The Computer Misuse Act 1990 is an Act of the
Parliament of the United Kingdom
The Parliament of the United Kingdom is the supreme legislative body of the United Kingdom, the Crown Dependencies and the British Overseas Territories. It meets at the Palace of Westminster, London. It alone possesses legislative suprema ...
, introduced partly in response to the decision in ''R v Gold & Schifreen'' (1988) 1 AC 1063 (see below). Critics of the bill complained that it was introduced hastily and was poorly thought out.
Intention, they said, was often difficult to prove, and that the bill inadequately differentiated "joyriding"
hackers
A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
like
Gold
Gold is a chemical element with the symbol Au (from la, aurum) and atomic number 79. This makes it one of the higher atomic number elements that occur naturally. It is a bright, slightly orange-yellow, dense, soft, malleable, and ductile me ...
and
Schifreen from serious computer criminals. The Act has nonetheless become a model from which several other countries, including
Canada
Canada is a country in North America. Its ten provinces and three territories extend from the Atlantic Ocean to the Pacific Ocean and northward into the Arctic Ocean, covering over , making it the world's second-largest country by tot ...
and the
Republic of Ireland
Ireland ( ga, Éire ), also known as the Republic of Ireland (), is a country in north-western Europe consisting of 26 of the 32 Counties of Ireland, counties of the island of Ireland. The capital and largest city is Dublin, on the eastern ...
, have drawn inspiration when subsequently drafting their own information security laws, as it is seen "as a robust and flexible piece of legislation in terms of dealing with cybercrime”. Several amendments have been passed to keep the Act up to date.
''R v Gold & Schifreen''
Robert Schifreen and
Stephen Gold, using conventional
home computers and
modem
A modulator-demodulator or modem is a computer hardware device that converts data from a digital format into a format suitable for an analog transmission medium such as telephone or radio. A modem transmits data by Modulation#Digital modulati ...
s in late 1984 and early 1985, gained unauthorised access to
British Telecom's
Prestel
Prestel (abbrev. from press telephone), the brand name for the UK Post Office Telecommunications's Viewdata technology, was an interactive videotex system developed during the late 1970s and commercially launched in 1979. It achieved a maxim ...
interactive
viewdata
Viewdata is a Videotex implementation. It is a type of information retrieval service in which a subscriber can access a remote database via a common carrier channel, request data and receive requested data on a video display over a separate c ...
service. While at a trade show, Schifreen, by doing what latterly became known as
shoulder surfing, had observed the password of a Prestel engineer. The engineer's username was 22222222 and the password used was 1234.
This later gave rise to accusations that British Telecom (BT) had not taken security seriously. Armed with this information, the pair explored the system, even gaining access to the personal message box of
Prince Philip
Prince Philip, Duke of Edinburgh (born Prince Philip of Greece and Denmark, later Philip Mountbatten; 10 June 1921 – 9 April 2021) was the husband of Queen Elizabeth II. As such, he served as the consort of the British monarch from E ...
.
Prestel installed monitors on the suspect accounts and passed information thus obtained to the police. The pair were charged under section 1 of the
Forgery and Counterfeiting Act 1981
The Forgery and Counterfeiting Act 1981 (c 45) is an Act of the Parliament of the United Kingdom which makes it illegal to make fake versions of many things, including legal documents, contracts, audio and visual recordings, and money of the Uni ...
with defrauding BT by manufacturing a "false instrument", namely the internal condition of BT's equipment after it had processed Gold's eavesdropped password. Tried at
Southwark Crown Court
The Crown Court at Southwark, commonly but inaccurately called Southwark Crown Court, is one of two locations of the Crown Court in the London SE1 postcode area, along with the Crown Court at Inner London.
Opened in 1983, the brick building is ...
, they were convicted on
specimen charges (five against Schifreen, four against Gold) and fined, respectively, £750 and £600.
