(720 ILCS 5/Art. 16D heading) ARTICLE 16D. COMPUTER CRIME

(720 ILCS 5/16D‑1) (from Ch. 38, par. 16D‑1)     Sec. 16D‑1. Short title. This Article shall be known and may be cited as the "Computer Crime Prevention Law". (Source: P.A. 85‑926.)

    (720 ILCS 5/16D‑2) (from Ch. 38, par. 16D‑2)
    Sec. 16D‑2. Definitions. As used in this Article, unless the context otherwise indicates:
    (a) "Computer" means a device that accepts, processes, stores, retrieves or outputs data, and includes but is not limited to auxiliary storage and telecommunications devices connected to computers.
    (a‑5) "Computer network" means a set of related, remotely connected devices and any communications facilities including more than one computer with the capability to transmit data among them through the communications facilities.
    (b) "Computer program" or "program" means a series of coded instructions or statements in a form acceptable to a computer which causes the computer to process data and supply the results of the data processing.
    (b‑5) "Computer services" means computer time or services, including data processing services, Internet services, electronic mail services, electronic message services, or information or data stored in connection therewith.
    (c) "Data" means a representation of information, knowledge, facts, concepts or instructions, including program documentation, which is prepared in a formalized manner and is stored or processed in or transmitted by a computer. Data shall be considered property and may be in any form including but not limited to printouts, magnetic or optical storage media, punch cards or data stored internally in the memory of the computer.
    (c‑5) "Electronic mail service provider" means any person who (1) is an intermediary in sending or receiving electronic mail and (2) provides to end‑users of electronic mail services the ability to send or receive electronic mail.
    (d) In addition to its meaning as defined in Section 15‑1 of this Code, "property" means: (1) electronic impulses; (2) electronically produced data; (3) confidential, copyrighted or proprietary information; (4) private identification codes or numbers which permit access to a computer by authorized computer users or generate billings to consumers for purchase of goods and services, including but not limited to credit card transactions and telecommunications services or permit electronic fund transfers; (5) software or programs in either machine or human readable form; or (6) any other tangible or intangible item relating to a computer or any part thereof.
    (e) "Access" means to use, instruct, communicate with, store data in, retrieve or intercept data from, or otherwise utilize any services of a computer.
    (f) "Services" includes but is not limited to computer time, data manipulation or storage functions.
    (g) "Vital services or operations" means those services or operations required to provide, operate, maintain, and repair network cabling, transmission, distribution, or computer facilities necessary to ensure or protect the public health, safety, or welfare. Public health, safety, or welfare include, but are not limited to, services provided by medical personnel or institutions, fire departments, emergency services agencies, national defense contractors, armed forces or militia personnel, private and public utility companies, or law enforcement agencies.
    (h) "Social networking website" means an Internet website containing profile web pages of the members of the website that include the names or nicknames of such members, photographs placed on the profile web pages by such members, or any other personal or personally identifying information about such members and links to other profile web pages on social networking websites of friends or associates of such members that can be accessed by other members or visitors to the website. A social networking website provides members of or visitors to such website the ability to leave messages or comments on the profile web page that are visible to all or some visitors to the profile web page and may also include a form of electronic mail for members of the social networking website.
(Source: P.A. 96‑262, eff. 1‑1‑10.)

    (720 ILCS 5/16D‑3) (from Ch. 38, par. 16D‑3)
    Sec. 16D‑3. Computer Tampering.
    (a) A person commits the offense of computer tampering when he knowingly and without the authorization of a computer's owner, as defined in Section 15‑2 of this Code, or in excess of the authority granted to him:
        (1) Accesses or causes to be accessed a computer or

any part thereof, a computer network, or a program or data;

(2) Accesses or causes to be accessed a computer or

any part thereof, a computer network, or a program or data, and obtains data or services;

(3) Accesses or causes to be accessed a computer or

any part thereof, a computer network, or a program or data, and damages or destroys the computer or alters, deletes or removes a computer program or data;

(4) Inserts or attempts to insert a "program" into a

computer or computer program knowing or having reason to believe that such "program" contains information or commands that will or may damage or destroy that computer, or any other computer subsequently accessing or being accessed by that computer, or that will or may alter, delete or remove a computer program or data from that computer, or any other computer program or data in a computer subsequently accessing or being accessed by that computer, or that will or may cause loss to the users of that computer or the users of a computer which accesses or which is accessed by such "program";

(5) Falsifies or forges electronic mail transmission

information or other routing information in any manner in connection with the transmission of unsolicited bulk electronic mail through or into the computer network of an electronic mail service provider or its subscribers;

