SITTIG LAW Law Firm Blog

Delimitation of fraud Computer fraud

The distinction between fraud and computer fraud is central to investigations and defenses in digital criminal law. While fraud requires human deception, computer fraud is based on the manipulation of automated systems. The correct classification has a decisive influence on criminal liability, evidence and defense strategy.
Contents

The most important facts at a glance

Why the distinction between fraud and computer fraud is crucial

Are you or your company suspected of a financial crime in the digital environment? Is it unclear whether the accusation is fraud or computer fraud? The distinction between these two offenses is one of the most complex issues in modern commercial and cybercrime criminal law.

In the digitalized economic world, the boundaries between traditional fraud and computer fraud are becoming increasingly blurred. Whereas in the past a fraudster had to deceive his victim personally, modern technologies make it possible to damage assets without any human interaction. This development poses considerable challenges for investigating authorities, courts and defense lawyers when it comes to legal classification.

The correct demarcation is not an academic luxury, but has direct practical consequences for the accused. It influences the presentation of evidence, determines the defense strategy and can decide between conviction and acquittal in borderline cases. Particularly in the area of cybercrime and digital property crimes, new case constellations are constantly emerging in which the legal classification is controversial.

The legal basis: § 263 StGB and § 263a StGB

The classic fraud according to § 263 StGB

The fraud offense of Section 263 of the German Criminal Code (StGB) is one of the most important property offenses in German criminal law. It protects assets from damage caused by deception. The offense requires a clearly structured sequence of events: the deceptive act must cause a person to make a mistake, which then leads to a misappropriation of assets, which ultimately results in a financial loss.

The core characteristic of fraud is interpersonal communication. The perpetrator must deceive another person about facts, i.e. influence their perception of reality. This deception can take place through active action, for example by making false statements, or by omission if there is an obligation to provide information. The deceived person must make a financial transaction on the basis of the error, which causes damage to him or a third party.

Computer fraud according to § 263a StGB

While classic fraud requires a person to be deceived, Section 263a StGB covers cases in which financial losses are caused by unauthorized influence on data processing operations. The result of a data processing operation is influenced, which damages the assets of the person concerned or a third party.

The decisive difference to fraud is that no human error is required. The machine is not deceived, but used in accordance with the program or incorrectly. The perpetrator acts directly on the automated system without a human being being involved in the disposal process.

The relationship between the two facts

Fraud and computer fraud are fundamentally related to specialty. Computer fraud is the more specialized norm when it comes to damage to assets through the use of data processing systems. However, this does not mean that the offense of fraud has become meaningless in the digital world.

In practice, both offences can also be committed at the same time, for example if a perpetrator first deceives a person in order to obtain access data and then uses this to gain unauthorized access to a computer system. In this case, there is both completed fraud and computer fraud. The distinction is made according to whether the damage in the specific individual case is caused by human misconception or by automated data processing.

The decisive demarcation criteria in practice

The existence of a human misconception

The central demarcation criterion is the question of whether a human misconception is the cause of the financial loss. In the case of fraud, a person must be misled by the deception, which causes them to make a financial transaction. In computer fraud, on the other hand, the disposition is automated by the computer system without a human being developing a misconception.

The importance of automated decision-making processes

With increasing automation, the boundaries between the two are shifting. Today, many transactions are processed without human intervention. Online orders, bank transfers, booking processes - all of these are carried out by automated systems based on predefined rules.

The decisive factor is whether a human decision is still made in the individual case, which may be based on a misconception. If a payment is automatically approved because the system recognizes certain data as correct, there is no human error. The situation is different if an employee checks the automatically generated data again and approves the payment based on incorrect information.

Hybrid forms and borderline cases

In practice, there are numerous cases in which both human and automated elements play a role. The online retailer who checks an order but relies on automatically generated creditworthiness information. The bank employee who approves a bank transfer after the system has carried out certain plausibility checks. In such constellations, the allocation to one of the two facts can cause considerable difficulties.

If you are confronted with an accusation in this complex area, it is essential to obtain expert advice at an early stage. A precise legal classification can determine the success of your defense.

Practical recommendations for action for defendants and companies

Immediate measures in the event of suspicion or accusation

If you are confronted with an accusation of fraud or computer fraud, you need to act quickly and prudently. Initially, refrain from making any statements to the investigating authorities until you have sought legal advice. The right to remain silent is a fundamental right of every accused person and should be used consistently.

Immediately secure all relevant documents and data that could be important for your defense. This includes emails, chat histories, contract documents, logs of system accesses and all other documents that could shed light on the facts of the case. Make sure that this evidence is not lost or altered.

In the event of searches by the investigating authorities, you should make use of your right to consult a defense lawyer. If possible, draw up a record of what items and data were seized. Do not sign any seizure protocols or even declarations of consent without having discussed this with a defense lawyer.

Preventive measures for companies

Companies should design their IT systems and business processes in such a way that both fraud and computer fraud are made as difficult as possible. This includes technical protective measures such as access controls, encryption and monitoring systems, but also organizational measures such as the dual control principle for critical transactions and regular employee training.

