Criminal Lawyers for Cyberbullying
Defense against cyberbullying, online harassment, and digital stalking charges.
Last updated:
Cyberbullying encompasses various criminal offenses committed through digital means: online harassment (acoso, Art. 172 ter CP), threats through social media or messaging (Art. 169 CP), non-consensual distribution of intimate images (sexting, Art. 197.7 CP), identity theft and impersonation online, and defamation through digital platforms. The penalties vary significantly depending on the specific conduct.
Legal Complexity
Cyberbullying cases involve complex intersections of criminal law, privacy rights, freedom of expression, and digital evidence law. The prosecution must demonstrate not only that harmful content was posted, but that it was done with criminal intent (not simply exercising free speech or making legitimate criticism). The distinction between criminal harassment and protected expression is often the central issue.
Defense Strategies
Our defense examines: whether the conduct constitutes protected free expression rather than criminal harassment; challenging the attribution of online content to the defendant (account hacking, shared devices, spoofed identities); demonstrating the content is substantially true (truth is a defense to defamation); arguing the interaction was mutual (online arguments versus one-sided harassment); and for juvenile defendants, pursuing restorative justice alternatives to criminal prosecution.
Cybercrime in Spain: Hacking, Phishing & Digital Fraud — Defence Guide
Cybercrime encompasses illegal access to computer systems (Art. 197 bis CP), computer damage and ransomware (Art. 264 CP), phishing and digital fraud (Art. 249.1.a CP), and the production or distribution of hacking tools (Art. 197 ter). Spain's prosecution of cybercrime has intensified dramatically, with specialised units in the National Police (BIT) and Guardia Civil (GDT) leading investigations. Defence requires a unique combination of criminal law expertise and advanced technical knowledge.
Penalty Table: Cybercrime
| Offence | Article | Description | Penalty |
|---|---|---|---|
| Illegal access to systems | Art. 197 bis | Unauthorised access breaching security measures | 6 months – 2 years |
| Interception of data | Art. 197 bis.2 | Intercepting non-public data transmissions | 3 months – 2 years |
| Production/supply of hacking tools | Art. 197 ter | Creating or distributing tools designed for cybercrime | 6 months – 2 years |
| Computer damage (basic) | Art. 264.1 | Deleting, damaging or making data inaccessible | 6 months – 3 years |
| Aggravated damage (critical infrastructure) | Art. 264.2 | Affecting essential services or critical infrastructure | 2 – 5 years prison |
| Cyber fraud (phishing) | Art. 249.1.a | IT manipulation to obtain unlawful transfer of assets | 6 months – 3 years |
Key Defence Strategies
IP Attribution Challenge
An IP address does not identify a person. Shared Wi-Fi networks, VPNs, Tor exit nodes and NAT configurations mean multiple users may share one IP. The prosecution must prove the accused was the actual user at the relevant time.
Chain of Digital Custody
Digital evidence is extremely fragile. If the police failed to image the hard drive with a write-blocker, if hash values don't match, or if evidence was handled improperly, the defence can seek exclusion of the entire digital evidence chain.
Authorised Security Testing
Ethical hacking and penetration testing carried out with the system owner's authorisation is legal. If the defendant had a written engagement contract, bug bounty agreement or responsible disclosure policy, there is no criminal offence.
Lack of 'Breaching Security Measures'
Art. 197 bis requires that security measures were breached. If the system had no password, no firewall, or the access point was public, the element of 'breaching security' may be absent, negating the offence.
Key Case Law
The Supreme Court confirmed that 'access' requires effectively entering the system, not merely attempting it. The prosecution must prove: (1) access occurred, (2) it was unauthorised, and (3) security measures were breached. Port scanning alone does not constitute the offence.
The Court ruled that ransomware attacks may constitute a concurrent offence of computer damage (Art. 264) and extortion (Art. 243 CP). The encryption of data satisfies the 'damage' element even if data is technically recoverable upon payment.
In phishing operations, the Court distinguished between the organiser and the 'money mule' (account holder). The mule's liability depends on proof of knowledge that the funds were illicit. Wilful blindness may suffice, but mere negligence does not.
Why Choose Us?
Need a criminal defense lawyer for this type of offense? Here's how we work:
Do you need specialised legal assistance?
The judicial system is complex. We have the criminal-law specialisation and technical resources required to take on the defence.