1. Anyone who, by any means or procedure, violating the security measures established to prevent it, and without being duly authorized, accesses or facilitates access to all or part of an information system, or remains within it against the will of the person with the legitimate right to exclude them, shall be punished with imprisonment for a term of six months to two years.
2. Anyone who, through the use of devices or technical instruments, and without being duly authorized, intercepts non-public transmissions of computer data originating from, destined for, or within an information system, including its electromagnetic emissions, shall be punished with imprisonment for a term of three months to two years or a fine of three to twelve months.