art. 788 CO
- Transitional provisions to the revision of the Stock Corporation Act of June 19, 2020
- Art. 808c CO
-
- Art. 2 PRA
- Art. 3 PRA
- Art. 4 PRA
- Art. 6 PRA
- Art. 10 PRA
- Art. 10a PRA
- Art. 11 PRA
- Art. 12 PRA
- Art. 13 PRA
- Art. 14 PRA
- Art. 15 PRA
- Art. 16 PRA
- Art. 17 PRA
- Art. 19 PRA
- Art. 20 PRA
- Art. 21 PRA
- Art. 22 PRA
- Art. 23 PRA
- Art. 24 PRA
- Art. 25 PRA
- Art. 26 PRA
- Art. 27 PRA
- Art. 29 PRA
- Art. 30 PRA
- Art. 31 PRA
- Art. 32 PRA
- Art. 32a PRA
- Art. 33 PRA
- Art. 34 PRA
- Art. 35 PRA
- Art. 36 PRA
- Art. 37 PRA
- Art. 38 PRA
- Art. 39 PRA
- Art. 40 PRA
- Art. 41 PRA
- Art. 42 PRA
- Art. 43 PRA
- Art. 44 PRA
- Art. 45 PRA
- Art. 46 PRA
- Art. 47 PRA
- Art. 48 PRA
- Art. 49 PRA
- Art. 50 PRA
- Art. 51 PRA
- Art. 52 PRA
- Art. 53 PRA
- Art. 54 PRA
- Art. 55 PRA
- Art. 56 PRA
- Art. 57 PRA
- Art. 58 PRA
- Art. 59a PRA
- Art. 59b PRA
- Art. 59c PRA
- Art. 62 PRA
- Art. 63 PRA
- Art. 67 PRA
- Art. 67a PRA
- Art. 67b PRA
- Art. 75 PRA
- Art. 75a PRA
- Art. 76 PRA
- Art. 76a PRA
- Art. 90 PRA
-
- Vorb. zu Art. 1 FADP
- Art. 1 FADP
- Art. 2 FADP
- Art. 3 FADP
- Art. 5 lit. f und g FADP
- Art. 6 Abs. 6 and 7 FADP
- Art. 7 FADP
- Art. 10 FADP
- Art. 11 FADP
- Art. 12 FADP
- Art. 14 FADP
- Art. 15 FADP
- Art. 19 FADP
- Art. 20 FADP
- Art. 22 FADP
- Art. 23 FADP
- Art. 25 FADP
- Art. 26 FADP
- Art. 27 FADP
- Art. 31 para. 2 lit. e FADP
- Art. 33 FADP
- Art. 34 FADP
- Art. 35 FADP
- Art. 38 FADP
- Art. 39 FADP
- Art. 40 FADP
- Art. 41 FADP
- Art. 42 FADP
- Art. 43 FADP
- Art. 44 FADP
- Art. 44a FADP
- Art. 45 FADP
- Art. 46 FADP
- Art. 47 FADP
- Art. 47a FADP
- Art. 48 FADP
- Art. 49 FADP
- Art. 50 FADP
- Art. 51 FADP
- Art. 54 FADP
- Art. 57 FADP
- Art. 58 FADP
- Art. 60 FADP
- Art. 61 FADP
- Art. 62 FADP
- Art. 63 FADP
- Art. 64 FADP
- Art. 65 FADP
- Art. 66 FADP
- Art. 67 FADP
- Art. 69 FADP
- Art. 72 FADP
- Art. 72a FADP
-
- Art. 2 CCC (Convention on Cybercrime)
- Art. 3 CCC (Convention on Cybercrime)
- Art. 4 CCC (Convention on Cybercrime)
- Art. 5 CCC (Convention on Cybercrime)
- Art. 6 CCC (Convention on Cybercrime)
- Art. 7 CCC (Convention on Cybercrime)
- Art. 8 CCC (Convention on Cybercrime)
- Art. 9 CCC (Convention on Cybercrime)
- Art. 11 CCC (Convention on Cybercrime)
- Art. 12 CCC (Convention on Cybercrime)
- Art. 25 CCC (Convention on Cybercrime)
- Art. 29 CCC (Convention on Cybercrime)
- Art. 32 CCC (Convention on Cybercrime)
- Art. 33 CCC (Convention on Cybercrime)
- Art. 34 CCC (Convention on Cybercrime)
FEDERAL CONSTITUTION
CODE OF OBLIGATIONS
FEDERAL LAW ON PRIVATE INTERNATIONAL LAW
LUGANO CONVENTION
CODE OF CRIMINAL PROCEDURE
CIVIL PROCEDURE CODE
FEDERAL ACT ON POLITICAL RIGHTS
CIVIL CODE
FEDERAL ACT ON CARTELS AND OTHER RESTRAINTS OF COMPETITION
FEDERAL ACT ON INTERNATIONAL MUTUAL ASSISTANCE IN CRIMINAL MATTERS
DEBT ENFORCEMENT AND BANKRUPTCY ACT
FEDERAL ACT ON DATA PROTECTION
SWISS CRIMINAL CODE
CYBERCRIME CONVENTION
- I. General
- II. Legally protected property
- III. Basic constituent elements
- IV. Optional additional constituent elements
- V. Comparison with Swiss law
- Materials
I. General
