Understanding Hawaii Computer Crime Laws
A practical, plain‑language guide to Hawaii’s computer crime, fraud, and unauthorized access laws for users and businesses.
Hawaii, like every other state, has a detailed set of criminal laws aimed at computer and internet‑related wrongdoing. These rules are collected in the Hawaii Revised Statutes (HRS), primarily within the section on offenses against property rights, and they cover everything from unauthorized access and data theft to using a computer to commit another crime.
This guide explains the main types of computer crimes under Hawaii law, the mental state prosecutors must prove, the difference between misdemeanors and felonies, and the potential penalties. It is written for non‑lawyers and is not a substitute for legal advice from a licensed Hawaii attorney.
1. Legal Foundations of Computer Crime in Hawaii
Hawaii’s computer crime laws are found in the Hawaii Penal Code, under Title 37, in provisions beginning around HRS § 708‑890 and related sections. These statutes were created and later updated to respond to modern cybercrime threats such as hacking, data breaches, and online fraud.
1.1 Key concepts and definitions
Although definitions vary by statute, Hawaii’s computer crime laws generally rely on the following ideas:
- Computer: Any electronic device that performs logical, arithmetic, or data‑processing functions (for example, desktops, laptops, smartphones, servers).
- Computer system: A collection of connected computers or related devices that work together to process or store data.
- Computer network: Multiple computers or systems connected for communication or data exchange, such as the internet or local office networks.
- Access: In general, using, instructing, communicating with, storing data in, retrieving data from, or otherwise making use of a computer or network.
- Without authorization: Access that is not permitted by the owner or operator of the system, or access that clearly exceeds the permission granted.
Using Joint Tenancy to Minimize Probate >
Most of the statutes focus on what the person does with that access (e.g., obtains information, causes damage, or commits fraud) and the person’s mental state (intentionally or knowingly).
1.2 Mental state: intentionally vs. knowingly
Hawaii’s computer crime provisions typically require the prosecution to prove that the defendant acted intentionally or knowingly. These are defined in the Hawaii Penal Code and are critical to criminal liability:
- Intentionally: The person’s conscious objective is to engage in the conduct or cause the result.
- Knowingly: The person is aware that their conduct is of a particular nature or that certain circumstances exist, or that it is practically certain their conduct will cause a particular result.
In the computer crime context, this typically means the person knows they are not authorized to access a system, or knows that their actions will cause damage or defraud someone.
2. Unauthorized Computer Access (Hacking‑Type Offenses)
One of the core components of Hawaii’s computer crime framework is the offense of unauthorized computer access, sometimes thought of as the state‑law counterpart to federal hacking statutes.
2.1 Degrees of unauthorized computer access
Hawaii law recognizes multiple degrees of unauthorized computer access, with penalties that increase according to the seriousness of the conduct and the consequences.
| Degree of offense | Basic conduct | Key aggravating factor | Classification |
|---|---|---|---|
| First degree (HRS § 708‑895.5) | Knowingly accesses a computer, system, or network without authorization and obtains information. | Commercial/financial gain, furtherance of another crime, high value information, or information legally protected from disclosure. | Class A felony (or class B felony under earlier versions). |
| Second degree (HRS § 708‑895.6) | Knowingly accesses a computer, system, or network without authorization and obtains information. | No additional aggravating factor like value or financial gain. | Typically a class B or C felony, depending on statutory version. |
| Third degree (HRS § 708‑895.7) | Knowingly accesses a computer, system, or network without authorization. | No requirement to obtain information or cause damage. | Class C felony under updated Hawaii law. |
The first‑degree offense is reserved for the most serious situations, such as hacking for financial gain or to further another crime like identity theft or fraud. The third‑degree offense can capture basic unauthorized access even where no data is taken and no damage occurs.
2.2 First‑degree unauthorized access in detail
Under HRS § 708‑895.5, a person commits unauthorized computer access in the first degree if they knowingly access a computer, computer system, or computer network without authorization and obtain information, and any one of the following applies:
- The access was for commercial or private financial gain (for example, stealing customer payment data).
- The access was in furtherance of another crime, such as identity theft or fraud.
- The value of the information obtained exceeds a monetary threshold (the threshold has been amended over time, but the idea is high‑value information).
- The information is designated by law or court rule as requiring protection against unauthorized disclosure, such as confidential court records or certain government data.
This is the most serious form of unauthorized access, reflecting law‑makers’ concern with data breaches tied to financial crime and other serious offenses.
3. Computer Fraud and Computer Damage
Beyond access‑related crimes, Hawaii law distinguishes between conduct aimed at economic deception and conduct that harms systems or data. These are commonly referenced as computer fraud and computer damage offenses.
3.1 Computer fraud
Computer fraud statutes are designed to address the use of computers and networks to defraud another person or entity. Under Hawaii law, computer fraud can be charged at various degrees, generally classifying the offense as a felony when substantial economic harm or sophisticated misuse of computer systems occurs.
