Computer Misuse Act 1990
In 1984 / 1985 Robert Schifreen and Stephen Gold used home computers and modems to gain unauthorised access to British Telecom's Prestel interactive viewdata service. They did this by using the username and password of a Prestel engineer they learnt by looking over his shoulder. (The engineer's username was 22222222 and the password used was 1234. - so it didn't take much learning). The pair managed to access the personal message box of Prince Philip amongst others. They were arrested but in court they succesfully argued that the existing laws did not cover what they had done so they hadn't broken them (this took a few years to go through the various courts). They were found innocent of breaking any laws.
This event, and others, helped the UK Government realise they needed a law to help protect from such acts - The Computer Misuse Act was created. It makes the following illegal (you can see the level of crime increases as you go down the list):
- Unauthorised access to computer material. This means entering a computer system without permission (hacking)
- Penalty: Up to six months in prison and/or a or up to a £5,000 fine
- Unauthorised access to computer materials with intent to commit a further crime. This means entering a computer system to steal data or destroy a device or network (such as planting a virus)
- Penalty :Up to a five-year prison sentence and/or a unlimited fine
- Unauthorised modification of data. This means changing or deleting data, and also covers the introduction of malware or spyware onto a computer (electronic vandalism and theft of information)
- Penalty : Up to a five-year prison sentence and/or a unlimited fine
- Making, supplying or obtaining anything which can be used in computer misuse offences (this covers the creation of malware, spyware and potentially hardware that you know will be used to do one of above three offences)
- Penalty : Up to a ten-year prison sentence and/or an unlimited fine