In a case where the Defendants were indicted on charges of violating the former Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (Violation of Information and Communications Network Utilization and Information Protection, etc.) on the grounds that the Defendants: (a) sent or disseminated malicious programs that could interfere with the operation of information and communications systems, etc. by automatically registering multiple automatic programs developed by them through the Internet sites for the sale of advertising-related automatic programs, namely, NAV and the following images; (b) extracted the IDs of NABC members; (c) searched NA users; and (d) sold programs that have functions such as automatic messages or comments and sending messages and comments by searching NAV users; and (e) distributed or disseminated malicious programs that could cause interference with the operation of information and communications systems, etc

In a case where Defendants were indicted on charges of violating the former Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (amended by Act No. 14080, Mar. 22, 2016; hereinafter “former Information and Communications Network Act”), on the ground that they: (a) purchased multiple automatic programs developed by them through the Internet site, namely, NAVV and the following images; (b) extracted IDs of NAVER members; or (c) sold programs with functions such as automatic messages or comments by searching NAV users; and (d) delivered or spread malicious programs that may interfere with the operation of information and communications systems, etc.; and (e) sent or spread of such programs to 4 times or more to the above online network; and (e) it is difficult for the Defendants to reverse the judgment of the court below to acknowledge that the Defendants purchased the above programs to the extent that they do not have any influence on the server’s use of such programs by installing them in their own computer or repeatedly registering them in a large amount of information and communications system; and (e) it is difficult to use the pertinent server’s or other information and communications systems.

Articles 2(1)7, 44-7(1)4 and (2), 48, 50-8, and 71 subparag. 9 (see current Article 70-2), 10 (see current Article 71(1)10), 72(1)1 (see current Article 71(1)9), 73 subparag. 5, and 74(1)6 of the former Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (Amended by Act No. 14080, Mar. 2, 2016); Article 48, 70-2, Article 71 subparag. 9 (see current Article 70-2), Article 71 subparag. 10 (see current Article 71(1)1, Article 73 subparag. 5, and Article 74(1)3 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (Amended by Act No. 14080, Mar. 22, 2016); Article 212 subparag.

Defendant 1 and one other

Defendant 2 and Prosecutor

Manman et al. and one other

Law Firm Min-Post, Attorneys Kim Gyeong-hwan et al.

Suwon District Court Decision 2014Gohap1876 decided January 13, 2017

The judgment of the court below is reversed.

Defendants are not guilty.

The summary of this decision shall be published.

1. Summary of grounds for appeal;

A. Defendant 2

(1) Legal principles or mistake of facts

Article 71 Subparag. 9 and Article 48(2) of the former Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (amended by Act No. 14080, Mar. 22, 2016; hereinafter “Information and Communications Network Act”) refer to a program that damages, destroys, alters, forges, or obstructs operation of an information and communications system itself, such as an information and communications system installed and operated against the user’s will, such as an information and communications system installed and operated by the relevant program. Of them, interference with operation refers to a program that obstructs the use of the relevant information and communications system, data, and program’s function, and ② communication or dissemination of a malicious program refers to an act of inserting it into the relevant information and communications system, etc.

However, the programs sold by the Defendants are ① installed at the user’s will to damage, destroy, modify, forge, or interfere with the operation of the user’s data or programs themselves, and even if a certain traffic increase in the portal site server such as NAV, etc. due to the above program, it cannot be said to interfere with the use of information and communications systems such as NAV, etc., and thus, it does not constitute a malicious program as provided in the above legal provision, and ② the sale of such programs does not constitute “delivery or distribution” as provided in the above legal provision.

(2) Unreasonable sentencing

The sentence of the lower court (the fine of KRW 20 million and the confiscation) is too unreasonable.

B. The public prosecutor (as to all the defendants)

The sentence of the lower court (Defendant 1: fine of KRW 8 million and confiscation, Defendant 2: fine of KRW 20 million and confiscation) is too uneased and unreasonable.

2. Summary of the facts charged

No one shall transmit or spread any program (hereinafter referred to as "malicious program") that may damage, destroy, alter, or forge an information and communications system, data, program, etc., or interfere with the operation thereof without a justifiable ground.

