【作者】 赵文胜；

【导师】 赵廷光；

【作者基本信息】 武汉大学 ， 刑法学， 2014， 博士

【摘要】 二十一世纪的竞争是经济全球化和信息化的竞争。世界上大多数国家都已经将信息化提高到国家发展战略的高度。但是由于信息技术本身的特殊性,特别是信息无国界性的特点,在整个信息化进程中,各国均存在着巨大的信息安全风险。信息安全问题涉及到国家安全、社会公共安全和公民个人安全的方方面面。适用于真实世界的传统刑法如何服务于虚拟的比特世界,如何利用刑法来保障信息安全是刑法学面临的一个重要课题。本文从信息的概念和特征入手,对信息安全的含义、信息安全的技术保障与法律保障的关系、我国刑法对信息安全的保障以及如何建立一个科学的刑事政策体系等问题进行了深入研究。引言。在简要介绍信息安全保障的重要意义的基础上,阐述了对信息安全的刑法保障进行研究的重要意义。第一,有助于促进刑事立法,为刑事立法寻找一个科学的刑事政策指导,从而防止出现犯罪化过剩和犯罪化不足的极端局面,为信息安全保障提出一条适合中国国情的刑事立法之路。第二,有助于指导刑事司法,为打击信息犯罪的刑事司法活动提供理论指导,使刑法资源得到充分利用。第三,有助于繁荣刑法理论,在借鉴国外的研究成果的基础上,探索出一条刑法适应中国虚拟社会的途径和方法,以促进传统刑法理论在信息时代的发展。第一章,信息安全概述。关于信息的概念,众说纷纭,作者认为“信息是以物质能量在时空中某一不均匀分布的整体形式所表达的物质运动状态和关于运动状态反映的属性。”这一定义较为全面地概括了信息的特征。以信息传播技术的发展为主线,可以将人类的历史进程划分为依次更迭的5个阶段：信息的原始传播时期、信息的语言传播时期、信息的文字传播时期、信息的机器传播时期、信息的电子传播时期。每一发展时期都不可避免地存在着信息安全问题。而具有现代含义的信息安全概念是在20年世纪40年代申农创立了信息论之后才被逐渐确立和发展起来的,此时的人类社会已步入了被称为信息时代的电子信息交流时代,正是在这个社会信息化的大背景下,信息安全的概念才突显出其重要性。到20世纪90年代,随着计算机和网络的普及,信息安全的概念开始进入高速发展阶段。信息安全涵盖的范围从信息的保密性,拓展到信息的完整性、信息的可用性、信息的可控性和信息的不可否认性等。我国信息安全研究经历了通信保密、计算机数据保护两个发展阶段,目前正在进入网络信息安全的研究阶段。由于互联网发展在地域上的极不平衡,信息强国对于信息弱国已经形成了“信息势差”。居于信息低位势的国家,其传统的国家安全(政治安全、经济安全和军事安全)面临前所未有的冲击、挑战和威胁。因此,国内很多信息安全方面的专家均认为,截至目前为止,我国有网络,但没有安全的网络。尽管有分析说,我国的信息安全介于相对安全和轻度不安全之间,但实际上我国信息安全的形势十分严峻,信息安全在我国还任重道远。第二章,信息安全与刑法保障。信息与法律作为当代社会不可或缺的基本要素,其关系甚为密切,两者相互影响,交互作用,并在此过程中共同促进整个社会的发展。信息的安全保障是一个由技术保障、管理保障和法律保障共同构建的多层次复合体系。尽管技术和管理手段可能为信息提供一定的安全保障,但它们并不是可完全信赖的灵丹妙药。希望通过技术手段对抗信息犯罪的前景将是暗淡的。因为技术手段只在有人发起新的攻击前有效,一旦运用新的攻击手段,现有的技术防范便会漏洞百出。迄今为止,还没有一个万无一失的安全防护系统,所有的高技术方法在它们被运用的同时,都几乎立刻遭到黑客的反击,而且,随着系统不断简化,计算机变得更加容易使用,但同时也更容易遭受黑客的攻击。因此,在信息时代,人们往往缺乏安全感,从而会加深对法律的依赖。作者在对各种因素进行比较分析的基础上,提出了法律是信息安全的最佳保障的观点。同时认为,在刑法理论的研究中,固然应当关注技术因素的介入以及由此而导致的犯罪构成要件的变异的可能性,但是,刑法理论关注的是定性评价,而不是技术类型与技术等级,因此,在刑法理论的研究中,在考虑了基本技术因素的情况下,追求的是定性准确,否定性评价程度的合理,而不是过度关注技术介入的程度和技术本身的优劣程度。本章在对危害信息安全行为的种类和特征进行了归纳,并就所掌握的资料对世界各国信息安全保障的刑事法律政策进行综述的基础上,指出国际互联网的跨国界性无疑增加了各国在其主权范围内独立调整和管制网上行为的困难,但这并不意味着国际互联网无法管制。各国不仅可以通过各种形式的国际合作联手打击网络犯罪行为,而且,由于出现了强烈的网络管制的社会要求,各种行之有效的网络管制法律也应运而生了。今天,从立法技术上讲,国际互联网络无法管制的神话已被打破。当然,截至于目前为止,世界上还没有一个国家制定出有效预防和管束黑客的法律。有鉴于此,各国都在苦思对策,除了从网络安全技术方面加以预防和缉拿黑客外,还加快制定和完善惩治黑客的立法步伐,对黑客的行为加以严格的规范。第三章,我国刑法对信息安全的保障。就刑法典的规定而言,我国刑法为信息安全提供了较为全面的法律保障。这种保障主要体现在刑法对危害信息系统的可靠性、保密性、完整性、可用性、不可抵赖性的行为根据现实需要进行了犯罪化处理。具体到计算机网络而言,刑法从网络的硬件环境到软件环境均提供了相应的保护。当然,这种保护还有一定的缺陷,本章对以下5种具有社会危害性的网络行为的犯罪化进行了考查。1、网络黑客,泛指一切未经他人允许或授权而侵入其计算机系统的人。对于网络黑客应采取区别对待黑客的刑事政策,普遍实行“思想教育在前,法律制裁在后”的方针,加大对犯罪黑客的打击力度,坚决取缔黑客组织。2、网络色情,是指通过网络传送色情信息的一种行为和现象。由于我国没有色情犯罪,只有淫秽物品犯罪,因此,对于没有达到淫秽标准的网络色情的传播,刑法应保持谦抑性。与网络色情相对应的有网络性犯罪,它是指通过互联网进行的与性有关的间接、直接的犯罪行为,对于这类犯罪应加强司法合作,加大打击力度。3、信息冗余,是指信息源包含了除了有效信息之外的信息。信息冗余具有巨大的危害性,但刑法对此并没有相应的犯罪化规定,作者认为尽管大量发送垃圾邮件的行为具有巨大的社会性,但通过技术手段和其他部门法的规制完全可以对其加以控制,目前没有将其纳入到刑法制裁的必要。4、信息欺诈,是指通过互联网工、手机或其他途径,发布虚假信息,以骗取受害人的银行卡号、密码等信息的行为。信息欺诈是传统诈骗在网络时代的新发展,目前的打击重点不是创制新的罪名,而是强化侦查技术,提高破案率。5、网络隐私权,是指公民在网上享有的私人生活安宁与私人信息依法受到保护,不被他人非法侵犯、知悉、搜集、复制、公开和利用的一种人格权；同时也指禁止在网上泄露某些与个人有关的敏感信息,包括事实、图像以及毁损的意见等。网络隐私权脱胎于传统隐私权,但同时也具有新的特点。我国对于网络隐私权的法律保护几乎是一片空白,现阶段,网络隐私权遭到侵害适用解决名誉侵权的法律条款,这种解决方式自然是不妥当的。这种间接保护方式不仅在诉讼上不方便,也不利于受害人寻求司法保护。立法者应对侵犯电子邮件和个人数据的行为进行犯罪化,以维护网络的安全和秩序。第四章,建立一个科学的保障信息安全的刑事政策体系。在肯定传统刑法的基础性作用的同时,我们也应当正视网络虚拟空间中出现的新问题,正如美国有的学者所指出,从上世纪六七十年代,网络成为一种新型交互方式的时候,计算机犯罪就开始露头。然而试图将现存法律的适用范围不加变动地扩展到虚拟空间,却被证明是不成功的。刑事立法的困境主要表现在：刑法规则和理论整体上受到挑战；法益保护的范围不适应信息时代的发展；某些刑事立法与社会现实失调。对此,本文提出刑事立法的出路在于：1、刑法对危害信息安全的行为覆盖面偏窄,需要予以适当扩大；2、犯罪构成的设计不合理,需要增加法人犯罪和过失犯罪；3、刑罚设置不合理,应当增设资格刑；4、对罪行轻微者可创设社区处遇制度；5、建议增加计算机渎职犯罪；6、建议修改非法侵入计算机信息系统罪；7、建议增设盗窃计算机数据罪；8、建议将窃用计算机信息系统的行为规定为犯罪。刑事司法的困境主要表现在：网络游戏中的虚拟财产的保护问题、网站交易违禁品和犯罪信息的管理问题、刑事案件管辖问题。对此,本文提出刑事司法的出路在于：1、提高证据的收集、鉴别能力；2、建立合理的刑事法律解释体系;3、犯罪地在本国领域内的刑事管辖权的确立。本文最后就我国进入信息社会后的立法需求、立法现状等问题进行了深入探讨,并提出信息安全立法应遵循：效益原则、实事求是原则、吸收借鉴原则、适度超前原则和协调原则,制订信息安全统一法,运用多方面的社会手段对信息安全进行必要的维护,加强对网络系统运作的规范,并强化执罚责任追究制度。更多还原