Although the fines imposed were modest, they elected to appeal to the Criminal Division of the
Court of Appeal. Their counsel cited the lack of evidence showing the two had attempted to obtain material gain from their exploits, and claimed that the Forgery and Counterfeiting Act had been misapplied to their conduct. They were acquitted by the Lord Justice Lane, but the prosecution appealed to the
House of Lords
The House of Lords, also known as the House of Peers, is the upper house of the Parliament of the United Kingdom. Membership is by appointment, heredity or official function. Like the House of Commons, it meets in the Palace of Westminste ...
. In 1988, the Lords upheld the acquittal.
Lord Justice Brandon said:
The Law Lords' ruling led many legal scholars to believe that hacking was not unlawful as the law then stood. The English
Law Commission
A law commission, law reform commission, or law revision commission is an independent body set up by a government to conduct law reform; that is, to consider the state of laws in a jurisdiction and make recommendations or proposals for legal chang ...
and its counterpart in Scotland both considered the matter. The
Scottish Law Commission
The Scottish Law Commission is an advisory non-departmental public body of the Scottish Government. It was established in 1965 to keep Scots law under review and recommend necessary reforms to improve, simplify and update the country's legal sy ...
concluded that intrusion was adequately covered in Scotland under the
common law
In law, common law (also known as judicial precedent, judge-made law, or case law) is the body of law created by judges and similar quasi-judicial tribunals by virtue of being stated in written opinions."The common law is not a brooding omnipres ...
related to deception, but the English Law Commission believed a new law was necessary.
Since the case, both defendants have written extensively about IT matters. Gold, who detailed the entire case at some length in ''
The Hacker's Handbook'', has presented at conferences alongside the arresting officers in the case.
The Computer Misuse Act
Based on the ELC's recommendations, a
private member's bill was introduced by
Conservative
Conservatism is a cultural, social, and political philosophy that seeks to promote and to preserve traditional institutions, practices, and values. The central tenets of conservatism may vary in relation to the culture and civilization in ...
MP
Michael Colvin
Michael Keith Beale Colvin (27 September 1932 – 24 February 2000) was a British Conservative Party politician. He was first elected as the Member of Parliament (MP) for Bristol North West in 1979. From 1983 onwards, he was the MP for Romsey a ...
. The bill, supported by the government, came into effect in 1990. Sections 1-3 of the Act introduced three criminal offences:
# unauthorised access to computer material, punishable by twelve months' imprisonment (or six months in Scotland) and/or a fine "not exceeding level 5 on the
standard scale" (since 2015, unlimited);
# unauthorised access with intent to commit or facilitate commission of further offences, punishable by twelve months/maximum fine (or six months in Scotland) on
summary conviction and/or five years/fine on
indictment
An indictment ( ) is a formal accusation that a person has committed a crime. In jurisdictions that use the concept of felonies, the most serious criminal offence is a felony; jurisdictions that do not use the felonies concept often use that of a ...
;
# unauthorised modification of computer material, punishable by twelve months/maximum fine (or six months in Scotland) on summary conviction and/or ten years/fine on indictment;
(For other offences see ''
§ The amendments'' below)
The sections 2 and 3 offences are intended to deter the more serious criminals from using a computer to assist in the commission of a criminal offence or from impairing or hindering access to data stored in a computer. The basic section 1 offence is to attempt or achieve access to a computer or the data it stores, by inducing a computer to perform any function with intent to secure access.
Hackers
A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
who program their computers to search through password permutations are therefore liable, even if their attempts to log on are rejected by the target computer. The only precondition to liability is that the hacker should be aware that the access attempted is unauthorised. Thus, using another person's
username
A user is a person who utilizes a computer or network service.
A user often has a user account and is identified to the system by a username (or user name). Other terms for username include login name, screenname (or screen name), accoun ...
or
identifier (ID) and
password
A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
without proper authority to access data or a program, or to alter, delete, copy or move a program or data, or simply to output a program or data to a screen or printer, or to impersonate that other person using
e-mail
Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic (digital) version of, or counterpart to, mail, at a time when "mail" meant ...
,
online chat
Online chat may refer to any kind of communication over the Internet that offers a real-time transmission of text messages from sender to receiver. Chat messages are generally short in order to enable other participants to respond quickly. Ther ...
