Iran’s Legislative Criminal Policy on Cyber Espionage

Abstract

Cyber espionage is one of the most prevalent cyber activities. In a simple interpretation and at first glance, cyber espionage appears to be the same as traditional espionage, merely occurring in cyberspace. From this perspective, cyber espionage does not warrant separate recognition, as it inherently falls within the broader framework of espionage. Although this claim may seem valid, it must be acknowledged that cyber espionage is presumed to be novel and distinct from traditional espionage. Therefore, an entity possessing the dual characteristics of novelty (relative to the physical environment) and differentiation (from espionage itself) necessitates separate recognition. The present study is applied in nature and employs a descriptive-analytical method. Data collection was conducted through library research, analyzing books, articles, documents, and codified sources. The findings indicate that the Electronic Commerce Law does not account for instances in which trade secret espionage threatens national security and harms national interests. Therefore, in the modern form of espionage, trade secrets must be distinguished accordingly. In cases where the subject of the crime constitutes both a trade secret and classified data, thereby jeopardizing national security and national interests, prosecution is exclusively governed by the Computer Crimes Law. However, if the perpetrator’s act solely involves trade secrets without endangering national security or national interests, it falls under Article 75 of the Electronic Commerce Law and is punishable accordingly. Consequently, traditional methods of detection, prosecution, investigation, and prevention are no longer effective for addressing this crime. The development and coordination of countermeasures against cyber espionage require tools and expertise commensurate with the offenders operating in this domain.