【Abstract】 The competition in the21st century is the competitions of economic globalization and informationization. Most countries have already brought the informationization up to the height of the national development strategy in the world, But because of the particularity of the information technology itself, especially the characteristic with borderless information, in the whole information-based process, the enormous risk of information security exists in various countries. The question of information security involves national security, social public security and individual security. How suitable for traditional criminal law of realistic world to serve virtual world, it is an important subject that the criminal jurisprudence faces how to make use of criminal law to ensure the information security. This dissertation has lucubrated with concept and characteristic of information, meaning to the information security, the relation of technology support and law support, and the method of our criminal law how to guard the information security and how to constitute a system of scientific criminal policy. Except for the preface, the dissertation consists of four parts.In the preface, on the basis of a brief introduction of the significance of safeguarding information security, it reveals the theoretical significance of academic research in exerting criminal law to safeguard information security. Firstly, contribute to promote criminal legislation. Look for a criminal policy guidance of science for the criminal legislation, thus prevent the committing crime surplus and committing crime insufficient extreme situation, propose the way of a criminal legislation which is suitable for the China’s actual conditions for the information security. Secondly, contribute to guiding the criminal administration of justice. Offer the theoretical direction for the criminal judicial activity of attacking the information crime, make criminal law resources get abundant use. Thirdly, contribute to prospering the criminal law theory. On the basis of drawing lessons from foreign research results, explore one criminal law meet China virtual way and method of society, in order to promote the development at information age of the traditional criminal law theory.Chapter one, the summary of information security. Concept about information, opinions vary. The author think that the definition of information,"information energy by material in when and about attribute where motion state reflect on material motion state expressing some one of skies form not whole that is distribute not even", has summarized the characteristic of information more comprehensively. Taking development of information dissemination technology as the thread, can divide the human historical process into5stages that changes sequentially:Information primitive to propagate period, language of information propagate period, characters of information propagate period, machine of information propagate period, electron of message propagate period. The question of information security will exist unavoidably in every developing period. With modern meaning information security concept century explain agricultural to is it set up information theory establish and develop gradually to create the forties in one year, the human society at this moment has already stepped into the era of electronic information interchange known as information age, just under the great background of this social informationization, the concept of the information security shows its importance suddenly. By the1990s, with the popularization of the computer and network, the concept of the information security began to enter developing stage of high speed. The range that information contains safely is from information privacy; expand integrality, usability, controllability and getting undeniable one of information to get information. Of our country information case study go through communication security, computer data protect two developing stages; enter the research stage of information security of the network at