Liew Cheong Wee Leslie v Public Prosecutor

Case Details

• Title: Liew Cheong Wee Leslie v Public Prosecutor
• Citation: [2013] SGHC 141
• Court: High Court of the Republic of Singapore
• Decision Date: 25 July 2013
• Case Number: Magistrate's Appeal No 91 of 2012
• Coram: Choo Han Teck J
• Parties: Liew Cheong Wee Leslie — Public Prosecutor
• Appellant/Applicant: Liew Cheong Wee Leslie
• Respondent: Public Prosecutor
• Counsel for Appellant: Wee Pan Lee (Wee Tay & Lim LLP) for Leslie Liew Cheong; Christopher Ong and Terence Chua (Attorney-General's Chambers) for the Public Prosecutor
• Legal Area: Criminal Procedure and Sentencing – Sentencing – Appeal
• Statutes Referenced: Computer Misuse Act (Cap 50A, 1998 Rev Ed) (“the Act”)
• Key Provisions: s 3(1) and s 3(2) of the Computer Misuse Act
• Judgment Length: 4 pages; 2,161 words
• Reported Issues: Whether the appellant had unauthorised access and whether the “damage” element for enhanced sentencing under s 3(2) was properly particularised and proved
• Disposition (as reflected in extract): Conviction appeal dismissed; sentence varied for the sixth charge due to failure to particularise/prove “damage” under s 3(2)

Summary

In Liew Cheong Wee Leslie v Public Prosecutor [2013] SGHC 141, the High Court (Choo Han Teck J) dealt with an appeal against conviction and sentence arising from a serious incident at the Marina Bay Sands Integrated Resort (“MBS”). The appellant, an engineer employed by a sub-contractor, was convicted on multiple charges under the Computer Misuse Act for knowingly causing a computer to perform functions for the purpose of securing unauthorised access. The court affirmed the conviction, finding that the appellant’s conduct went beyond any plausible misunderstanding of his work authority and instead demonstrated deliberate intent to cause a blackout.

While the conviction appeal was dismissed, the court accepted a significant sentencing argument relating to the sixth charge. The Public Prosecutor sought enhanced punishment under s 3(2) of the Computer Misuse Act, which applies where “damage” (as defined in s 2) is caused. However, the High Court held that the prosecution had not properly particularised the relevant “damage” under s 3(2), nor had it led evidence to establish it. As a result, the sixth charge could not be treated as an enhanced s 3(2) offence for sentencing purposes, and the sentence was reduced to align with the other similar charges under s 3(1).

What Were the Facts of This Case?

The appellant, then 35 years old, was employed by Power Automation Pte Ltd (“PA”) from 17 January 2010 until 13 May 2010. His assignment involved work at MBS, where PA was a sub-contractor responsible for setting up and installing a “Power Monitoring Control System” (“PMCS”). The PMCS was described in the trial court’s summary as a sophisticated client/server system that collects status from field devices and manages and controls digitally controlled equipment across the resort, including the casino.

Operationally, the PMCS monitored the high-voltage and medium-voltage distribution systems and automatically reacted to power failure conditions. It allowed operators to monitor and control the high tension (“HT”) system through a human-machine interface (“HMI”) at workstations. It also maintained logs—an entry log recording access times and actions, and an alarm log recording malfunctions. Access to the PMCS was restricted to specific viewing or operator accounts, protected by passwords.

On 12 May 2010, a massive blackout occurred at the casino around 12.20am, affecting multiple levels from the basement to level 3 of the northern section. The police were called because a security supervisor suspected that someone had wilfully tampered with the electrical system. After investigations, the appellant was charged on five counts under s 3(1) of the Computer Misuse Act and one count under s 3(2). The prosecution’s case, as accepted by the trial court and largely upheld on appeal, was that the appellant’s actions were deliberate and designed to cause the blackout.

The High Court’s reasoning emphasised the technical and procedural nature of the appellant’s conduct. Although counsel for the appellant argued that he was authorised to access the system as part of his employer’s project and that he had not misunderstood or exceeded his authority, the court focused on the manner in which the appellant obtained remote access. The court noted that the appellant went through an elaborate process to give himself remote access through his personal computer, and he added an email address that was not known to his employers to the system administrator to gain access. The court treated the evidence of completing layers of security commands to execute the instruction causing the blackout as ruling out accidental activation and supporting an inference of deliberate intent.

What Were the Key Legal Issues?

The first key issue was whether the appellant’s conduct satisfied the elements of the offences under s 3 of the Computer Misuse Act, particularly whether he knowingly caused the computer to perform functions for the purpose of securing access without authority. This required the court to assess whether the appellant’s access was within the scope of his work authorisation, or whether his actions constituted unauthorised access and intentional misuse of the system.

The second key issue concerned sentencing, specifically the sixth charge. The Public Prosecutor argued for enhanced sentencing under s 3(2), which increases liability where “damage” is caused as a result of the offence. The High Court had to determine whether the prosecution had properly particularised and proved the “damage” element as defined in s 2 of the Act, and whether the trial judge was entitled to assume that such damage had been established.

Finally, the court also had to consider the procedural fairness implications of the way the charge was framed and amended. The High Court scrutinised whether the prosecution’s charge particulars and evidence at trial aligned with the statutory definition of “damage”, and whether the defence had a fair opportunity to meet the case advanced.

How Did the Court Analyse the Issues?

