Offences under the Computer Misuse Act 1990 Flashcards
Q: Why was the Computer Misuse Act 1990 enacted?
Computer Misuse Act 1990- enacted to deal with activities such as hacking.
Q: What is the law on unauthorised access to computer material?
S1 1990 Act- unauthorised access to computer material
(1) A person is guilty of an offence if-
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at—
(a) Any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
Q: What are the AR and MR of the offence?
AR: causing a computer to perform a function to secure unauthorised access to data. This means more than looking at info on a screen, D must make a computer do something eg: logging on, even if he is unsuccessful or denied access.
MR: D must know that access is unauthorised and must intend to secure access to the programme or data. The offence is about knowingly securing unauthorised access, rather than unauthorised use.
Q: Does the person have to intend to use the data for a criminal purpose?
The offence under s1 may be committed by someone accessing and looking at info he is not authorised to access. He does not have to intend to use that data for any criminal purpose. He just accesses it.
Q: What type of offence is s1? What is the sentence?
Triable either way offence.
Carries a maximum sentence of 2 years imprisonment on indictment.
Q: How is ‘computer’ defined?
Not defined in the Act and should be given its ordinary meaning. It can be assumed that smart phones and tablets would fall under the definition.
Q: What if you have authorised access to some parts of the data but not all of it?
Any access D intends to secure must be unauthorised. If you are authorised to access certain data and not others, the offence will still be complete.
Q: What is meant by ‘performs any function’?
S17 1990 Act- clarifies the terms in the offence
(2) A person secures access to any program or data held in a computer if by causing a computer to perform any function he—
(a) alters or erases the program or data;
(b) copies or moves it to any storage medium other than that in which it is held or to a different location in the storage medium in which it is held;
(c) uses it; or
(d) has it output from the computer in which it is held (whether by having it displayed or in any other manner).
Q: What powers are used for entry, search and seizure?
General PACE powers of entry, search and seizure will apply to this offence.
Q: What is the law on authorised access with intent to commit a further offence?
S2 1990 Act- unauthorised access with intent to commit or facilitate commission of further offences
(1) A person is guilty of an offence under this section if he commits an offence under section 1 above (“the unauthorised access offence”) with intent—
(a) to commit an offence to which this section applies; or
(b) to facilitate the commission of such an offence (whether by himself or by any other person);
and the offence he intends to commit or facilitate is referred to below in this section as the further offence.
(2) This section applies to offences-
(a) for which the sentence is fixed by law; or
(b) for which a person of 21 years or over, not previously convicted, may be sentenced to imprisonment of at least 5 years.
Q: How is the s2 offence an extension of the s1 offence?
It is all about someone who commits the unauthorised access offence intending to commit or facilitate the commission (either himself or by someone else) of a further serious offence. Serious is with a sentence fixed by law or one carrying a sentence of 5 years or more.
Q: Does the offence have to be committed at the same time as the unauthorised access offence?
S2(3)
This offence does not have to be committed at the same time as the unauthorised access offence and may be committed in the future. Eg; when data is accessed to use it at a future point in time to commit fraud.
Q: What type of offence is s2? What sentence does it carry?
Triable either way offence.
Carries a sentence of 5 years on indictment.
Q: What does s2(4) add regarding the further offence?
S2(4) A person may be guilty of an offence under this section even though the facts are such that the commission of the further offence is impossible. Eg: bank account of someone is accessed and then it turns out the person has no funds.
Q: What is the law of a denial-of-service attack?
S3 1990 Act-creates an offence dealing with a denial-of-service attack, where a hacker denies victims a service that they are entitled to eg: causing a system to crash.
(1) A person is guilty of an offence if-
(a) he does any unauthorised act in relation to a computer;
(b) at the time when he does the act he knows that it is unauthorised; and
(c) either subsection (2) or subsection (3) below applies.
(2) This subsection applies if the person intends by doing the act—
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in any computer; or
(c) to impair the operation of any such program or the reliability of any such data
(3) This subsection applies if the person is reckless as to whether the act will do any of the things mentioned in paragraphs (a) to (d) to (c) of subsection (2) above.