present. Because whom Internet develop at region extremely uneven, information powerful country form "the message potential difference" already for message weak nation. Occupying the country of the low potential of information, its traditional national security (political security, economic security and military security) faces unprecedented impact, challenge and threatens. So, a lot of domestic experts of information security think, have cut it up till now, there are networks in our country, but there is no network of security. Though have it while analyzing and saying, it is relatively safe and unsafe slightly that the information of our country is lain between safely, but the situation of the information security of our country is very severe in fact, the information security still shoulders heavy responsibilities in our country.Chapter two, information security and criminal law guarantee. Information and law are regarded as the contemporary society’s indispensable basic key element, it is in very close relations, the two influence each other, reciprocation, and promote the development of whole society together in this course. Security of information ensures to manage by technology one and law ensures structure together compound system at many levels. Though the technology and management may offer certain security for information, but they are not fully reliable miraculous cures. The prospect hoping to oppose the information crime through the technological means will be dim. Because the technological means is only valid before someone initiates the new attack, once used the new attack means, it will be filled with flaws that existing technology is taken precautions against. Up until now, no perfectly safe protection systems. All high-tech methods, while they are used, nearly suffer the hacker’s reaction at once, and, as the system is being simplified constantly, the computer becomes easier to use, but apter to suffer the hacker’s attack at the same time. So, at information age, people often lack sense of safety, thus will strengthen the reliance on the law. The author is on the basis that carries on comparative analysis to various kinds of factors; it is a view of the best guarantee with safe information to put forward the law. Consider, in the research of the criminal law theory, should no doubt pay close attention to the involvement of the technological factor and form by this crime caused and want the mutant possibility of one at the same time, however, the concerned criminal law theory determines the nature on appraisal, but not technological type and industrial grade, so, in the research of the criminal law theory, in case of considering basic fundamental factor, pursue to determine the nature accurate, person who deny think degree reasonable, but not excessive to pay close attention to degree and technological good and bad degree of itself that technology get involved. This chapter has been summed up to the kind and characteristic of the behavior of endangering information security, and materials known carry on foundation of the survey to countries all over the world criminal legal policy, information of security, point out Internet getting transnational to increase various countries adjust and control online difficulty of behavior independently in with sovereign right range their undoubtedly, but this does not mean Internet is unable to control. Various countries can not merely attack the criminal offence of the network jointly through the international cooperation of various kinds of forms, and appear strong society that network control require various kinds of effectual network control law arise at the historic moment. Today, speaking from the legislative technology, the mythology that Internet can’t control has already been broken. Certainly, cut it at present, no countries in the