Key features include:
- Use of a computer to defraud: The person uses a computer, system, or network to obtain money, property, or services by deception.
- Unauthorized access plus fraud: In some forms, the crime combines unauthorized access with fraudulent intent (for example, accessing a company’s payroll system to divert payments).
- Felony classification: Hawaii treats many forms of computer fraud as felonies (often class B or C), reflecting the seriousness of financial harm and the potential for large‑scale losses.
The degree of computer fraud often depends on the amount of loss or the nature of the fraudulent conduct, similar to traditional theft offenses.
3.2 Computer damage
Computer damage statutes deal with conduct that harms computer systems or data. Examples include planting malware, launching denial‑of‑service attacks, or intentionally altering or deleting critical data.
Typical elements for computer damage in Hawaii include:
- Transmission causing damage: Knowingly causing the transmission of a program, information, code, or command that results in damage to a computer, system, or network.
- Unauthorized access causing damage: Intentionally or recklessly accessing a system without authorization and causing damage.
- Felony status: Serious forms of computer damage are classified as felonies, with penalties increasing when the damage is extensive or affects critical systems.
Damage can include loss of data, system downtime, and costs incurred to restore systems. These statutes seek to protect both private businesses and public infrastructure.
4. Using a Computer to Commit Other Crimes
Hawaii also criminalizes the use of a computer in the commission of separate crimes. This captures conduct where the computer is a tool, rather than the direct target.
4.1 Use of a computer in the commission of a separate crime
Under Hawaii law, a person can be charged with a specific offense if they knowingly use a computer to identify, select, solicit, persuade, or otherwise interact with a victim in connection with certain underlying crimes. These include, among others:
- Various forms of fraud and theft, including identity theft and financial scams.
- Offenses involving minors online, such as internet crimes against children.
- Sex‑related offenses where the victim is contacted or groomed via email, messaging platforms, or social media.
In practice, this type of law allows prosecutors to bring an additional charge when a computer substantially facilitates a crime—stacking on top of the underlying offense.
4.2 Forfeiture of equipment used in computer crime
Hawaii statutes also permit the forfeiture of property used or intended to be used to commit computer crimes. This can include computers, servers, mobile devices, and other equipment that facilitated the illegal conduct. Forfeiture proceedings typically operate under Hawaii’s general forfeiture laws and may occur in addition to criminal penalties.
5. Misdemeanors vs. Felonies and Potential Penalties
The severity of punishment for computer crimes in Hawaii depends on how the offense is classified—ranging from misdemeanors to serious felonies. Many of the key computer crimes discussed above fall on the felony side of the spectrum.
5.1 General classification
Hawaii’s computer crime framework includes:
- Felony computer crimes: Most unauthorized access, computer fraud, and serious computer damage offenses are classified as class A, B, or C felonies, depending on the degree and the harm involved.
- Misdemeanor computer crimes: Less serious violations may be charged as misdemeanors, although many of the current statutes emphasize felony‑level conduct due to the scale of harm associated with cyber offenses.
Hawaii’s sentencing ranges for felonies and misdemeanors are set elsewhere in the Penal Code, and may include imprisonment, fines, restitution, and probation.
5.2 Example penalty structure
While the exact sentence in any case depends on multiple factors, including prior convictions and the specifics of the offense, the law draws clear distinctions, such as:
- Class A felony: The most serious category (for example, first‑degree unauthorized access tied to financial gain or high‑value protected information).
- Class B felony: Applied to significant forms of computer fraud or damage, and some degrees of unauthorized access.
- Class C felony: Often used for less severe unauthorized access (such as third‑degree) and lower‑level computer fraud or damage.
- Misdemeanor: Reserved for minor or less harmful computer‑related misconduct.
Additionally, sentencing may involve restitution to victims for costs such as system repair, data restoration, and financial losses, especially in fraud and damage cases.
6. Enforcement and Practical Implications
Computer crimes are investigated and prosecuted through a combination of local, state, and federal efforts. Hawaii has specialized units focused on technology‑related offenses.
6.1 Hawaii Internet and Technology Crimes Unit (HITeC)
The Hawaii Internet and Technology Crimes Unit (HITeC) is one example of a specialized unit that addresses technology‑related crime. This unit combines local, state, and federal resources to investigate and prosecute two major categories of offenses:
- Technology crimes against persons, including identity theft, check fraud, and general internet fraud.
- Internet crimes against children, such as online enticement and the possession, distribution, or production of child sexual abuse material.
The existence of such a unit underscores Hawaii’s recognition that computer crimes often require technical expertise and cross‑agency coordination.