Clear documentation of authorizations and responsibilities is essential. If it is clear who was authorized to do what, it is easier to determine whether there was unauthorized use in the event of damage. This serves both prevention and the preservation of evidence in the event of an emergency.

Checklist: How to proceed correctly in case of suspicion

For defendants:

  • Contact a lawyer specializing in criminal law immediately
  • Do not make any statements to investigating authorities without prior legal advice
  • Back up all relevant documents, emails and digital data
  • Document the facts of the case from your point of view in writing for your defense lawyer
  • Do not change any data or delete any information
  • Inform your defense lawyer immediately in the event of a search

For companies:

  • Contact the legal department and IT security immediately in the event of suspicious cases
  • Secure evidence through IT forensic measures
  • Clarify internal responsibilities and authorities
  • Create a timeline of suspicious processes
  • Check whether notification obligations exist
  • Avoid hasty internal measures that could have evidential value
  • Consult external advice before communicating with authorities

For the defense:

  • Precise analysis of whether fraud or computer fraud could be present
  • Examination of the evidence with regard to the subjective facts of the case
  • Investigation of technical details of the facts
  • Examination of causality between action and financial loss
  • Statute of limitations and criminal complaint requirements
  • Examination of early cessation options according to § 153a StPO

Precision in demarcation as an opportunity for defense

Distinguishing between fraud and computer fraud is one of the most challenging tasks in modern criminal law. Advancing digitalization is increasingly blurring the boundaries between human interaction and automated data processing. For defendants and companies, this means both challenges and opportunities.

A precise legal analysis of the facts of the case is the key to a successful defense. The difference between conviction and acquittal often lies in the correct classification of individual steps and the assessment of the technical sequence of events. Particularly in borderline cases, well-founded arguments on the problem of demarcation can be decisive.

The complexity of the matter requires both legal and technical expertise. As a law firm specializing in criminal law and IT law, we combine the necessary expertise to competently advise and defend you in this challenging area of law. We analyze your case, taking into account all technical and legal aspects, and develop a tailor-made defense strategy.

Do not hesitate to seek expert support at an early stage if you have suspicions or accusations. The earlier a well-founded defense is established, the better the chances of success. Contact us for an initial assessment of your case.

Frequently asked questions

In fraud under Section 263 StGB, a person is deceived about facts, which leads to a misconception on the basis of which they make a financial decision. By contrast, computer fraud under Section 263a StGB involves unauthorized access to a data processing system without deceiving a person.

Yes, fraud and computer fraud can exist side by side.

This depends on the circumstances. If the card is used at an ATM without human control, it is computer fraud. If, on the other hand, the card is used in a store where a sales clerk carries out or monitors the transaction, this may constitute fraud. The decisive factor is whether a person makes a financial transaction on the basis of the fictitious authorization.

Data use is unauthorized if it is not covered by the perpetrator's authorization. This can be the use of stolen access data, but also the exceeding of an existing authorization. The decisive factor is that the perpetrator uses the system contrary to its intended purpose and thereby causes financial loss.

No, the term data processing is to be understood broadly. It covers all automated systems that process data, including smartphones, ATMs, ticket machines, cash register systems and other electronic devices. The decisive factor is that automated data processing takes place that leads to the disposal of assets.

An online retailer can become a victim of computer fraud if perpetrators use their system without authorization. However, he himself can also be liable to prosecution if, for example, he uses customer data without authorization or manipulates his system in such a way that customers are charged inflated prices. Each case requires close legal scrutiny.

The distinction is primarily made on an objective level: was a person with a misconception involved or not? Fault is then relevant to the question of whether the perpetrator had intent, i.e. wanted to deceive or process data without authorization.

In the case of fraud, the public prosecutor must prove the subjective side of the deceived person - his misconception and its causality for the disposition. This is often difficult. In computer fraud, the focus is on technical evidence of system access and data flows. This can make it easier to provide evidence, but also offers starting points for technical defense arguments.

Contact a specialist criminal defence lawyer immediately and do not make any statements without legal advice. The correct legal classification and an early, well-founded defense strategy are crucial for success. Secure all relevant documents and data for your defense.

Hamburg location
Head office
Martinistrasse 11
20251 Hamburg
Phone: +49 (0) 40 808 125 550
Fax: +49 (0) 40 808 125 559
Kassel location
Branch office
Motzstrasse 1
34117 Kassel
Phone: +49 (0) 561 510 053 80
Fax: +49 (0) 561 510 053 99
Frankfurt location
Branch office
Oeder Weg 11
60318 Frankfurt am Main
Phone: +49 (0) 69 710 471 070
Fax: +49 (0) 69 710 471 079
SITTIG LAW
Lawyer.
Specialist lawyer for criminal law.
Specialist lawyer for IT law.

[email protected]
Hamburg location
Head office
Martinistr. 11
20251 Hamburg
Tel: +49 (0) 40 808 125 550
Fax: +49 (0) 40 808 125 559

Contact form