world make the law of preventing and restraining the hacker effectively. In view of this, various countries think hard the countermeasure, except that prevent and seize a hacker from the safe practice of the network, still accelerate making and improving the legislative paces that punish the hacker, the norm with strict behavior to the hacker.Chapter three, the guarantee to the information security of criminal law of our country. As regards regulation of the punishment code, the criminal law of our country has offered more comprehensive legal guarantee for information security. This kind of guarantee embodies in criminal law to the dependability endangering the information system mainly, privacy, integrality, usability,, can’t behavior of person who deny go on treatment of committing crime etc. according to the needs of reality. Concrete to reach computer network but speech, criminal law offer corresponding protection from hardware environment of the network to the software environment. Certainly, there is certain defect in this kind of protection, this chapter has been examined to the committing crime of the following5behaviors of network with social harmfulness.1, network hacker, refer to the person that invade personal computer system without others’permission. As to the thing that the network hacker should adopt the criminal policy of treating the hacker with a certain discrimination, generally implement "ideological education is in the front, policy on legal sanction behind being here ", strengthen to attack, crime of hacker, ban a hacker to organize firmly.2, network pornography, mean that conveys a kind of behavior and phenomenon of pornographic information through the network. Because there is no pornographic crime in our country, there is only crime of obscene goods, so, as to not reaching the spread of the obscene and standard network pornography, criminal law should keep the modest restraining. Network nature crimes corresponded to network pornography, it means through the indirect, direct criminal offence related to sex which Internet carries on, as to the thing that this kind of crime should strengthen judicial cooperation, devote more efforts to attacking, should especially issue on September3,2004according to the Supreme People’s Court,2004September6implement<The Supreme People’s Court, the Supreme People’s Procuratorate is about handling and utilizing Internet, mobile communication terminal station, sounds of news platform make, duplicate, publish, traffic, propagate obscene electronic criminal case concrete to use law several explanation of issue information> make accurate asserting to the obscene case of the network.3, information is redundant, mean the information source includes the information besides effective information. Information has enormous harmfulness redundantly, but criminal law does not have corresponding committing crime regulation to this, the author thinks though a large number of behaviors of sending the junk email have social the enormous one, but can control it through the structure of the technological means and other departments law, there is no need to bring it into punishment legal system to judge at present.4, information is swindled, refer to passing Internet’s worker, the cell-phone or other ways, release false information, in order to defraud of the behavior in such information as the victim’s bank card number, password, etc. Information swindle it is tradition that swindle new development at network age, present blow focal point to formulate the new charge, but strengthen the technology of investigating, improve the case-solving rate.5, the right of privacy of the network, refer to the private life that the citizen enjoys on the net and protect with private information in accordance with the law peacefully, a kind of personality right not