(a‑5) It shall be unlawful for any person knowingly to sell, give, or otherwise distribute or possess with the intent to sell, give, or distribute software which (1) is primarily designed or produced for the purpose of facilitating or enabling the falsification of electronic mail transmission information or other routing information; (2) has only a limited commercially significant purpose or use other than to facilitate or enable the falsification of electronic mail transmission information or other routing information; or (3) is marketed by that person or another acting in concert with that person with that person's knowledge for use in facilitating or enabling the falsification of electronic mail transmission information or other routing information.     (a‑10) For purposes of subsection (a), accessing a computer network is deemed to be with the authorization of a computer's owner if:         (1) the owner authorizes patrons, customers, or

guests to access the computer network and the person accessing the computer network is an authorized patron, customer, or guest and complies with all terms or conditions for use of the computer network that are imposed by the owner; or

(2) the owner authorizes the public to access the

computer network and the person accessing the computer network complies with all terms or conditions for use of the computer network that are imposed by the owner.

(b) Sentence.         (1) A person who commits the offense of computer

tampering as set forth in subsection (a)(1), (a)(5), or (a‑5) of this Section shall be guilty of a Class B misdemeanor.

(2) A person who commits the offense of computer

tampering as set forth in subsection (a)(2) of this Section shall be guilty of a Class A misdemeanor and a Class 4 felony for the second or subsequent offense.

(3) A person who commits the offense of computer

tampering as set forth in subsection (a)(3) or subsection (a)(4) of this Section shall be guilty of a Class 4 felony and a Class 3 felony for the second or subsequent offense.

(4) If the injury arises from the transmission of

unsolicited bulk electronic mail, the injured person, other than an electronic mail service provider, may also recover attorney's fees and costs, and may elect, in lieu of actual damages, to recover the lesser of $10 for each and every unsolicited bulk electronic mail message transmitted in violation of this Section, or $25,000 per day. The injured person shall not have a cause of action against the electronic mail service provider that merely transmits the unsolicited bulk electronic mail over its computer network.

(5) If the injury arises from the transmission of

unsolicited bulk electronic mail, an injured electronic mail service provider may also recover attorney's fees and costs, and may elect, in lieu of actual damages, to recover the greater of $10 for each and every unsolicited electronic mail advertisement transmitted in violation of this Section, or $25,000 per day.

(6) The provisions of this Section shall not be

construed to limit any person's right to pursue any additional civil remedy otherwise allowed by law.

(c) Whoever suffers loss by reason of a violation of subsection (a)(4) of this Section may, in a civil action against the violator, obtain appropriate relief. In a civil action under this Section, the court may award to the prevailing party reasonable attorney's fees and other litigation expenses. (Source: P.A. 95‑326, eff. 1‑1‑08.)

(720 ILCS 5/16D‑4) (from Ch. 38, par. 16D‑4)     Sec. 16D‑4. Aggravated Computer Tampering. (a) A person commits aggravated computer tampering when he commits the offense of computer tampering as set forth in subsection (a)(3) of Section 16D‑3 and he knowingly:     (1) causes disruption of or interference with vital services or operations of State or local government or a public utility; or     (2) creates a strong probability of death or great bodily harm to one or more individuals.     (b) Sentence. (1) A person who commits the offense of aggravated computer tampering as set forth in subsection (a)(1) of this Section shall be guilty of a Class 3 felony.     (2) A person who commits the offense of aggravated computer tampering as set forth in subsection (a)(2) of this Section shall be guilty of a Class 2 felony. (Source: P.A. 86‑820.)

(720 ILCS 5/16D‑5) (from Ch. 38, par. 16D‑5)     Sec. 16D‑5. Computer Fraud. (a) A person commits the offense of computer fraud when he knowingly:     (1) Accesses or causes to be accessed a computer or any part thereof, or a program or data, for the purpose of devising or executing any scheme, artifice to defraud, or as part of a deception;     (2) Obtains use of, damages, or destroys a computer or any part thereof, or alters, deletes, or removes any program or data contained therein, in connection with any scheme, artifice to defraud, or as part of a deception; or     (3) Accesses or causes to be accessed a computer or any part thereof, or a program or data, and obtains money or control over any such money, property, or services of another in connection with any scheme, artifice to defraud, or as part of a deception.     (b) Sentence. (1) A person who commits the offense of computer fraud as set forth in subsection (a)(1) of this Section shall be guilty of a Class 4 felony.     (2) A person who commits the offense of computer fraud as set forth in subsection (a)(2) of this Section shall be guilty of a Class 3 felony.     (3) A person who commits the offense of computer fraud as set forth in subsection (a)(3) of this Section shall:     (i) be guilty of a Class 4 felony if the value of the money, property or services is $1,000 or less; or     (ii) be guilty of a Class 3 felony if the value of the money, property or services is more than $1,000 but less than $50,000; or     (iii) be guilty of a Class 2 felony if the value of the money, property or services is $50,000 or more. (Source: P.A. 85‑926.)

    (720 ILCS 5/16D‑5.5)
    Sec. 16D‑5.5. Unlawful use of encryption.
    (a) For the purpose of this Section:
        "Access" means to intercept, instruct, communicate

with, store data in, retrieve from, or otherwise make use of any resources of a computer, network, or data.

"Computer" means an electronic device which performs

logical, arithmetic, and memory functions by manipulations of electronic or magnetic impulses and includes all equipment related to the computer in a system or network.

"Computer contaminant" means any data, information,

image, program, signal, or sound that is designated or has the capability to: (1) contaminate, corrupt, consume, damage, destroy, disrupt, modify, record, or transmit; or (2) cause to be contaminated, corrupted, consumed, damaged, destroyed, disrupted, modified, recorded, or transmitted, any other data, information, image, program, signal, or sound contained in a computer, system, or network without the knowledge or consent of the person who owns the other data, information, image, program, signal, or sound or the computer, system, or network.

"Computer contaminant" includes, without limitation:

(1) a virus, worm, or Trojan horse; (2) spyware that tracks computer activity and is capable of recording and transmitting such information to third parties; or (3) any other similar data, information, image, program, signal, or sound that is designed or has the capability to prevent, impede, delay, or disrupt the normal operation or use of any component, device, equipment, system, or network.

"Data" means a representation in any form of

information, knowledge, facts, concepts, or instructions which is being prepared or has been formally prepared and is intended to be processed, is being processed or has been processed in a system or network.

"Encryption" means the use of any protective or

disruptive measure, including, without limitation, cryptography, enciphering, encoding, or a computer contaminant, to: (1) prevent, impede, delay, or disrupt access to any data, information, image, program, signal, or sound; (2) cause or make any data, information, image, program, signal, or sound unintelligible or unusable; or (3) prevent, impede, delay, or disrupt the normal operation or use of any component, device, equipment, system, or network.

"Network" means a set of related, remotely connected

devices and facilities, including more than one system, with the capability to transmit data among any of the devices and facilities. The term includes, without limitation, a local, regional, or global computer network.

"Program" means an ordered set of data representing

coded instructions or statements which can be executed by a computer and cause the computer to perform one or more tasks.

"System" means a set of related equipment, whether or

not connected, which is used with or for a computer.

(b) A person shall not knowingly use or attempt to use

encryption, directly or indirectly, to:

(1) commit, facilitate, further, or promote any

criminal offense;

(2) aid, assist, or encourage another person to

commit any criminal offense;

(3) conceal evidence of the commission of any

criminal offense; or

(4) conceal or protect the identity of a person who

has committed any criminal offense.

(c) Telecommunications carriers and information service providers are not liable under this Section, except for willful and wanton misconduct, for providing encryption services used by others in violation of this Section.     (d) Sentence. A person who violates this Section is

guilty of a Class A misdemeanor, unless the encryption was used or attempted to be used to commit an offense for which a greater penalty is provided by law. If the encryption was used or attempted to be used to commit an offense for which a greater penalty is provided by law, the person shall be punished as prescribed by law for that offense.

(e) A person who violates this Section commits a criminal

offense that is separate and distinct from any other criminal offense and may be prosecuted and convicted under this Section whether or not the person or any other person is or has been prosecuted or convicted for any other criminal offense arising out of the same facts as the violation of this Section.

(Source: P.A. 95‑942, eff. 1‑1‑09.)

    (720 ILCS 5/16D‑6) (from Ch. 38, par. 16D‑6)
    Sec. 16D‑6. Forfeiture of property. Any person who commits the offense of computer fraud as set forth in Section 16D‑5 is subject to the property forfeiture provisions set forth in Article 124B of the Code of Criminal Procedure of 1963.
(Source: P.A. 96‑712, eff. 1‑1‑10.)

(720 ILCS 5/16D‑7) (from Ch. 38, par. 16D‑7)     Sec. 16D‑7. Rebuttable Presumption ‑ without authority. In the event that a person accesses or causes to be accessed a computer, which access requires a confidential or proprietary code which has not been issued to or authorized for use by that person, a rebuttable presumption exists that the computer was accessed without the authorization of its owner or in excess of the authority granted. (Source: P.A. 85‑926.)