Questions of data protection law and cybercrime in Chile

Since e-commerce is growing fast in Latin American countries, these countries are steadily enacting legislation against cyber-crimes. There are innumerable types of cyber-crimes. The most currently and internationally prosecuted are, (i) Internet fraud (including businesses, auctions, merchants, securities, ect.); (ii) identity theft; (iii) hacking, data theft and destruction; (iv) child predation and pornography; (v) cyber-stalking; (vi) extortion and sabotage; and (vii) terrorism.

Both, international organizations and national governments are enacting legislation against specific types of cyber-crimes. For instance, some European countries have signed the Cyber-crime Convention, which addresses several Internet wrongdoings including intellectual property violations; the United States has enacted a great number of statutes typifying certain conducts as cyber-crimes offenses. Among them, we have the Digital Millennium Copyright, The Child Pornography Act, etc; the European Union published the Data Protection Directive as well as other Directives addressing Internet offenses.

Most of the domestic cyber-crime laws are crime-specific. Chile enacted a Data Protection law 19,223 in 1993. Following is a brief of the Data Protection Law in Chile.

Chile, as one of the most stable economies in Latin America, is rapidly entering the information technology age. Yet, big, middle, and small-size businesses, banks, and import/export companies are hesitant to effectuate online transactions. The major concern is privacy and security issues, and legal requirements for those transactions. The Chilean Government has enacted e-commerce and Internet legislation to maintain its international presence in the commercial sector. The Data Protection law of 1993 establishes the crimes against data contained in information technology systems, and crimes against those systems themselves.
How does Law 19,223 protect the information technology systems?
Under Law 19,223, it is a crime to maliciously destroy or make useless any information technology system or its components. It is also a crime to impede, create obstacles, or change the operation of information technology systems. An individual committing any of these actions would be sentenced to prison. If as a result of any of these actions the data contained in the system is lost, the maximum sentenced applies. It seems that the law is protecting the technology systems and creates an aggravation circumstance if the data is lost.
How does Law 19,223 protect the data contained in information technology systems?
Article 3rd states that maliciously destroying, damaging or altering the information or data contained in a technology system is a punishable crime. This article protects all type of data, personal, or any other data contained in technology systems. The available sentence for this crime is prison.
Does Law 19,223 address the issue of hacking and data theft?
Yes. Article 2nd says that whoever with the intention to improperly use, know, or make his, intercept, interfere or have access to the information contained in a technology system, commits a crime punishable with prison. The only state of mind required by this article is ‘the intention’ to use, know or make his, the data hacked. It does not matter whether the subject of the crime seeks economic gratification or it is only curiosity motivated.