Does any one know where I can get a copy of the Crimes Amendment Act #6 I need to know what the story is about sending bulk e-mail from the server as I have a client wanting to do so however need to know how they can legally do it. (ie by placing opt out at the bottom is that sufficient) also is e-mail covered under this act as an offence.
Check out www.legislation.govt.nz perhaps?
I've found the section by section nature of legislation.govt.nz not the greatest if you want to refer back and forth. At the end of this email, I copied the parts of the Act relating Crimes involving computers (which I guessing is the main part you want to look at). As part of the GSEC certification, I wrote a an essay with an overview of the Crimes Amendment Act (http://www.giac.org/practical/GSEC/Scott_Walsh_GSEC.pdf), not directly related to spam, but some of it may be useful (it's all personal option, so don't take it as legal advise). (I'll apology now for the typos in it.) Thanks Scott Walsh Service Implementation Specialist Integrated Technology Services (ITS) - Passionate about Winning IBM New Zealand Limited Level 2, 48 Greys Ave, P.O Box 6840, Wellesley Street, Auckland, New Zealand DDI: +64 9 359 4104 Fax: +64 9 309 3242 Mob: +64 21 307 763 LSC: 0800 802 729 Office: 0800 801 800 http://www.ibm.com/nz This email communication does not create or vary any contractual relationship between IBM and you. Internet communications are not secure and accordingly IBM does not accept any legal liability for the contents of this message. The contents of this email are confidential to the intended recipient at the email address to which it has been addressed. It may not be disclosed to or used by anyone other than this addressee, nor may it be copied in any way. If received in error, please contact IBM on the above switchboard number quoting the name of the sender and the addressee and then delete it from your system. Please note that neither IBM nor the sender accepts any responsibility for viruses. Crimes Amendment Act 2003, Sections 248-253 ``Crimes involving computers ``248. Interpretation- ``For the purposes of this section and sections 249 and 250,- ```access', in relation to any computer system, means instruct, communicate with, store data in, receive data from, or otherwise make use of any of the resources of the computer system ```computer system' - ``(a) means- ``(i) a computer; or ``(ii) 2 or more interconnected computers; or ``(iii) any communication links between computers or to remote terminals or another device; or ``(iv) 2 or more interconnected computers combined with any communication links between computers or to remote terminals or any other device; and ``(b) includes any part of the items described in paragraph (a) and all related input, output, processing, storage, software, or communication facilities, and stored data. ``249. Accessing computer system for dishonest purpose- ``(1) Every one is liable to imprisonment for a term not exceeding 7 years who, directly or indirectly, accesses any computer system and thereby, dishonestly or by deception, and without claim of right,- ``(a) obtains any property, privilege, service, pecuniary advantage, benefit, or valuable consideration; or ``(b) causes loss to any other person. ``(2) Every one is liable to imprisonment for a term not exceeding 5 years who, directly or indirectly, accesses any computer system with intent, dishonestly or by deception, and without claim of right,- ``(a) to obtain any property, privilege, service, pecuniary advantage, benefit, or valuable consideration; or ``(b) to cause loss to any other person. ``(3) In this section, `deception' has the same meaning as in section 240(2). ``250. Damaging or interfering with computer system- ``(1) Every one is liable to imprisonment for a term not exceeding 10 years who intentionally or recklessly destroys, damages, or alters any computer system if he or she knows or ought to know that danger to life is likely to result. ``(2) Every one is liable to imprisonment for a term not exceeding 7 years who intentionally or recklessly, and without authorisation, knowing that he or she is not authorised, or being reckless as to whether or not he or she is authorised,- ``(a) damages, deletes, modifies, or otherwise interferes with or impairs any data or software in any computer system; or ``(b) causes any data or software in any computer system to be damaged, deleted, modified, or otherwise interfered with or impaired; or ``(c) causes any computer system to- ``(i) fail; or ``(ii) deny service to any authorised users. ``251. Making, selling, or distributing or possessing software for committing crime- ``(1) Every one is liable to imprisonment for a term not exceeding 2 years who invites any other person to acquire from him or her, or offers or exposes for sale or supply to any other person, or agrees to sell or supply or sells or supplies to any other person, or has in his or her possession for the purpose of sale or supply to any other person, any software or other information that would enable another person to access a computer system without authorisation- ``(a) the sole or principal use of which he or she knows to be the commission of a crime; or ``(b) that he or she promotes as being useful for the commission of a crime (whether or not he or she also promotes it as being useful for any other purpose), knowing or being reckless as to whether it will be used for the commission of a crime. ``(2) Every one is liable to imprisonment for a term not exceeding 2 years who- ``(a) has in his or her possession any software or other information that would enable him or her to access a computer system without authorisation; and ``(b) intends to use that software or other information to commit a crime. Cf 1961 No 43 ss 216D(1), 229, 244 ``252. Accessing computer system without authorisation- ``(1) Every one is liable to imprisonment for a term not exceeding 2 years who intentionally accesses, directly or indirectly, any computer system without authorisation, knowing that he or she is not authorised to access that computer system, or being reckless as to whether or not he or she is authorised to access that computer system. ``(2) To avoid doubt, subsection (1) does not apply if a person who is authorised to access a computer system accesses that computer system for a purpose other than the one for which that person was given access. ``(3) To avoid doubt, subsection (1) does not apply if access to a computer system is gained by a law enforcement agency- ``(a) under the execution of an interception warrantor search warrant; or ``(b) under the authority of any Act or rule of the common law. ``253. Qualified exemption to access without authorisation offence for New Zealand Security Intelligence Service- ``Section 252 does not apply if- ``(a) the person accessing a computer system is- ``(i) the person specified in an interception warrant issued under the New Zealand Security Intelligence Service Act 1969; or ``(ii) a person, or member of a class of persons, requested to give any assistance that is specified in that warrant; and ``(b) the person accessing a computer system is doing so for the purpose of intercepting or seizing any communication, document, or thing of the kind specified in that warrant. ``254. Qualified exemption to access without authorisation offence for Government Communications Security Bureau- ``Section 252 does not apply if the person that accesses a computer system- ``(a) is authorised to access that computer system under the Government Communications Security Bureau Act 2003; and ``(b) accesses that computer system in accordance with that authorisation.