Japan makes virus creation illegal

Filed Under: Law & order, Malware, Privacy

TokyoPeople who write or deliberately spread malware can expect to be fined or receive up to three years in prison, under laws enacted by the Japanese parliament today.

Up until now, you could only expect to feel your collar felt by the computer crime authorities in Japan if the malware you had created had caused some damage, now just the act of writing it would seem to be enough.

Under the new law, police will also be able to seize the email communications of suspects from ISPs, raising concerns amongst the country's privacy campaigners who have warned of the police getting excessive powers.

According to news reports individuals who create and supply computer viruses "without any reasonable excuse" can face up to three years in jail, or a fines of up to ¥500,000 (approximately US $6,000).

Acquisition and storage of viruses is punishable by a prison sentence of up to two years, or ¥300,000 in fines.

One hopes that common sense will prevail and that those with a legitimate reason to store and acquire malware (anti-virus vendors for instance!) don't find themselves facing such charges..

Orange octopusVirus-writing isn't completely unknown in Japan, of course.

For instance, last year we reported the arrest of a man who had spread malware via the Winny peer-to-peer file-sharing network, changing the icons of infected computers to those of an orange cartoon octopus.

At the time, police officers claimed that the man had infected approximately 50,000 computers with the malware.

, ,

You might like

4 Responses to Japan makes virus creation illegal

  1. I commend Japan for their action in outlawing virus writing. This is certainly a step in the right direction!

  2. Foxbox · 1572 days ago

    To answer the question "Do you think laws like this will make any difference?" then I think it will not make much difference. However, it is a good thing that they now have a law for it, so it becomes a criminal act which then is punishable by law.

  3. spookie · 1568 days ago

    I think it's hard to enforce a law when it's hard to define what it is that's illegal.. For instance, the rootkit Sony put on some of it's audio CDs a few years ago was clearly malware. Rootkits are malware. It meets the standard reported in this article anyway--I haven't read the Japanese law. It was deliberately spread by Sony to unwitting customers who played these CDs on their computers. It's FAR, FAR more harmful than a DDoS attack. Would this be punishable under the law in question? If not, why should Sony be above the law? If you don't believe Sony execs should serve time in jail for this malware attack but you DO believe LulzSec SHOULD, why?

  4. roy jones jr · 1556 days ago

    What CD's specifically are you refering too? I want to the next time i go the music store.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley