Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Is there a statutory obligation to report cybercrime

  • 21-10-2020 8:24am
    #1
    Registered Users, Registered Users 2 Posts: 1,775 ✭✭✭


    If an individual witnesses a cybercrime offence as defined under "Criminal Justice (Offences Relating to Information Systems) Act 2017" is there any obligation to report said offence to the Garda?


Comments

  • Registered Users, Registered Users 2 Posts: 26,998 ✭✭✭✭Peregrinus


    There is no general requirement to report crime to the guards in Ireland. There are mandatory reporting obligations for certain classes of people for certain offences, but if the case doesn't come within those, there's no public legal obligation to report it.


  • Registered Users, Registered Users 2 Posts: 5,148 ✭✭✭rom


    If it is a data breach for example then under GDPR then yes.


  • Registered Users, Registered Users 2 Posts: 26,998 ✭✭✭✭Peregrinus


    rom wrote: »
    If it is a data breach for example then under GDPR then yes.
    Does GDPR impose a mandatory reporting obligation on anyone who witnesses a data breach?


  • Registered Users, Registered Users 2 Posts: 40,638 ✭✭✭✭ohnonotgmail


    Peregrinus wrote: »
    Does GDPR impose a mandatory reporting obligation on anyone who witnesses a data breach?

    not on anybody that witnesses a breach but it does impose a reporting obligation on the data controller

    https://www.dataprotection.ie/en/organisations/know-your-obligations/breach-notification


  • Registered Users, Registered Users 2 Posts: 7,806 ✭✭✭GerardKeating


    not on anybody that witnesses a breach but it does impose a reporting obligation on the data controller

    If the "witness" benefited (directly or indirectly) from the data breach, would that make a difference ?


  • Advertisement
  • Posts: 2,827 ✭✭✭ [Deleted User]


    Doesn't seem to be policed enthusiastically by the Data Commissioner based on what was reported about one Irish Bookmaker in an incident from a few years ago.


  • Registered Users, Registered Users 2 Posts: 40,638 ✭✭✭✭ohnonotgmail


    If the "witness" benefited (directly or indirectly) from the data breach, would that make a difference ?

    I dont see why. they are not data controllers. the obligation is on data controllers. I have another persons data sent me regularly because they keep using my email address by mistake. there is no obligation on me to report that to anybody.


  • Registered Users, Registered Users 2 Posts: 26,998 ✭✭✭✭Peregrinus


    If the "witness" benefited (directly or indirectly) from the data breach, would that make a difference ?
    There's no general obligation to report a crime, and this is so even if you yourself are the criminal, or if you benefitted in some way from the crime. And I'm not aware that there's any special rules which would make the position different if the crime happens to be a data breach.

    Separately, if someone benefits from a crime then you might want to look very closely at the detailed facts of the case, since it's possible that they might show there's a case to be made that the person is guilty of aiding and abetting, or conspiracy. The fact that the person benefits doesn't itself prove this, or come anywhere near proving it, but it may at least suggest the possibility, which could be worth investigating.

    If someobody is aware of a crime but didn't report it or take any other action in relation to to it, that might help to build a case that they were complicit in the crime - maybe they didn't report it because they were part of the group that perpetrated it. On the other hand, maybe there was some other reason - e.g. maybe they didn't report it because they were afraid they would lose their job, or damage their relationship with their employer, or because the perpetrator was their friend and they didn't want to see him get into trouble.

    Tl;dr: Non-reporting of a crime from which you have benefitted is not an offence. And, while it might give rise to a suspicion that you were complicit in the crime, or guilty of conspiracy or aiding and abetting, it's not evidence that you were.


Advertisement