Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

Code · Iowa · Chapter 715 — Computer Spyware, Malware, And Ransomware Protection

715.9 Ransomware prohibition.

478 words·~2 min read·/ia/chapter-715-computer-spyware-malware-and-ransomware-protection/715-9·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

1. A person shall not intentionally, willfully, and without authorization do any of the following:
a. Access, attempt to access, cause to be accessed, or exceed the person’s authorized access to all or a part of a computer network, computer control language, computer, computer software, computer system, or computer database.
b. Copy, attempt to copy, possess, or attempt to possess the contents of all or part of a computer database accessed in violation of paragraph “a”.
2. A person shall not commit an act prohibited in subsection 1 with the intent to do any of the following:
a. Cause the malfunction or interruption of the operation of all or any part of a computer, computer network, computer control language, computer software, computer system, computer service, or computer data.
b. Alter, damage, or destroy all or any part of data or a computer program stored, maintained, or produced by a computer, computer network, computer software, computer system, computer service, or computer database.
3. A person shall not intentionally, willfully, and without authorization do any of the following:
a. Possess, identify, or attempt to identify a valid computer access code.
b. Publicize or distribute a valid computer access code to an unauthorized person.
4. A person shall not commit an act prohibited under this section with the intent to interrupt or impair the functioning of any of the following:
a. The state.
b. A service, device, or system related to the production, transmission, delivery, or storage of electricity or natural gas in the state that is owned, operated, or controlled by a person other than a public utility as defined in chapter 476.
c. A service provided in the state by a public utility as defined in section 476.1, subsection 2.
d. A hospital or health care facility as defined in section 135C.1.
e. A public elementary or secondary school, community college, or area education agency under the supervision of the department of education.
f. A city, city utility, or city service.
g. An authority as defined in section 330A.2.
5. This section shall not apply to the use of ransomware for research purposes by a person who has a bona fide scientific, educational, governmental, testing, news, or other similar justification for possessing ransomware. However, a person shall not knowingly possess ransomware with the intent to use the ransomware for the purpose of introduction into the computer, computer network, or computer system of another person without the authorization of the other person.
6. A person who has suffered a specific and direct injury because of a violation of this section may bring a civil action in a court of competent jurisdiction.
a. In an action under this subsection, the court may award actual damages, reasonable attorney fees, and court costs.
b. A conviction for an offense under this section is not a prerequisite for the filing of a civil action.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.