A. Defendant 2’s sole criminal conduct

The Defendant joined the automatic program sales Internet brokerage site for advertising ○○○○○○ (Internet address 1 omitted) and tried to sell the automatic program developed by himself through the above ○○○○○○○ website.

(1) The Defendant: (1) from August 25 to October 1, 2013, up to 10, up to 201, up to 10, up to 10, up to 10, up to 10, up to 10, up to 10, up to 10, up to 100, up to 1:6: (1) the 6) the 1) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c (i) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c) the c (i) the c) the c) the c) the c) the c) the c) the c) the c) the c (i) the c) the c) the c.

On the other hand, the buyers of the aforementioned automatic program repeatedly send large volume of messages to others using various functions of each program (such as car page, blograph, and writing automatic visits and writing) or repeatedly register (car page, blograph, knowledge) the same contents. This act is a repeated request (blouse search and access request, writing request, specific car page connection request, and URL union request) for a specific work in short time through a repeated request (blouse search and access request, writing request, specific car page connection request, etc.) to send a large amount of damages through the information and communication system (information and communication system). These actions are repeated and repeated, which make it impossible to respond to such a request and continue to work (e.g., preparation of comments/written answers, automatic page request, etc.). This act becomes an attack through multiple means of attack (information and communication system) and operation of a specific website (information and communication network) through the distribution of information and communication network (information and communication network).

As a result, the defendant has damaged, destroyed, altered, forged, or distributed malicious programs that could interfere with operation of an information and communications system, data, program, etc. without justifiable grounds.

B. The Defendants’ co-principal

The Defendants sold the automatic marketing program through the Internet site and consulted to divide the profits therefrom, and Defendant 2 was in charge of the work of developing the program (production and business) and Defendant 1 decided to take charge of the operation of the Internet site and the sale of the program.

(6) From June 2012 to October 2, 2013, the Defendants: (3) have opened △△△ (Internet Address 2 omitted); (16) have been developed by Defendant 2 using a computer installed therein (Program Name 17 omitted); (18) have been automatic visit/book 18 (Account Name 19 omitted); (2) have been omitted on the 3) have been automatic telephone search programs using 4); (3) have been automatic telephone search programs using the name of 6) have been omitted; (3) have been automatic telephone search programs using the name of 3) have been omitted; (4) have been automatic telephone search programs using 2) have been omitted; (2) have been automatic telephone search programs using the name of 3) have been omitted; (3) have been automatic telephone search programs using the name of 4) have been omitted; (2) have been omitted; (3) have been automatic telephone search programs using the name of 2) have been omitted; and (3) have been omitted.

On the other hand, the above automatic program buyers collect another person's ID through various functions of each program (i.e., automatic extraction, sending of page 1D automatic messages, bl. Bl. E., automatic writing, knowledge-based automatic visits, automatic car page visits and writing, etc.) and send a draft book in large volume or repeatedly register (cl.e., camera, bl.) a large volume of comments with the same contents. This is a repeated request (bl.e., online search and access request, writing request, page access request for ID extraction, request for specific car page connection, request for access, request for access by URL association, and request for access to account c.m.) to make it impossible for us to send or respond to such request through multiple instructions such as automatic information communication systems, and continuing to attach or respond to such requests, such as automatic data server(s) and information communication systems(s) to make it impossible to send or respond to such requests, including multiple requests, to make multiple requests to use the server(s) and to respond to such requests.

As a result, the Defendants conspired to damage, destroy, modify, forge, or interrupt the operation of an information and communications system, data, program, etc. without any justifiable reason, and delivered or spread a malicious program that may interfere with the operation thereof.

3. The judgment of the court below

① The lower court convicted the Defendants on the grounds that the program that the Defendants circulated (hereinafter “instant program”) is not a method used by ordinary users, but a program that creates a large amount of information and communications system within a short time, i.e., a program that makes it possible for them to use the said program; ② even if the aforementioned program cannot be operated by remote control, it may cause considerable loss to the network when the users of the said program use the program simultaneously and repeatedly; ③ the above program, including the program on the one hand, may cause a large quantity of advertising messages, and also cause damage to the users.

