Computer Misuse Act 1990 (UK)

 |  No Comments

Covering:

  1. unauthorised access to computer material, punishable by twelve months’ imprisonment (or six months in Scotland) and/or a fine “not exceeding level 5 on the standard scale” (since 2015, unlimited)
  2. unauthorised access with intent to commit or facilitate commission of further offences, punishable by twelve months/maximum fine (or six months in Scotland) on summary conviction and/or five years/fine on indictment
  3. unauthorised modification of computer material, punishable by twelve months/maximum fine (or six months in Scotland) on summary conviction and/or ten years/fine on indictment;

https://en.wikipedia.org/wiki/Computer_Misuse_Act_1990

Unauthorised modification of computer material is the background to the EU introducing the rules meaning websites must ask consent to use optional cookies

The amendments

The amendments to the Computer Misuse Act 1990 by Part 5 of the Police and Justice Act 2006[16] are

  1. Section 35. Unauthorised access to computer material, punishable by up to two years in prison or a fine or both
  2. Section 36. Unauthorised acts with intent to impair operation of computer, etc. punishable by up to ten years in prison or a fine or both
  3. Section 37. Making, supplying or obtaining articles for use in computer misuse offences, punishable by up to two years in prison or a fine or both
  4. Section 38. Transitional and saving provision

The amendments to the Computer Misuse Act 1990 by Part 2 of the Serious Crime Act 2015.[15] are

  1. Section 41 (new Section 3ZA of the Computer Misuse Act 1990). Unauthorised acts causing, or creating risk of, serious damage – punishable by up to 14 years in prison or a fine or both, possible life imprisonment where human welfare or national security were endangered
  2. Section 42. Obtaining articles for purposes relating to computer misuse – amendments to Section 3A
  3. Section 43. Territorial scope of computer misuse – amendments to Sections 4, 5 and 10 making the primary territorial scope the United Kingdom but can be worldwide especially if the perpetrator (or conspirators) is British and broke local law
  4. Section 44. Savings – covers seizure and enactment amendments to Sections 10 and 16.
  5. Section 47. Serious Crime Prevention Orders: meaning of “Serious Offence” – adds Computer Misuse to list of serious crimes in the Serious Crime Act 2007 including being grounds for compulsory winding up of a company
  6. Section 86. Transition and savings provisions – requires Sections 42 and 43 to be brought into force before they can be used
  7. Schedule 1. Amendments to Serious Crimes Act 2007: Scotland – similar changes to Scottish law
  8. Schedule 4. Minor and consequential amendments – changes Computer Misuse Act 1990 and the Armed Forces Act 2006

2024 Review

https://www.gov.uk/government/consultations/review-of-the-computer-misuse-act-1990/review-of-the-computer-misuse-act-1990-consultation-and-response-to-call-for-information-accessible

 

Review of the Computer Misuse Act 1990

The Computer Misuse Act 1990 (CMA) is the main legislation that criminalises unauthorised access to computer systems and data, and the damaging or destroying of these. The Act has the intention of protecting the integrity and security of computer systems and data through criminalising access to them which has not been authorised by the owner of the system or data.

In May 2021, the Home Secretary announced a review of the CMA. The first step in the review was a public Call for Information seeking the views of stakeholders and the wider public, to identify and understand whether there is activity causing harm in the area covered by the CMA that is not adequately addressed by the current offences. The scope included whether law enforcement agencies have the necessary powers to investigate and take action against those attacking computer systems, and whether the legislation is fit for use following the technological advances since the CMA was introduced.

Responses were received from 51 stakeholders and covered a range of proposals where respondents felt more could be done to protect the UK and take action against criminals. These included:

  • New powers for law enforcement agencies to allow them to investigate CMA offences more effectively
  • Ensure that the UK can take action against offences committed extra-territorially or that affect the UK when committed overseas
  • Statutory defences to the CMA offences
  • Ensuring that sentencing levels are appropriate
  • Offence of possession of illegally obtained data
  • Improved training for the judiciary and prosecutors
  • Consideration of whether new technologies, such as AI and the internet of things, are adequately covered under the CMA
  • Failure to prevent cybercrime / duty to protect
  • Online harms, such as deep fake imagery

 

 

Share this by:

Share on SMS Share on WhatsApp Share on LinkedIn
Tags: , ,