The Computer Misuse Act is designed to protect computer users against willful attacks and theft of information.
Offences under the act include hacking, unauthorized access to computer systems and purposefully spreading malicious and damaging software (malware), such as viruses.
Offences under the act include hacking, unauthorized access to computer systems and purposefully spreading malicious and damaging software (malware), such as viruses..
The act makes it an offence to access or even attempt to access a computer system without the appropriate authorization. Therefore, even if a hacker tries to get into a system but is unsuccessful they can be prosecuted using this law. The act also outlaws “hacking” software, such as packet sniffers, that can be used to break into or discover ways to get into systems.
Although intention to do willful damage can not be easily proved, the act makes it an offence for a hacker to access and use a system using another person’s user name, including e-mail, chat and other services.
The act also covers unauthorized access to different parts of a computer system, therefore, a person may be allowed to access one part of a system but not others, and the accessing of the other parts will be an offence.
Note: the downloading or exchange of pirate software is not covered by this act but by other legislation.
The penalties of breaking the Computer Misuse Act range from fines to imprisonment.
Computer Misuse Act 1990
An Act to make provision for securing computer material against unauthorized access or modification; and for connected purposes. [29th June 1990]
Be it enacted by the Queen’s most Excellent Majesty, by and with the advice and consent of the Lords Spiritual and Temporal, and Commons, in this present Parliament assembled, and by the authority of the same
Origins of the Act
It is generally agreed that it was the actions of two computer hobbyists; Robert Schifreen and Stephen Gold, who used their home computers to access without authorization British Telecom’s (BT) Prestel system that highlighted the need for new legislation.
The two “hackers” managed to get access to Prince Phillip’s personal message box. They did this, when they were visiting an ICT trade fair, by surreptitiously observing a BT engineer entering a user name of 1234 and a password of 22222222. This technique for finding out restricted information is known as shoulder surfing.
After this unauthorized access was discovered, the authorities struggled to find a law that covered the perpetrator’s actions and this led to the drawing up of the Computer Misuse Act.
The case against Gold and Schifreen took place in 1988.
The Computer Misuse Act is divided into three offences:
- Unauthorized access to computer material.
- Unauthorized access with intent to commit or facilitate commission of further offences.
- Unauthorized modification of computer material.
1. Unauthorized access to computer material.
A person is guilty of an offence if:
- He causes a computer to perform any function with intent to secure access to any program or data held in a computer;
- The access he intends to secure is unauthorized; and he knows at the time when
- He causes the computer to perform the function that this is the case.
The intent a person has to commit an offence under this section need not be directed at;
- any particular program or data;
- a program or data of any particular kind; or
- a program or data held in any particular computer.
A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5, on the standard scale or both.
2. Unauthorized access with intent to commit or facilitate commission of further offences.
A person is guilty of an offence under this section if he commits an offence under section 1 above (“the unauthorized access offence”) with intent
- To commit an offence to which this section applies; or
- To facilitate the commission of such an offence (whether by himself or by any other person) and the offence he intends to commit or facilitate is referred to below in this section as the further offence.
This section applies to offences
- for which the sentence is fixed by law; or
- for which a person of twenty one years of age or over (not previously convicted) may be sentenced to imprisonment for a term of five years.
It is immaterial for the purposes of this section whether the further offence is to be committed on the same occasion as the unauthorized access offence or on any future occasion.
A person may be guilty of an offence under this section even though the facts are such that the commission of the further offence is impossible.
A person guilty of an offence under this section shall be liable
- on summary conviction, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum or both; and
- on conviction on indictment, to imprisonment for a term not exceeding five years, or to a fine, or both.
3. Unauthorized modification of computer material.
A person is guilty of an offence if
- he does any act which causes the unauthorized modification of the contents of any computer; and
- at the time when he does the act he has the requisite intent and the requisite knowledge.
For the purposes of the subsection above, the requisite intent is an intent to cause a modification of the contents of any computer and by so doing:
- to impair the operation of any computer;
- to prevent or hinder access to any program or data held in any computer; or
- to impair the operation of any such program or the reliability of any such data.
The intent need not be directed at
- any particular computer;
- any particular program or data or a program or data of any particular kind; or
- any particular modification or a modification of any particular kind.
For the purpose of subsection 1b above, the requisite knowledge is knowledge that any modification he intends to cause is unauthorized.
It is immaterial for the purposes of this section whether an unauthorized modification or any intended effect of it of a kind mentioned in subsection (2) above is, or is intended to be, permanent or merely temporary.
Federal law defines computer fraud as the use of a computer to create a dishonest misrepresentation of fact as an attempt to induce another to do or refrain from doing something which causes loss. Criminals create fraudulent misrepresentation in a number of ways. First, they can alter computer input in an unauthorized way. Employees may embezzle company funds by altering input data. Second, criminals can alter or delete stored data. Third, sophisticated criminals can rewrite software codes and upload them into a bank’s mainframe so that the bank will provide its users’ identities to the thieves. The thieves can then use this information to make unauthorized credit card purchases.
Violators may be prosecuted under
- 18 U.S.C. § 506 No Electronic Theft Act
- 18 U.S.C. § 1028 Identity Theft and Assumption Deterrence Act of 1998
- 18 U.S.C. § 1029 Fraud and Related Activity in Connection with Access Devices
- 18 U.S.C. § 1030 Fraud and Related Activity in Connection with Computers
- 18 U.S.C. § 1343 Wire Fraud
- 18 U.S.C. § 1362 Communication Lines, Stations, or Systems
- 18 U.S.C. § 2511 Interception and Disclosure of Wire, Oral, or Electronic Communications Prohibited
- 18 U.S.C. § 2701 Unlawful Access to Stored Communications
- 18 U.S.C. § 2702 Disclosure of Contents
- 18 U.S.C. § 2703 Requirements for Governmental Access
- How to make money on YouTubeWhat is YouTube? YouTube is a video-sharing website where users can upload, share, and view videos. YouTube was founded in February 2005 and has since become the most popular video-sharing website in the world. Users…
- How to Create a Basic HTML PageHTML is the foundation of the World Wide Web. It is the markup language used to structure the content of a web page. HTML is divided into two main parts: the document content and the…
- COMPUTER SCIENCE / IT Project Documentation Example.COMPUTER SCIENCE / IT Project Documentation Example free download. A common question asked of project management leaders is, “What is the value of project documentation, and how can I be sure I’m doing it correctly?”…
- How to Make Money as a Web DeveloperHow to Make Money as a Web Developer There are many ways to make money as a web developer. Here are some of the most common: 1. Freelance work This is probably the most common…
- The Easy way to Start A Service Business OnlineStart A Service Business Online A Step-By-Step Guide. If you have a service-based business, then you’ve probably thought about how to start a service business online. One of the best ways to start a service business online is to combine your strong points with what the internet has to offer and maximize your strengths. # In this article, we’ll walk you through the steps to take in order to build a successful service-based business from scratch. # Keep on reading if you’d like some simple tips for starting a new service company.