Government to introduce stiffer penalties for computer crime

Criminals who destroy digital data, render computer systems inaccessible by tampering with passwords and cause computers to crash by inundating them with spam, may soon find themselves facing a prison term of up to two years. The current maximum sentence is one year. If these crimes are committed with the aid of a 'botnet', the maximum sentence will increase to three years. If a computer-related offence targets or damages critical infrastructure - such as a government network or a power plant - the maximum sentence will be five years.

These are the terms of a bill put forward by the Minister of Security and Justice, Ivo Opstelten, which was recently approved by the cabinet. The bill transposes an existing European directive into Dutch law. At present, Dutch law already makes provision for most of the rules laid down by the directive.

The government aims to crack down on cybercrime because it can lead to social upheaval and undermine confidence in the financial and economic system. The biggest risks are associated with attacks carried out by botnets, whereby criminals use malicious software to gain control over large numbers of computers.

Because of the transnational nature of cybercrime, fighting it requires a joint European approach. If all European Union member states adopt the same rules on computer crime, 'safe havens' will become a thing of the past in the EU. Safe havens are countries where criminals can operate more freely because certain acts are not criminal offences, or if they are, entail lighter sentences. If safe havens are eliminated, criminals will have a harder time targeting Dutch businesses, government authorities and members of the public from other countries with impunity.

The cabinet has agreed to send the bill to the Council of State for review. The text of the bill and the Council of State's advisory opinion will be made public upon their submission to the House of Representatives.