638:16 Computer Crime; Definitions. – For the purpose of this subdivision:

I. "Access" means to instruct, communicate with, store data in, retrieve data from, intercept data from, or otherwise make use of any computer, computer network, computer program, computer software, computer data, or other computer resources.

II. "Authorization" means the express or implied consent given by a person to another to access or use said person's computer, computer network, computer program, computer software, password, identifying code, or personal identification number.

III. "Computer" means an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communication facility directly related to or operating in conjunction with such device. The term "computer" includes any connected or directly-related device, equipment, or facility which enables the computer to store, retrieve, or communicate computer programs, computer data, or the results of computer operations to or from a person, another computer, or another device, but such term does not include an automated typewriter or typesetter, a portable hand-held calculator, or other similar device.

IV.

"Computer contaminant" means any set of computer instructions that are designed to modify, damage, destroy, record, or transmit information within a computer, computer system, or computer network without the authorization of the owner of the information. They include, but are not limited to, a group of computer instructions commonly called viruses or worms, that are self-replicating or self-propagating and are designed to contaminate other computer programs or computer data, consume computer resources, modify, destroy, record, or transmit data, or in some other fashion usurp the normal operation of the computer, computer program, computer operations, computer services, or computer network.

V.

"Computer data" means any representation of knowledge, facts, concepts, instruction, or other information computed, classified, processed, transmitted, received, retrieved, originated, stored, manifested, measured, detected, recorded, reproduced, handled, or utilized by a computer, computer network, computer program, or computer software, and may be in any medium, including, but not limited to, computer print-outs, microfilm, microfiche, magnetic storage media, optical storage media, punch paper tape, or punch cards, or it may be stored internally in read-only memory or random access memory of a computer or any other peripheral device.

VI. "Computer network" means a set of connected devices and communication facilities, including more than one computer, with the capability to transmit computer data among them through such communication facilities.

VII. "Computer operations" means arithmetic, logical, storage, display, monitoring, or retrieval functions or any combination thereof, and includes, but is not limited to, communication with, storage of data in or to, or retrieval of data from any device and the human manual manipulation of electronic magnetic impulses. A "computer operation" for a particular computer shall also mean any function for which that computer was designed.

VIII. "Computer program" means an ordered set of computer data representing instructions or statements, in a form readable by a computer, which controls, directs, or otherwise influences the functioning of a computer or computer network.

IX.

"Computer software" means one or more computer programs, existing in any form, or any associated operational procedures, manuals, or other documentation.

X.

"Computer services" means computer access time, computer data processing, or computer data storage, and the computer data processed or stored in connection therewith.

XI. "Computer supplies" means punch cards, paper tape, magnetic tape, magnetic disks or diskettes, optical disks or diskettes, disk or diskette packs, paper, microfilm, and any other tangible input, output, or storage medium used in connection with a computer, computer network, computer data, computer software, or computer program.

XII. "Computer resources" includes, but is not limited to, information retrieval, computer data processing, transmission and storage, and any other functions performed, in whole or in part, by the use of a computer, computer network, computer software, or computer program.

XIII. "Financial instrument" includes, but is not limited to, any check, draft, warrant, money order, note, certificate of deposit, letter of credit, bill of exchange, credit or debit card, transaction authorization mechanism, marketable security, or any computerized representation thereof.

XIV. "Owner" means any person who owns or leases or is a licensee of a computer, computer network, computer data, computer program, computer software, computer resources, or computer supplies.

XV. "Person" means any natural person, general partnership, limited partnership, trust, association, corporation, joint venture, or any state, county, or municipal government and any subdivision, branch, department, or agency thereof.

XVI. "Property" includes:

(a)

Real property;

(b)

Computers and computer networks;

(c)

Financial instruments, computer data, computer programs, computer software and all other personal property regardless of whether they are:

(1)

Tangible or intangible;

(2)

In a format readable by humans or by a computer;

(3)

In transit between computers or within a computer network or between any devices which comprise a computer; or

(4)

Located on any paper or in any device on which it is stored by a computer or by a human; and

(d) Computer services.

Source. 1985, 139:1, eff. Jan. 1, 1986. 2002, 261:1, eff. Jan. 1, 2003.

638:17 Computer Related Offenses. –

I. A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:

(a)

The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to

access; or

(b)

The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or

(c)

The person reasonably could not have known that his or her access was unauthorized.