, web or other services, constitute the offence. Even if the initial access is authorised, subsequent exploration, if there is a hierarchy of privileges in the system, may lead to entry to parts of the system for which the requisite privileges are lacking and the offence will be committed. Looking over a user's shoulder or using sophisticated electronic equipment to monitor the
electromagnetic radiation
In physics, electromagnetic radiation (EMR) consists of waves of the electromagnetic (EM) field, which propagate through space and carry momentum and electromagnetic radiant energy. It includes radio waves, microwaves, infrared, (visible) li ...
emitted by
VDUs ("electronic eavesdropping") is outside the scope of this offence.
The §§2–3 offences are aggravated offences, requiring a specific intent to commit another offence (for these purposes, the other offences are to be
arrestable, and so include all the major
common law
In law, common law (also known as judicial precedent, judge-made law, or case law) is the body of law created by judges and similar quasi-judicial tribunals by virtue of being stated in written opinions."The common law is not a brooding omnipres ...
and
statutory
A statute is a formal written enactment of a legislative authority that governs the legal entities of a city, state, or country by way of consent. Typically, statutes command or prohibit something, or declare policy. Statutes are rules made by le ...
offences of
fraud and
dishonesty
Dishonesty is to act without honesty. It is used to describe a lack of probity, cheating, lying, or deliberately withholding information, or being deliberately deceptive or a lack in integrity, knavishness, perfidiosity, corruption or treacherousn ...
). So a hacker who obtains access to a system intending to transfer money or shares, intends to commit
theft
Theft is the act of taking another person's property or services without that person's permission or consent with the intent to deprive the rightful owner of it. The word ''theft'' is also used as a synonym or informal shorthand term for som ...
, or to obtain confidential information for
blackmail or
extortion
Extortion is the practice of obtaining benefit through coercion. In most jurisdictions it is likely to constitute a criminal offence; the bulk of this article deals with such cases. Robbery is the simplest and most common form of extortion, ...
. Thus, the §1 offence is committed as soon as the unauthorised access is attempted, and the §2 offence overtakes liability as soon as specific access is made for the criminal purpose. The §3 offence is specifically aimed at those who write and circulate a
computer virus or
worm
Worms are many different distantly related bilateral animals that typically have a long cylindrical tube-like body, no limbs, and no eyes (though not always).
Worms vary in size from microscopic to over in length for marine polychaete wo ...
, whether on a
LAN or across
networks
Network, networking and networked may refer to:
Science and technology
* Network theory, the study of graphs as a representation of relations between discrete objects
* Network science, an academic field that studies complex networks
Mathematics
...
. Similarly, using
phishing
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwa ...
techniques or a
Trojan horse
The Trojan Horse was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer's ''Iliad'', with the poem ending before the war is concluded, ...
to obtain identity data or to acquire any other data from an unauthorised source, or modifying the operating system files or some aspect of the computer's functions to interfere with its operation or prevent access to any data, including the destruction of files, or deliberately generating code to cause a complete system malfunction, are all criminal "modifications". In 2004, John Thornley pleaded guilty to four offences under §3, having mounted an attack on a rival site, and introduced a Trojan horse to bring it down on several occasions, but it was recognised that the wording of the offence needed to be clarified to confirm that all forms of
denial of service
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connec ...
attack are included.
Implications for industry practices
Although the Act ostensibly targets those who wish to gain unauthorised access to computer systems for various purposes, its implications on previously relatively widespread or well-known industry practices such as the "time-locking" of software have been described in various computing industry publications. Time-locking is the practice of disabling functionality or whole programs in order to ensure that software, potentially delivered on condition of further payment, will "expire" and thus no longer function. In one featured case, a "developer of bespoke systems in the Midlands" activated a time lock on a piece of software over a dispute with a client about an unpaid bill. The client reported this to the police who charged the programmer under Section 3 of the Act, with the outcome being a conviction by a magistrates court, with a conditional discharge given by the magistrate meaning that no punishment was applied on condition that the programmer did not re-offend.
