News

/ Update of Law on Computer Crimes should be a Priority to Protect Citizens

13 January, 2021

Fourteen massive cyber-attacks have made headlines in the last five years. We hope the Law on Computer Crimes will be enacted soon to effectively protect citizens, prevent cyber-attacks on large institutions and comply with the Budapest Convention

José Silva

Associate Attorney

 

We live in an era where practically everything is digital. We deposit our information (passwords, accounts, images, videos, correspondence and much more) in computer systems and software that are not infallible.

In the last five years, fourteen massive cyber-attacks on banks, ministries and police have become public knowledge. The last major attack was on BancoEstado in September 2020. The banking institution was paralyzed as a result of malware.

In Chile there is no effective and up-to-date law to protect our personal data correctly against possible computer crimes. Since October 2018, a bill has been before the National Congress to update our regulations on cyber-crime, but we have yet to see any progress from our legislators. The Chilean legislative agenda has taken a 180° turn due to the recent political and social events. Priority has been given to issues related to the constitutional process and the implementation of health measures to combat the COVID-19 pandemic. It was only after the cyber-attack on BancoEstado that priority was given to the aforementioned bill, through the urgency of immediate discussion.

An update in the legislation is urgently needed. First, because Chile made a commitment by signing the Budapest agreement in 2003, and is still in debt. Secondly, because BancoEstado is not the first victim of a cyber-attack of this magnitude (remember the cyber-attack on Banco de Chile two years ago, for example). Thirdly, because the main people affected by the delay of these laws are the citizens themselves.

The bill alone will not solve the problems already mentioned, because most computer crimes are the result of human error. Therefore, it is important to accompany the legislation with civic education on matters related to technology and information risks and how to reduce them, compliance models and information security management systems.

For more details, review the legislative process.