II. A person is guilty of the computer crime of theft of computer services when he or she knowingly accesses or causes to be accessed or otherwise uses or causes to be used a computer or computer network with the purpose of obtaining unauthorized computer services.

III. A person is guilty of the computer crime of interruption of computer services when the person, without authorization, knowingly or recklessly disrupts or degrades or causes the disruption or degradation of computer services or denies or causes the denial of computer services to an authorized user of a computer or computer network.

IV. A person is guilty of the computer crime of misuse of computer or computer network information when:

(a)

As a result of his or her accessing or causing to be accessed a computer or computer network, the person knowingly makes or causes to be made an unauthorized display, use, disclosure, or copy, in any form, of data residing in, communicated by, or produced by a computer or computer network; or

(b) The person knowingly or recklessly and without authorization:

(1)

Alters, deletes, tampers with, damages, destroys, or takes data intended for use by a computer or computer network, whether residing within or external to a computer or computer network; or

(2) Intercepts or adds to data residing within a computer or computer network; or

(c)

The person knowingly receives or retains data obtained in violation of subparagraph (a) or (b) of this paragraph; or

(d)

The person knowingly uses or discloses any data he or she knows or believes was obtained in violation of subparagraph (a) or (b) of this paragraph.

V.

A person is guilty of the computer crime of destruction of computer equipment when he or she, without authorization, knowingly or recklessly tampers with, takes, transfers, conceals, alters, damages, or destroys any equipment used in a computer or computer network, or knowingly or recklessly causes any of the foregoing to occur.

VI. A person is guilty of the computer crime of computer contamination if such person knowingly introduces, or causes to be introduced, a computer contaminant into any computer, computer program, or computer network which results in a loss of property or computer services.

Source. 1985, 139:1, eff. Jan. 1, 1986. 2002, 261:2, eff. Jan. 1, 2003.

638:18 Computer Crime Penalties. –

I. Computer crime constitutes a class A felony if the damage to or the value of the property or computer services exceeds $1,000.

II. Computer crime constitutes a class B felony if:

(a)

The damage to or the value of the property or computer services exceeds $500; or

(b)

The person recklessly engages in conduct which creates a risk of serious physical

injury to another person.

III. Computer crime is a misdemeanor if the damage to or the value of the property or computer services, if any, is $500 or less.

IV. If a person has gained money, property, or services or other consideration through the commission of any offense under RSA 638:17, upon conviction thereof, the court, in addition to any sentence of imprisonment or other form of sentence authorized by RSA 651, may, in lieu of imposing a fine, sentence the defendant to pay an amount, fixed by the court, not to exceed double the amount of the defendant's gain from the commission of such offense. In such case, the court shall make a finding as to the amount of the defendant's gain from the offense and, if the record does not contain sufficient evidence to support such finding, the court may conduct a hearing upon the issue. For the purpose of this section, "gain" means the amount of money or the value of property or computer services or other consideration derived.

V. For the purposes of this section:

(a) The value of property or computer services shall be:

(1)

The market value of the property or computer services at the time of the violation; or

(2)

If the property or computer services are unrecoverable, damaged, or destroyed as a result of a violation of RSA 638:17 the cost of reproducing or replacing the property or computer services at the time of the violation.

(b)

Amounts included in violations of RSA 638:17 committed pursuant to one scheme or course of conduct, whether from the same person or several persons, may be aggregated in determining the grade of the offense.

(c)

When the value of the property or computer services or damage thereto cannot be satisfactorily ascertained, the value shall be deemed to be $250.

Source. 1985, 139:1, eff. Jan. 1, 1986.

638:19 Venue. –

I. In any prosecution for a violation of RSA 638:17 the offense shall be deemed to have been committed in the town in which the act occurred or in which the computer system or part thereof involved in the violation was located.

II. In any prosecution for a violation of RSA 638:17 based upon more than one act in violation thereof, the offense shall be deemed to have been committed in any of the towns in which any of the acts occurred or in which a computer system or part thereof involved in a violation was located.

III. If any act performed in furtherance of the offenses prohibited by RSA 638:17 occurs in this state or if any computer system or part thereof accessed in violation of RSA

638:17 is located in this state, the offense shall be deemed to have occurred in this state.

Source. 1985, 139:1, eff. Jan. 1, 1986.