Latest situation
Schedule 1 Part II of the
Criminal Justice (Terrorism and Conspiracy) Act 1998
The Criminal Justice (Terrorism and Conspiracy) Act 1998 is a law passed in the United Kingdom, which came into force on 4 September 1998. It stipulated that it is an offense to participate in a conspiracy to carry out a course of conduct that le ...
('Conspiracy') amended Section 8 (relevance of external law), Section 9(2)(b) (British citizenship immaterial: conspiracy) and Section 16 (application to Northern Ireland).
In 2004, the All-Party Internet Group published its review of the law and highlighted areas for development. Their recommendations led to the drafting of the Computer Misuse Act 1990 (Amendment) Bill which sought to amend the CMA to comply with the European Convention on Cyber Crime. Under its terms, the maximum sentence of imprisonment for breaching the Act changed from six months to two years. It also sought to explicitly criminalise
denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
s and other crimes facilitated by denial-of-service. The Bill did not receive
Royal Assent
Royal assent is the method by which a monarch formally approves an act of the legislature, either directly or through an official acting on the monarch's behalf. In some jurisdictions, royal assent is equivalent to promulgation, while in oth ...
because Parliament was
prorogued
A legislative session is the period of time in which a legislature, in both parliamentary and presidential systems, is convened for purpose of lawmaking, usually being one of two or more smaller divisions of the entire time between two elections ...
.
Sections 35 to 38 of the
Police and Justice Act 2006
The Police and Justice Act 2006 (PJA) is an act of the Parliament of the United Kingdom. It received royal assent on 8 November 2006. The PJA created the National Policing Improvement Agency. It changed how members of police authorities may be ...
contain amendments to the Computer Misuse Act 1990.
Section 37 ("Making, supplying or obtaining articles for use in computer misuse offences") inserts a new section 3A into the 1990 Act and has drawn considerable criticism from IT professionals, as many of their tools can be used by criminals in addition to their legitimate purposes, and thus fall under section 3A.
After the
News International phone hacking scandal
The News International phone hacking scandal was a controversy involving the now-defunct ''News of the World'' and other British newspapers owned by Rupert Murdoch. Employees of the newspaper were accused of engaging in phone hacking, police b ...
in 2011, there were discussions about amending the law to define "smart" phones (i.e. those with Internet browsers and other connectivity features) as computers under the Act. Such an amendment might also introduce a new offence of "making information available with intent", i.e. publicly disclosing a password for someone's phone or computer so that others can access it illegally.
In 2015, the Act was further amended by Part 2 sections 41 to 44 (plus others) of the
Serious Crime Act 2015
The Serious Crime Act 2015 is an Act of the Parliament of the United Kingdom. Introduced in June 2014 as part of the Queen's Speech opening the 2014-15 session of Parliament, the Bill was sponsored by the Home Office. It was passed by Parliament ...
.
The amendments
The amendments to the Computer Misuse Act 1990 by Part 5 of the Police and Justice Act 2006 are
* Section 35. Unauthorised access to computer material, punishable by up to two years in prison or a fine or both.
* Section 36. Unauthorised acts with intent to impair operation of computer, etc. punishable by up to ten years in prison or a fine or both.
* Section 37. Making, supplying or obtaining articles for use in computer misuse offences, punishable by up to two years in prison or a fine or both.
* Section 38. Transitional and saving provision.
The amendments to the Computer Misuse Act 1990 by Part 2 of the Serious Crime Act 2015.
[ are
* Section 41 (new Section 3ZA of the Computer Misuse Act 1990). Unauthorised acts causing, or creating risk of, serious damage – punishable by up to 14 years in prison or a fine or both, possible life imprisonment where human welfare or national security were endangered.
* Section 42. Obtaining articles for purposes relating to computer misuse – amendments to Section 3A.
* Section 43. Territorial scope of computer misuse - amendments to Sections 4, 5 and 10 making the primary territorial scope the United Kingdom but can be worldwide especially if the perpetrator (or conspirators) is British and broke local law.
* Section 44. Savings – covers seizure and enactment amendments to Sections 10 and 16.