6.2 No separate civil cause of action under computer crime statutes
The Hawaii computer crime provisions discussed here are criminal statutes. As summarized in legal analyses, these laws do not themselves create a separate, dedicated civil lawsuit for victims under the same statutory sections. Instead, victims may need to rely on other civil theories such as negligence, invasion of privacy, or general fraud, depending on the facts of the case.
7. Practical Tips for Individuals and Businesses
Because Hawaii’s computer crime laws can result in severe penalties, both individuals and organizations operating in the state should understand how their behavior online or on computer systems can create legal risk.
7.1 For individuals
- Never access accounts or systems you are not clearly authorized to use, even as a “prank” or to test security without permission. Unauthorized access alone can be a felony.
- Use strong authentication and protect passwords to avoid becoming a victim of unauthorized access or identity theft.
- Be cautious with downloads and links, which can spread malware that leads to computer damage or allows others to commit crimes using your device.
- Think before sharing data: Disclosing someone else’s sensitive information improperly can expose you to liability, especially when that data is protected by law.
7.2 For businesses and organizations
- Implement clear access controls and written policies defining who is authorized to use particular systems and data.
- Train employees on acceptable use, data handling, and basic cybersecurity hygiene.
- Monitor for suspicious activity and maintain logs that can assist law enforcement if a crime occurs.
- Consult counsel to ensure that security testing (e.g., penetration tests) and monitoring practices are structured within legal boundaries.
Because computer crime statutes can be complex and periodically updated, organizations in regulated sectors (like finance or healthcare) often work closely with legal counsel and security professionals to remain compliant.
8. Frequently Asked Questions (FAQs)
8.1 Is simply guessing someone’s password a crime in Hawaii?
If guessing a password results in accessing a computer, system, or network without authorization, it can fall within Hawaii’s unauthorized computer access statutes. The statute does not require sophisticated techniques; what matters is the knowing, unauthorized access, not how difficult the access was to achieve.
8.2 Do I commit a crime if I access my employer’s system in a way that breaks company policy?
Potentially. Hawaii’s statutes use the concept of without authorization or exceeding authorization. In practice, if your employer’s policies clearly restrict certain access and you knowingly bypass those limits, prosecutors may view that as unauthorized access—particularly if you obtain sensitive information or cause damage. Whether this becomes a criminal matter depends on the facts and prosecutorial discretion.
8.3 Are attempted computer crimes punished the same way as completed offenses?
Legal summaries indicate that, under Hawaii’s computer crime framework, attempts are not always treated as separate offenses in the same way as completed computer crimes, unlike in some other contexts. However, general attempt provisions in the Penal Code may still apply in certain circumstances. A local criminal defense attorney can explain how attempt statutes interact with specific computer crime charges.
8.4 Can victims sue directly under Hawaii’s computer crime laws?
No separate, stand‑alone civil cause of action is created by these specific computer crime sections. Victims often rely on other civil claims such as negligence, breach of contract, or general fraud to seek compensation, in addition to cooperating with criminal investigations.
8.5 How do Hawaii’s laws relate to federal cybercrime statutes?
Hawaii’s statutes operate alongside federal laws such as the Computer Fraud and Abuse Act (CFAA). In serious cases—especially those involving large‑scale breaches, interstate activity, or critical infrastructure—federal authorities may bring charges in addition to, or instead of, state charges. Coordination between state units like HITeC and federal agencies is common in such investigations.
References
- Hawaii Revised Statutes § 708‑895.7: Unauthorized computer access in the third degree — Justia / State of Hawaii. 2025. https://law.justia.com/codes/hawaii/title-37/chapter-708/section-708-895-7/
- Hawaii Computer Crimes Laws — FindLaw. 2023 (last updated, approximate). https://www.findlaw.com/state/hawaii-law/hawaii-computer-crimes-laws.html
- Hawaii Revised Statutes § 708‑895.5: Unauthorized computer access in the first degree — Justia / State of Hawaii. 2025. https://law.justia.com/codes/hawaii/title-37/chapter-708/section-708-895-5/
- HRS § 708‑895.7 Unauthorized computer access in the third degree; legislative history — Hawaii State Legislature. 2012. http://data.capitol.hawaii.gov/hrscurrent/Vol14_Ch0701-0853/HRS0708/HRS_0708-0895_0007.htm
- HI Electronic Crime Statutes (Compilation of HRS Chapter 708, Part on Computer Crime) — Public Intelligence (quoting Hawaii statutes). 2011. https://info.publicintelligence.net/HI-laws.htm
- Hawaii Internet and Technology Crimes Unit (HITeC) — International Association of Chiefs of Police Cyber Center. 2020. https://www.iacpcybercenter.org/labs/hawaii-internet-and-technology-crimes-unit-hitec/
- Computer Crime Statutes — National Conference of State Legislatures (NCSL). 2022-11-14. https://www.ncsl.org/technology-and-communication/computer-crime-statutes
Read full bio of Sneha Tete