On conviction, Choo Han Teck J approached the case by examining the appellant’s access and actions in a practical, evidential manner. The court accepted that access to sensitive and vital controls required special access codes, and it treated the appellant’s attempt to obtain remote access through his personal computer as a critical fact. The court considered that the appellant did not merely use credentials in the ordinary course of authorised work; rather, he undertook steps to create or enable remote access that was not part of the employer’s known access framework.

The court also relied on the “unanswerable evidence” that the appellant completed multiple layers of security commands to execute the instruction that caused the blackout. The High Court treated the procedure required for such an instruction as inconsistent with accident or inadvertence. In other words, the technical steps were not merely incidental; they were integral to the execution of the harmful outcome. From this, the court drew the “inescapable conclusion” that the appellant deliberately intended to cause the blackout. Even if the appellant’s motive might have been anger at MBS or his employer, the court held that motive was not necessary to establish the offence; the deliberate nature of the actions sufficed to show the requisite purpose of securing unauthorised access and using the system to cause the blackout.

On the sentencing issue for the sixth charge, the High Court’s analysis turned on statutory interpretation and charge particulars. Section 3(2) provides for enhanced punishment where “damage is caused” as a result of an offence under s 3(1). However, the court stressed that “damage” is not generic harm. It is a defined term in s 2 of the Act, covering specific categories: (a) impairment causing loss aggregating at least $10,000 (subject to temporal limits and ministerial notifications), (b) impairment affecting medical examination/diagnosis/treatment/care, (c) causing or threatening physical injury or death, and (d) threatening public health or public safety.

The High Court observed that the prosecution’s original sixth charge appeared to specify that the damage was under s 3(2)(a) because it included the phrase “of at least $10,000” immediately after “causing damage”. Yet the charge was later amended by striking out “of at least $10,000”. The court treated this as indicating that the prosecution would not allege and prove that the accused caused damage meeting the $10,000 threshold. The court then asked a more fundamental question: if not $10,000 loss under s 3(2)(a), what specific “damage” was alleged and proved? The judgment extract indicates that the charge did not clearly state the relevant category of damage, and no evidence was led detailing the statutory “damage” element.

Critically, the trial judge had assumed that damage was proved and reasoned that financial losses and reputational harm would have been sustained due to the stop in casino operations and the marred experience for patrons. The High Court held that this was not the “damage” particularised in the charge, and that a loss of reputation is not defined as “damage” under the Act. The High Court also rejected the prosecution’s attempt on appeal to frame the blackout as a threat to public safety, noting that this was not particularised in the charge and was not supported by evidence at trial. The court emphasised that the prosecution bears the duty to ensure that all particulars constituting a charge are given so that the accused knows exactly what must be defended against.

Accordingly, the High Court concluded that because “damage” was not particularised or proved, the sixth charge should be treated as a charge under s 3(1) rather than an enhanced s 3(2) offence for sentencing. This approach reflects a strict adherence to the statutory definition and to the fairness principle that sentencing enhancements must be grounded in properly pleaded and proven facts.

What Was the Outcome?

The High Court dismissed the appellant’s appeal against conviction. It upheld the trial court’s finding that the appellant’s actions were deliberate and intended to cause the blackout, and that he had no authority to access the computer system in the manner he did, let alone use it to cause the blackout at MBS.

On sentence, the High Court allowed the appellant’s challenge in relation to the sixth charge. It amended the sixth charge by deleting the words “Section 3(2) read with” and varied the sentence to a fine of $3,000, with a default term of three weeks’ imprisonment. The practical effect was that the sixth charge’s punishment was brought in line with the other s 3(1) charges, because the prosecution had not established the statutory “damage” element required for enhanced sentencing under s 3(2).

Why Does This Case Matter?

This case is significant for practitioners because it illustrates both (i) how courts may infer intent in computer misuse offences where technical steps show deliberate execution, and (ii) how strictly courts will police the statutory requirements for enhanced sentencing. On the merits, the judgment demonstrates that “authorisation” is not a mere label; the court will examine the method and purpose of access. Where an accused undertakes elaborate steps to obtain remote access and executes security commands that are procedurally inconsistent with accident, the court may readily infer deliberate intent to cause harmful outcomes.

On sentencing, the decision is particularly instructive. It underscores that “damage” under s 3(2) is a defined legal concept with specific categories. Prosecutors must plead the relevant category with precision and must lead evidence to establish it. If the charge is amended in a way that removes the pleaded threshold or category, the prosecution cannot rely on broad notions of harm—such as reputational damage or general operational disruption—to justify enhanced punishment. The court’s insistence on particularisation protects the accused’s right to know the case to meet and ensures that enhancements are not imposed on unproven or unpleaded facts.

For defence counsel, the case provides a roadmap for challenging enhanced sentencing where the prosecution’s particulars do not track the statutory definition of “damage”. For prosecutors, it serves as a cautionary example: the framing of charges and the evidence led at trial must align with the enhancement provision. For law students, the judgment is a clear demonstration of how statutory interpretation, charge particulars, and evidential sufficiency interact in criminal sentencing appeals.

Legislation Referenced

• Computer Misuse Act (Cap 50A, 1998 Rev Ed), s 3(1)
• Computer Misuse Act (Cap 50A, 1998 Rev Ed), s 3(2)
• Computer Misuse Act (Cap 50A, 1998 Rev Ed), s 2 (definition of “damage”)

Cases Cited

• [2013] SGHC 141 (the present case)

Source Documents

• Original Judgment (PDF) — Singapore Law Watch
• Archived Copy (PDF) — Litt Law CDN

This article analyses [2013] SGHC 141 for legal research and educational purposes. It does not constitute legal advice. Readers should consult the full judgment for the Court's complete reasoning.