On January 22, 2021, the Supreme People’s Procuratorate issued the Provisions on the Handling of Cybercrime Cases by People’s Procuratorates (the “Provisions”). Consisting of a total of 7 chapters and 65 articles, the Provisions set out a whole process of regulatory requirements for the handling of cybercrimes, including the general provisions, guidance on evidence collection and case examination, digital data examination, court appearance in support of public prosecution, cross-region case handling cooperation, cross-border judicial assistance, and the supplemental provisions. This article summarizes the highlights of the Provisions as follows:
First, the scope of cybercrime is defined. The Provisions specifically provide for three kinds of cybercrime by combining their characteristics, namely crimes committed against information networks, crimes committed via information networks, and other upstream and downstream related crimes.
Second, an investigation guided evidence collection system is introduced. The Provisions stipulate the procedure for a people’s procuratorate to intervene in evidence collection guidance. To wit, a people’s procuratorate may timely intervene only after consulting the public security agency in the investigation of a major, difficult, and complex cybercrime case.
Third, the electronic data examination specification is highlighted, in which rules regarding the collection, extraction, preservation and perpetuation of electronic data are stipulated. Electronic data evidence collection methods include collection and extraction of data, their inspection and use in investigative experiments, as well as their verification and assessment. Collection and extraction of electronic data may be done through the seizure and sealing of the original storage media, on-site or online extraction of electronic data, freezing of electronic data, and retrieval of electronic data. The people’s procuratorate shall conduct a comprehensive review of electronic data based on the objectivity, legality and relevance requirements.
Fourth, two major principles to be followed in the handling of cybercrime are clarified. Article 9 of the Provisions state that cybercrime cases involving group crimes or a relatively large number of people shall be handled according to the principle of categorized treatment based on the actors’ objective conduct, the subjective malice, circumstances of the crime, the positions, and roles involved, among other factors, in terms of generally determining the extent of liability and the necessity of prosecution pursuing criminal liability. Article 10 of the Provisions stipulates that a people’s procuratorate handling cybercrime cases shall be dedicated to the recovery of stolen property and losses, proactively strengthen cooperation with relevant agencies, ensure the timely attachment, seizure and freezing of case-related property, block their movement through the chain of transfer, and urge case-related persons to make disgorgement.
The Provisions is a targeted and unified set of regulations that will effectively guide the procuratorial authorities on the handling of cybercrime cases.