4. Judgment of the court below

A. Facts of recognition

According to the evidence duly admitted and duly examined by the court below, the program of this case has functioned as automatic registration of NAV and the following portal sites, such as NAV, or as automatically collecting NAVC users, or as automatically searching NAV users and sending messages or comments, and sending them to them. The buyer who purchased the program of this case uses them in mass or repeatedly sending to others or repeatedly registering the same writing on his own computer. During that process, the server sent a large amount of NAV and required server servers to respond to such a request through repeated requests for specific work, and the server requires servers to respond to this request. It can be acknowledged that the same work is less than 5 times if a person normally performs the work, and more than 50 times more than 50 times more than 10 times more than 50 times more than 50 times more than 50 times more.

B. Defendant 2’s assertion of mistake of facts and ex officio determination of Defendant 1

(i)The subject and the meaning of interference with operation;

① Article 2(1)7 of the Information and Communications Network Act defines “influence caused by an attack on an information and communications network or an information system related thereto by means of hacking, computer virus, logic bomb, mail bomb, denial of service, high-power electromagnetic wave, etc.” As regards “influence”, “computer” under Article 48(1) of the Information and Communications Network Act and “computer, logic bomb, mail bomb,” and “in Article 48(2) of the Information and Communications Network Act,” and “influence or high-powered electromagnetic wave” are responding to Article 48(3). Moreover, in cases falling under Article 48 of the Information and Communications Network Act, both of the provisions corresponding to Article 21-4 subparag. 2 of the Electronic Financial Transactions Act, Article 12 subparag. 2 of the Information and Communications Network Protection Act, and Article 29 subparag. 3 of the Act on the Construction and Promotion of Utilization of Smart grids, etc. are prohibited from entering the relevant electronic financial infrastructure, critical information and communications infrastructure,”

However, Article 48(2) of the Information and Communications Network Act defines malicious programs as “a program that may damage, destroy, alter, or forge an information and communications system, data, program, etc., or interfere with its operation,” and does not limit the case where the malicious program concerned damages, destroys, alters, forges the subject matter of information and communications system, etc., or obstructs its operation. Rather, it is similar to the instant program in that it operates a malicious program in a way that may interfere with information and communications services, such as the relevant server, by sending a large volume of mail, inasmuch as it is evident that it is a malicious program under Articles 2(1)7 and 48(2) of the Information and Communications Network Act.

In addition, Article 21-4 subparag. 2 of the Electronic Financial Transactions Act, Article 12 subparag. 2 of the Information and Communications Network Act, and Article 29 subparag. 3 of the Act on the Establishment and Promotion of Utilization of Smart grids regulates the act of inserting computer viruses, etc. into protection facilities or networks for any purpose. Article 48(2) of the Information and Communications Network Act regulates the act of transmitting or spreading malicious programs, and the subject or type of regulation differs from the above Act.

② Since the technical limitation exists to prevent an actual act of intrusion into an information and communications network or an act of causing trouble to the information and communications system using malicious programs, there is a great need to prohibit the distribution of malicious programs used for such act. Article 48(2) of the Information and Communications Network Act may include not only the act of inserting malicious programs into the information and communications system but also the act of distributing such programs by not limiting the distribution and distribution to the relevant information and communications system.

As alleged by Defendant 2’s defense counsel, even if the instant program includes “information that damages, destroys, alters, forges, or obstructs the operation of an information and communications system, data, program, etc. without any justifiable reason,” which prohibits the distribution of such information under Article 44-7(1)4 of the Information and Communications Network Act, the Korea Communications Commission may order the provider of information and communications services or the manager and operator of the bulletin board where the pertinent information is distributed pursuant to Article 44-7(2) of the Information and Communications Network Act to refuse, suspend, or restrict the management thereof, and may punish the said provider of information and communications services pursuant to Article 73 of the Information and Communications Network Act if the pertinent order is violated, and there is a need to punish the offender who distributed the pertinent information separately. Thus, even if the instant program is included in “information” under Article 44-7(1)4 of the Information and Communications Network Act, the instant act does not interfere with the rate under Articles 71 subparag. 9 and 48(2) of the Information and Communications Network Act.