1 Given the omnipresence of information technology in society, forgery of computer documents is just as dangerous as forgery of paper documents. The purpose of this provision is therefore to establish an offence which is the counterpart of forgery of paper documents. It aims to close the loopholes in criminal law associated with classic falsification, which requires the visual legibility of statements contained in a document and does not apply to data recorded on electronic media. Manipulating recorded data with probative value can have consequences as serious as traditional acts of forgery, if they mislead a third party. Computer forgery consists in the unauthorized creation or modification of recorded data in such a way that it acquires a different probative value, so that the conduct of legal transactions, based on the authenticity of the information provided by this data, may be tainted by deception.
II. Legally protected property
2 The legally protected property of this standard is the security and reliability of electronic data, which may have consequences for legal relationships.
III. Basic constituent elements
A. Computer data
3 According to art. 1 let. b CCC, "the term 'computer data' means any representation of facts, information or concepts in a form suitable for processing in a computer system, including a program suitable for causing a computer system to perform a function". The notion of computer data is therefore very broad, encompassing in particular all letters, symbols or programming codes that can be entered, processed and stored by a computer system.
4 For further details on this concept, please refer to art. 1 CCC above.
B. Data relevant to legal relations
5 The use of the words "for legal purposes" means that art. 7 CCC does not apply to all computer data, but only to data that plays a role in legal relations. This means that it must be possible to prove a fact of legal significance, i.e. a fact on which the creation, modification or extinction of a right depends. All data that is not relevant to legal relations is therefore excluded from the scope of this standard.
6 To be probative, it must be possible to establish the origin of the data. In the real world, this requirement means that the author of a title must be identifiable, and that this title contains the expression of a human thought. In practical terms, this means, for example, that the information must make sense, and that the document must be signed by its author. In the virtual world, guaranteeing the origin of data takes a very different form. Of course, the equivalent of a paper document signed by its author does exist. In this case, it's a computer document drafted by a human being, in which the handwritten signature is replaced by a qualified electronic signature. However, the virtual world offers many additional possibilities for producing data relevant to legal relationships.
7 Unlike securities issued in the real world, in the virtual world it is not mandatory for the author of the data to be a human being. Some data can be generated automatically by computer systems, without losing their probative value. Examples include a payment receipt created by an e-banking application, a salary certificate for the tax authorities automatically generated by a company's IT system for its employees at the end of the year, or a receipt sent automatically by an authority attesting to the filing of a legal deed by electronic means.
