Company Criminal Liability for Unlawful Attacks against Information Systems within the Scope of EU Law

Unlawful attacks against information systems are everyday reality for large international companies such as Apple or Facebook as well as for SMEs, national information systems and individuals who are more and more often objects of such attacks. This thesis carries out an analysis of the most important legal instruments primarily at the level of the European Union in the field of cybercrime committed by companies and other legal persons. It explores the history of regulation of cybercrime and it especially analysis crimes of illegal access to information systems and illegal system interference governed above all by the Directive 2013/40/EU of the European Parliament and of the Council of 12 August 2013 on attacks against information systems and replacing Council Framework Decision 2005/222/JHA. It also looks at corporate criminal liability in this field and at sanctions which can be applied on legal entities according to the EU and Czech regulation for committing unlawful attacks against information systems. At the same time this thesis concerns with the implementation of the Directive on attacks against information systems into the Czech legal framework, i.e. Act No. 40/2009 Coll., the Criminal Code, also it concerns with the regulation of criminal liability of legal persons by Czech Act No. 418/2011 Coll., on Criminal Liability of Legal Entities and their Prosecution, and it critically evaluates these legal instruments.