In addition, Article 48(1) and (3) of the Information and Communications Network Act provides that a program used to intrude into, or cause trouble to, an information and communications network in accordance with the method prescribed by Article 48(2) of the same Act may be included in a malicious program prescribed by Article 48(2). The Act on Information and Communications Network, amended by Act No. 14080, March 22, 2016, provides that a person who violates Article 48(2) shall be punished by imprisonment for not more than seven years or by a fine not exceeding 70 million won (Article 70-2), imprisonment for not more than five years, or by a fine not exceeding 50 million won (Article 71(1)9 and 10 million won) (Article 71(2)). However, the act prohibited under Article 78(2) includes not only malicious programs used for the acts under Article 18(3) but also mass acts. Thus, it cannot be readily concluded that the act of selling malicious programs is unfair as a defense counsel under Article 48(2).

③ Therefore, Defendant 2’s assertion on this part is without merit.

(2) Whether a program is likely to interfere with operation

① As seen earlier, the instant program does not make any request beyond the function of the information and communications system, such as the server operated by NAVs, and does not repeat the act of preparing comments and sending pages automatically at a higher speed instead of a request that is ordinarily performed by a person. In that process, the instant program may cause a higher level than ordinary cases in the pertinent information and communications system. However, in light of the fact that Article 48(3) of the Information and Communications Network Act separately regulates the act of causing trouble to the information and communications network by sending “large signal or data” under Article 48(3) of the Information and Communications Network Act, it is difficult to deem that the instant program constitutes a program that can interfere with the operation of the pertinent information and communications system solely on the ground that it causes a higher level of malfunction

However, if an information and communications system is unable to perform physical functions or causes risks that may interfere with the performance of its functions to the extent that it is equivalent to the damage, destruction, change, or violation of the information and communications system in question, it may be deemed that it constitutes “influence of operation”.

② As to whether the instant program causes risks to interference with operation in the information and communications system such as NAV, etc., it should be determined in principle according to the operation method, principle, and function of the individual program itself. However, if the instant program is used, the number of single-day visitors (at least 10 million persons in the case of NAV) on the portal site, such as NAV, would not have a significant impact on the server of the instant portal site. In addition, the instant program would have been used simultaneously to a considerable extent. It does not seem that serious obstacles, such as the spread of servers such as NAV, etc., are not likely to occur if there are considerable obstacles to the use of the instant program (see, e.g., Supreme Court Decision 200Du12488, Apr. 2, 2008).

Ultimately, in light of the function and operating method of the instant program as seen earlier and the impact on the portal site, etc., it is insufficient to recognize that the instant program constituted a program that could interfere with the operation of the instant program to the extent corresponding to the damage, destruction, modification, or the damage to the information and communications system, including NAV, only the evidence submitted by the prosecutor (in addition to the increase of the server load, a large amount of advertisement mail, etc. using the instant program is sent out, and there is a lot of problems arising therefrom. However, there is a separate legal provision regulating the instant program (Article 74(1)6, and Article 50-8 of the Information and Communications Network Act). Also, according to the data submitted by Defendant 2 by the defense counsel, there seems to have been discussions on the introduction of a new penal provision regarding the provision and use of the automated program such as NAV program

③ Therefore, Defendant 2’s assertion on this part is with merit, and the judgment of the court below against the Defendants is erroneous in the misapprehension of facts as to this, which affected the conclusion.

5. Conclusion

Therefore, Defendant 2’s appeal is well-grounded, and the judgment of the court below against Defendant 1 is reversed pursuant to Article 364(2) and (6) of the Criminal Procedure Act, and the judgment below is reversed and it is decided as follows through pleading.

The summary of the facts charged in this case is as stated in paragraph (2). This constitutes a case where there is no proof of facts constituting a crime as seen in paragraph (4) and thus, a not-guilty verdict is rendered against the Defendants pursuant to the latter part of Article 325 of the Criminal Procedure Act, and the summary thereof is announced in accordance with the main

Judges Choi Sung-ro (Presiding Judge)

2. No one shall commit any act falling under any of the following subparagraphs with the aim of destroying data on electronic financial infrastructure or interfering with the operation of electronic financial infrastructure; 2. No one shall commit any act falling under any of the following subparagraphs:

2) The penal provision of the Information and Communications Network Act prior to the foregoing amendment requires imprisonment for not more than five years in the case of a violation of paragraphs (2) and (3) or a fine not exceeding 50 million won in the case of a violation of paragraph (1) or a fine not exceeding 30 million won in the case of a violation of paragraph (1). Unlike the current law, the statutory penalty for a violation of paragraphs (2) and (3) is as follows.