8 As art. 7 CCC expressly states, this provision extends to all data relevant to legal relationships, "whether or not they are directly legible and intelligible". Nor is it essential for the data to contain the expression of human thought. The data may well have been generated by a computer system. It simply has to be understandable by a human or a machine. Data can therefore take the form of a sequence of characters forming a code, a barcode or a QR code. The best recent example of this type of data is the computer-generated COVID certificate in the form of a QR code, which certifies that a person has been vaccinated against COVID and allows its holder access to certain places.
9 Ultimately, in the virtual world, for data to have probative value and be used in legal relations, it is sufficient that its origin can be established with certainty and that it can be understood by a human or a machine.
C. Punishable conduct
10 The definition of forgery varies considerably from country to country. A simple comparison of the definition given in Switzerland and its neighbouring countries is all that is needed. For some countries, the notion of forgery is based on the authenticity of the document's author, while for others, it is the veracity of the information contained in the document that is decisive. The Parties have therefore agreed that falsification must at least relate to the identity of the issuer of the data, irrespective of the accuracy or veracity of the content of the data. They are, however, free to extend the scope of their national provisions to include falsification of the information contained in the document.
11 The authenticity of the data as to its author implies that it actually comes from the person from whom it appears to originate. In this sense, the falsification of authentic data consists in the appearance of an author who is not the person from whom the data actually originates. The real author is therefore not the same as the apparent author.
12 As far as authenticity of data content is concerned, this means that the data has remained in its original state. Falsification therefore occurs when the data has been modified after it has been created. The modification referred to in art. 7 CCC is not the simple correction of a clerical error, but the modification of the meaning of the data.
13 Art. 7 CCC thus lists four punishable acts: introducing, altering, deleting or suppressing computer data. This list is exhaustive. The introduction of data punishes the creation of a false document, while alteration, deletion and suppression relate to the falsification of a true document.
1. Data entry
14 The introduction of data is the act by which the author introduces data from outside a computer system. This may involve the unauthorized introduction of accurate data or the addition of inaccurate data.
15 Art. 7 CCC only sanctions the introduction of data which leads to the creation of non-authentic data. Where the data introduced into the computer system is intended to hinder its proper operation, art. 5 CCC applies.
16 An example of the introduction of non-authentic data would be a company accountant who records a payment by a debtor in the accounting program, whereas the debtor in question has not in fact paid. Another example would be a person who uses a bank card that he has fraudulently copied to pay for his purchases, using the contactless function, thus making the vendor's terminal believe that the payment has been authorized and made by the legitimate holder of the copied card.
2. Data alteration, deletion and erasure
17 The alteration of data consists in damaging the integrity and/or content of the data. Data integrity refers to the reliability, accuracy and completeness of data. In the real world, the guarantee of data integrity could be compared to a parcel sent by post, where it is certified that it was really sent by the sender mentioned on the parcel, that it was sent on the date and at the place indicated on the postmark, and that the parcel was not opened during transit. As for the guarantee of contents, this could be compared to the certification that the contents of the parcel have not been altered after dispatch. In the case of data tampering, the perpetrator modifies the contents of the package and/or its packaging in order to deceive the recipient. Altering data content involves replacing the original data with other data. This is the case, for example, when the author modifies a text, changes bank details or replaces one image with another. On the other hand, the author alters the integrity of the data when he or she modifies the metadata. This is the case, for example, of someone who falsifies the sender's e-mail address to make it appear that a message has come from a certain person, when in fact it has come from someone else, or forges a qualified electronic signature to make it appear that a document has been drawn up by a certain person, when in fact this is not the case.
18 Data deletion involves withholding and concealing data. The author deliberately removes part of the data, so that the recipient is not aware of the entirety of the data. This is the case, for example, when the author deletes part of the clauses negotiated during transactional talks, with the aim of concluding a contract that is more favorable to him.
