Deceiving the System: A Japanese Ruling on Computer Fraud and Stolen Credit Cards

Japanese Attorney at Law - Bengoshi L.L.

5 min read
Deceiving the System: A Japanese Ruling on Computer Fraud and Stolen Credit Cards

In today's digital economy, many of our transactions are fully automated, with no human interaction. When a thief steals credit card details and uses them to make a purchase online, who exactly is being deceived? Can you "defraud" a computer? And what specific crime is committed when the entire process, from Browse to payment, is handled by machines?

This modern legal puzzle was the subject of a landmark decision by the Supreme Court of Japan on February 14, 2006. The case, involving the use of a stolen credit card to purchase "electronic money" for an online dating site, provided an authoritative application of Japan's "computer fraud" statute. The Court's ruling clarified how the traditional principles of fraud apply in a world of automated, online transactions, establishing that the crime is not in tricking the machine's code, but in deceiving the system about the user's identity and authority.

Traditional fraud, under Article 246 of the Japanese Penal Code, requires deceiving a person. To address crimes involving automated systems, Japan enacted a specific statute in 1987: "Fraud Through Use of a Computer" (denshi keisanki shiyō sagi-zai), Article 246-2. This law was designed to punish illicit gains obtained not by tricking a person, but by manipulating a machine.

The key elements of this crime are:

  1. Giving "false information" or an "illicit command" to a computer used for business processing.
  2. Thereby creating a "false electromagnetic record concerning the acquisition or loss of a property right."
  3. And as a result, obtaining an "unlawful gain on property" (a pecuniary benefit) or causing another to do so.

This case forced the Supreme Court to interpret what constitutes "false information" and a "false record" in the context of a typical online credit card transaction.

The Facts: Stealing E-Money for a Dating Site

The defendant in the case had stolen the details of a credit card. He then set out to purchase "electronic money"—in this case, points required to use the messaging services on a mobile phone dating site.

The process, as detailed in the court records, involved several automated steps:

  1. The defendant used his mobile phone to log into the dating site as a member.
  2. He chose to purchase additional points and was directed to a payment screen where he entered the stolen cardholder's name.
  3. This redirected him to the website of a third-party credit card payment processing agent. There, he entered the stolen card number and expiration date.
  4. The payment processor's computer automatically contacted the bank's system to verify the card's validity and credit limit.
  5. Once the transaction was approved, the processor's computer created a new electronic record on its hard drive and sent a confirmation, along with an ID and PIN for the purchased points, to the defendant's phone.

The defendant was charged with and convicted of computer fraud. He appealed, making a clever legal argument: the information he entered—the cardholder name, number, and expiration date—was factually "true" because it corresponded to a real, valid credit card. Therefore, he argued, he had not provided "false information," the resulting electronic record was not "false," and a key element of the crime was missing.

The Supreme Court's Ruling: The Lie is in the "Who," Not the "What"

The Supreme Court unanimously rejected the defendant's argument and upheld his conviction. The Court's reasoning methodically dismantled the defense by focusing on the substance of the deception, not its superficial form.

The Court held that:

  • The "false information" was not the card number itself, but the entire fraudulent message conveyed to the system. The defendant gave information "making it seem as if the cardholder himself had applied to purchase the electronic money," when in reality, the cardholder had made no such application. The lie was about the identity and authority of the person making the request.
  • The "false record" was the entry created on the payment processor's server. This record, which stated "that the cardholder himself had purchased" the electronic money, was a false record "concerning the acquisition or loss of a property right." It was false because it created a fraudulent debt obligation for the legitimate cardholder and a corresponding duty for the credit card company to pay the merchant.
  • The "unlawful gain" was the defendant acquiring the right to use the electronic money points without having to pay for them himself.

By putting these pieces together, the Court concluded that the defendant's actions perfectly matched the elements of computer fraud under Article 246-2.

Analysis: Online Fraud vs. Offline Fraud - A Tale of Two Victims

The 2006 computer fraud decision is particularly insightful when compared to a 2004 Supreme Court decision (khk55) that dealt with the offline use of another person's credit card at a gas station. The way the crime was constructed in each case reveals the flexibility of Japanese criminal law.

  • Offline Fraud (The Gas Station Case): In the 2004 case, the crime was constructed as 1st-paragraph fraud (theft of property) against the merchant. The deception was the act of impersonating the cardholder to a human employee. The harm was the physical loss of the gasoline. The court explicitly stated that even the cardholder's permission was no defense to this crime against the merchant.
  • Online Fraud (This Case): In the 2006 online case, the Court's reasoning focuses on a different victim and a different harm. By identifying the "false record" as the one creating a debt for the cardholder, the Court implicitly constructs the crime as a 2nd-paragraph fraud (obtaining a pecuniary gain) where the ultimate financial harm falls upon the cardholder and the credit card issuer.

Legal commentary suggests that these two ways of framing the crime—one focusing on the merchant, the other on the issuer/cardholder—are not mutually exclusive. In many credit card fraud cases, multiple parties are harmed in different ways. The choice of how to charge the crime often comes down to prosecutorial strategy and which elements are easiest to prove. The online case, with no human to deceive at the point of sale, naturally lent itself to the computer fraud statute and a focus on the false electronic record that harmed the card issuer's system.

Conclusion: Adapting Old Crimes to New Technologies

The 2006 Supreme Court decision provided a clear and authoritative application of Japan's computer fraud statute to the now-ubiquitous crime of using stolen credit card details online. The ruling established the vital principle that in an automated transaction, the "deception" is not about tricking the computer's programming but about misrepresenting the identity and authority of the user.

The Court affirmed that inputting a technically valid credit card number still constitutes giving "false information" if you are not the authorized user, and the resulting transaction log is a "false record." The decision, especially when read alongside its offline counterpart, demonstrates the robust and flexible nature of Japanese property crime law. It ensures that the core essence of fraud—the illicit acquisition of value through deception—remains punishable, whether the victim being deceived is a person behind a counter or a server processing a transaction across the globe.