* Section 47. Serious Crime Prevention Orders: meaning of "Serious Offence" - adds Computer Misuse to list of serious crimes in the ]Serious Crime Act 2007
The Serious Crime Act 2007 is an Act of the Parliament of the United Kingdom that makes several radical changes to English criminal law. In particular, it creates a new scheme of serious crime prevention orders to frustrate crime in England a ...
including being grounds for compulsory winding up of a company.
* Section 86. Transition and savings provisions – requires Sections 42 and 43 to be brought into force before they can be used.
* Schedule 1. Amendments to Serious Crimes Act 2007: Scotland – similar changes to Scottish law.
* Schedule 4. Minor and consequential amendments – changes Computer Misuse Act 1990 and the Armed Forces Act 2006
The Armed Forces Act 2006 (c 52) is an Act of the Parliament of the United Kingdom.
It came into force on 31 October 2006. It replaces the three separate Service Discipline Acts (the Army Act 1955, the Air Force Act 1955 and the Naval Discip ...
.
Application to the NHS
In April 2020, Matt Hancock
Matthew John David Hancock (born 2 October 1978) is a British politician who served as Minister for the Cabinet Office and Paymaster General from 2015 to 2016, Secretary of State for Digital, Culture, Media and Sport from January to July 201 ...
issued directions giving GCHQ
Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Uni ...
temporary powers over National Health Service
The National Health Service (NHS) is the umbrella term for the publicly funded healthcare systems of the United Kingdom (UK). Since 1948, they have been funded out of general taxation. There are three systems which are referred to using the " ...
information systems until the end of 2020 for the purposes of the Act to support and maintain the security of any network and information system which supports, directly or indirectly, the provision of NHS services or public health services intended to address COVID-19
Coronavirus disease 2019 (COVID-19) is a contagious disease caused by a virus, the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The first known case was identified in Wuhan, China, in December 2019. The disease quickly ...
.
Reform
In May 2021, UK Home Secretary Priti Patel announced the formal review of the Computer Misuse Act. She also launched a Call for Information on the Act that seeks views on whether there is activity causing harm in the area covered by the Act that is not adequately covered by the offences, including whether the legislation is fit for use following the technological advances since the CMA was introduced, and any other suggestions on how the legislative response to cyber crime could be strengthened.
The review of the Act follows growing calls, in recent year, for a complete government review of the Computer Misuse Act, in order to bring about new reforms.
In November 2019, Dame Lynne Owens, Director General of the National Crime Agency
The National Crime Agency (NCA) is a national law enforcement agency in the United Kingdom. It is the UK's lead agency against organised crime; human, weapon and drug trafficking; cybercrime; and economic crime that goes across regional and in ...
(NCA), warned that "the Computer Misuse Act went through Parliament at a time when cyber wasn't the tool that it is now is to enable all sorts of crimes like fraud" and talked about plans to introduce reforms to make sure the law was "fit for purpose in the modern age".
In January 2020, the Criminal Law Reform Now Network (CLRNN) published a comprehensive report highlighting the Act's shortcomings and making detailed recommendations for reform.
In the same month, the CyberUp Campaign was established with the intention of lobbying the UK government to "update and upgrade" the Act. The Campaign's launch was covered by ''The Guardian
''The Guardian'' is a British daily newspaper. It was founded in 1821 as ''The Manchester Guardian'', and changed its name in 1959. Along with its sister papers ''The Observer'' and ''The Guardian Weekly'', ''The Guardian'' is part of the Gu ...
'' in an article that echoed the call for "urgent reform". The CyberUp Campaign is made up of a wide coalition of supportive bodies from within the cyber security industry, including the large cyber consultancies NCC Group and F-Secure
F-Secure Corporation is a global cyber security and privacy company, which has its headquarters in Helsinki, Finland.
The company has offices in Denmark, Finland, France, Germany, India, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Sweden, ...
and the cyber industry trade body techUK. In November 2020, the campaign gained the backing of the Confederation of British Industry
The Confederation of British Industry (CBI) is a UK business organisation, which in total claims to speak for 190,000 businesses, this is made up of around 1,500 direct members and 188,500 non-members. The non members are represented through the 1 ...