infringed, knowing, collecting, duplicating, disclosing and utilizing illegally by him; Point and forbid revealing some sensitive information related to individual on the net at the same time, including fact, picture and suggestion damaged, etc. The right of privacy of the network emerges from the womb of the traditional right of privacy, but have new characteristics at the same time. The legal protection to the right of privacy of the network of our country is nearly a blank, at the present stage, the right of privacy of the network is encroached on and applicable to solving the legal clause that the reputation infringed, this kind of settlement way is not appropriate naturally. Such indirect protected mode is not only inconvenient on the lawsuit, but also unfavorable to victim’s administration of justice of seeking to protect. Legislators should carry on the committing crime the behavior that infringes the E-mail and personal data, in order to maintain the security and order of the network.Chapter four, set up the criminal policy system of a guarantee information security of science. While suring the basic function of traditional criminal law, we should face the new problem appearing in the fictitious space of network too, just as some scholars of U.S.A. point out, since sixty or seventy times of last century, when the network becomes a kind of new-type mutual way, the computer crime begins to appear. But attempt to expand to the fictitious space not adding the scope of application of the extant law the change, but proved unsuccessful. The predicament of the criminal legislation shows mainly:The punishment regulation is challenged with the theory on the whole; France range that benefit protect does not adapt to development of information age; Some criminal legislation and social reality lack proper care. As to this, this text proposes the outlet of the criminal legislation lies in:1, Criminal law is simply narrow to endangering the behavior coverage rate of the information security, need giving and expanding properly;2, the designs of constitutive elements of crime are unreasonable, need to increase legal person’s crime and unintentional crime;3, it is unreasonable that penalty is set up, should set up qualification punishment;4, can found the community place and meet the system to the slight one of crime;5, propose increasing the malfeasance crime of the computer;6, propose revising and trespassing the crime of information system of the computer;7, propose setting up and stealing the data crime of the computer;8, propose stealing and stipulating for the crime with the behavior of the information system of the computer. The predicament of the criminal administration of justice shows mainly: Fictitious protection issue, website trade contraband and problem of management, criminal case, crime of information of property, network of game administer the issue. As to this, this text proposes the outlet of the criminal administration of justice lies in:1, Improve the collection of the evidence, distinguishing ability;2, set up rational criminal legal explanation system;3, person who commit crime establishment of criminal jurisdiction in national field. This text enter on our country legislative demand, legislation current situation, etc. issue after the information-intensive society carry on the deep discussion finally, propose the legislation of information security should be followed:Benefit principle, principle of seeking truth from facts, is it draw lessons from principle, leading principle moderately and coordinate principle to absorb, make the information security and unify the law, use the social means in many aspects to carry on essential maintenance to information safely, strengthen it to the norm of operation of the network system, strengthen and hold and fine the responsibility claim system.更多还原