19 Unlike data deletion, data erasure is the definitive destruction of all or part of the data. The data no longer exists. Examples of this are when someone deletes parts of electronic conversations that are unfavorable to him, and then produces the redacted version as evidence in a court case, or when someone deletes data from a computerized medical record to conceal a medical error he has made.
D. Unlawfulness
20 The author must act without right, i.e. without having been authorized to do so by the rightful owner. To act lawfully, a person must obtain the consent of the owner of the computer system to enter data, or of the owner of the data to modify it.
21 In today's society, many companies and public authorities work with IT systems. The majority of employees working for these entities are authorized to enter or modify data. All these people act lawfully as long as they follow the instructions they have been given. On the other hand, their actions become unlawful when they introduce or modify data in violation of the instructions they have received. This is the case, for example, of the person in charge of the cash register, who steals goods and then enters false sales into the computer system in an attempt to erase the traces of his crime.
E. Intention
22 Computer falsification is intentional. Intention must relate to all the objective elements of the offence. The perpetrator must therefore have the awareness and the will to create false data or to falsify authentic data with the aim of using them in legal relations.
IV. Optional additional constituent elements
23 The last sentence of art. 7 CCC allows Parties to require a special purpose in addition to intent. This special purpose may take the form of fraudulent intent or similar pernicious intent. The explanatory report contains no indication as to how the notion of fraudulent intent is to be understood. In our opinion, fraudulent intent refers to the perpetrator's intention to obtain an undue advantage for himself or for another person. This advantage need not be pecuniary in nature. It can be any advantage that improves one's personal situation or that of another. However, the advantage sought must be undue, i.e. contrary to law.
24 The United States of America has availed itself of the possibility offered by art. 7 in fine CCC and has indicated that it will only prosecute computer falsification if it is committed with fraudulent intent.
25 Germany and Peru have taken up the two purposes mentioned in art. 7 in fine CCC, namely that computer falsification must be committed with fraudulent intent or similar criminal intent.
26 Belgium, for its part, declared that it would only criminalize computer falsification when committed with fraudulent intent or malicious intent.
27 Switzerland decided that it would only prosecute computer falsification if it was committed with the intention of procuring for oneself or a third party an advantage or causing damage.
28 Finally, Chile had initially explained that it would only prosecute computer falsification if it was committed with fraudulent intent and caused damage to third parties. In our opinion, this statement was not in line with the text of art. 7 CCC, as a Party can only require additional special intent. It is not possible, however, to require the realization of a prejudice, whereas art. 7 CCC punishes an offence of endangerment. In 2022, Chile amended its legislation. In its new version, falsificación informática corresponds to art. 7 CCC. The reservation is therefore no longer necessary.
V. Comparison with Swiss law
29 The purpose of art. 7 CCC is to penalize forgery of computerized documents. Under Swiss law, this legal asset is protected by forgery of securities (art. 251 StGB), which has been extended to computerized securities (art. 110 para. 4 StGB) since January 1, 1995.
30 The conduct punishable under art. 7 CCC consists in falsifying data with probative value with the aim of deceiving others. The introduction of data corresponds to the creation of a false document. On the other hand, alteration, deletion and suppression are equivalent to the falsification of a document in the traditional offence of forgery.
31 Swiss law therefore complies with the requirements of Art. 7 of the Convention.
Materials
Conseil de l’Europe, Explanatory Report to the Convention on Cybercrime, Budapest 23.11.2001, disponible à https://rm.coe.int/16800cce5b, visité le 21.1.2024 (cité : Rapport explicatif de la Convention sur la cybercriminalité)
Message concernant la modification du code pénal suisse et du code pénal militaire (Infractions contre le patrimoine et faux dans les titres) ainsi que la modification de la loi fédérale sur l'approvisionnement économique du pays (Dispositions pénales) du 24 avril 1991, FF 1991 II 933, disponible à https://www.fedlex.admin.ch/eli/fga/1991/2_969_933_797/fr, visité le 21.1.2024