.
The coalition was formed based on the shared view that an update of the UK's cyber crime legislation is necessary to protect national security and to increase economic growth for the UK cyber security industry. The Campaign refers to Section 1 of the Act, "prohibiting unauthorised access to computers", stating that it inadvertently criminalises a large amount of cyber security and threat intelligence research and investigation which is frequently conducted by UK cyber security professionals.
The Campaign has called for two key amendments:
# Amend the law to allow cyber security and threat intelligence researchers acting in the public interest to explain and justify their actions and to allow the detection or prevention of crime.
# Create a set of clear legal definitions to ensure that cyber security and threat intelligence researchers who reasonably believe they have authorisation to act can legitimately do so.
On 29 June 2020, to celebrate the Act's 30th birthday, the CyberUp Campaign wrote an open letter to the prime minister on behalf of a number of cyber security industry figures to highlight the Act's outdatedness in a time of rapid digital advancement. This was published in ''The Daily Telegraph
''The Daily Telegraph'', known online and elsewhere as ''The Telegraph'', is a national British daily broadsheet newspaper published in London by Telegraph Media Group and distributed across the United Kingdom and internationally.
It was f ...
'', with the headline "Cyber security experts say they are being prevented from stopping computer fraud".
In July 2020, the Intelligence and Security Committee of Parliament
The Intelligence and Security Committee of Parliament (ISC) is a statutory joint committee of the Parliament of the United Kingdom, appointed to oversee the work of the UK intelligence community.
The committee was established in 1994 by the ...
, responsible for oversight of the UK intelligence services, published the Intelligence and Security Committee Russia report
"The Russia report" is the report of the British Intelligence and Security Committee of Parliament (ISC) into allegations of Russian interference in British politics, including alleged Russian interference in the 2016 Brexit referendum and the ...
and recommended that "the Computer Misuse Act should be updated to reflect modern use of personal electronic devices". While the government response to the report said that the Act was regularly reviewed to determine the benefits of legislative change, the Shadow Foreign Secretary
In UK politics, the Shadow Secretary of State for Foreign, Commonwealth and Development Affairs is a position within the opposition's shadow cabinet that deals mainly with issues surrounding the Foreign Office. If elected, the person serving a ...
, Lisa Nandy, highlighted in January 2021 that no progress had been made towards implementing the recommendation.
In November 2020, the CyberUp Campaign and techUK published a new report on the Computer Misuse Act, which was the first piece of work to quantify and analyse the views of the wider UK security community. The report found that 80 per cent of cyber security professionals have worried about breaking the law when researching vulnerabilities or investigating cyber threat actors. Furthermore, 91 per cent of businesses that responded to the report’s survey suggested they had been put at a competitive disadvantage by the Act, and that reform would allow their organisation to reap significant productivity improvements, growth and resilience benefits. The report recommended that the government consider implementing the two above amendments.
See also
* Computer crime
* Internet fraud
Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Int ...
* Data Protection Act 1998
References
* Neil MacEwan
"The Computer Misuse Act 1990: lessons from its past and predictions for its future"
(2008), ''Criminal Law Review'' 955.
* Stefan Fafinski, ''Computer Misuse: Response, Regulation and the Law'' (Cullomption, Willan 2009)
* Yaman Akdeniz, ''Section 3 of the Computer Misuse Act 1990: an Antidote for Computer Viruses!'' (1996) 3 Web JCL
including reference to the case of Christopher Pile (aka 'the Black Baron') in November 1995.
* Derek Wyatt
''Computer Misuse Act (amendment) speech''
Notes
External links
The Internet Crime Forum
Amendments to the Computer Misuse Act 1990
covered by the Open Rights Group
The Open Rights Group (ORG) is a UK-based organisation that works to preserve digital rights and freedoms by campaigning on digital rights issues and by fostering a community of grassroots activists. It campaigns on numerous issues including ma ...
A list of Computer Misuse Act cases compiled by Michael J L Turner
{{UKlegislation
United Kingdom Acts of Parliament 1990
Computing legislation
Hacking (computer security)