Computer Misuse Act 1990 (amended)
Date Published 21/11/2006 - Click here for more recent news
So here's how it goes: in the beginning there was the Computer Misuse Act 1990 - http://www.opsi.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm
then the other day along came the Police and Justice Act - http://www.opsi.gov.uk/acts/acts2006/ukpga_20060048_en.pdf
and in amongst all the bits of legislation contained therein about Crime and Disorder, Police bail, ASBOs and suchlike (that aren't obvious required reading for the IT community at large) under Part 5 Miscellaneous, just after Sentences of Imprisonment for Bail Offences there are some very interesting paras like: para 35, Unauthorised Access to computer material and para 36, Unauthorised acts with intent to impair operation of computer etc. - that we thought were well worth bringing to the attention to those who frequent the World Wide Web.
Firstly, we at EASIserv.com fully accept that the intention (of the amendments) is a valiant attempt to do something beneficial on behalf of all long-suffering computer users. It's a determined attempt to criminalise and stiffen up the punishments that can be dished out to those horrible 'hackers' who persist in passing around those, unfortunately so prevalent, crippling computer Viruses and terrible Trojan Horses - that so often end up illegitimately denying service to some otherwise innocently browsing bystanders. It makes clear for the first time that denial of service attacks are a criminal offence, rather than just a jolly-jape - which is a good position to take.
But as with many attempts at apparently 'good' legislation - there's quite a few concerns being raised that perhaps legitimate IT security activity may end up being adversely affected, and maybe even criminalised, through their useful business-as-usual distribution of some vital 'security' tools that are specifically intended to help guard against those self-same hackers.
The new Act will make a person (or Company) guilty of an offence "if he supplies or offers to supply any article believing that it is likely to be used to commit, or to assist in the commission of (a hacking offence)." The word "article" is defined in the Act to include "any programme or data held in electronic form". Some software tools commonly used by IT security professionals can also be used for malicious purposes in the wrong hands, thereby making the new legislation a cause for concern.
There is a prevailing view that the legislation may have been 'broadened' as it went through Parliament - to ensure that a person can be prosecuted if, for example, he posts software to the internet with a reckless disregard for its use - which is typically what your average hacker does.
Here at EASIserv.com, we just hope that this new Act and its criminalising of 'the hacker' does in fact prove successful and goes some way towards improving browsing safety, by putting the fear of criminal prosecution into 'the hacker' - but at the same time, that the fears of the security professionals ultimately prove to be unfounded.
Featured Links
Accreditations
Partners
