The Computer Misuse Act has been criticised for being ill-equipped to deal with modern cybercrime, having been drafted in the late 1980s. (To put this in context, while the roots of the internet can be traced back to 1969, the World Wide Web was only launched in 1989.)
There have been various calls for amendment over the past few years. These included a Private Member's Bill, introduced by the Earl of Northesk in 2002; but like most Private Members' Bills, it failed. Last year the Government said that it would overhaul the legislation as soon as Parliamentary time allowed.
Derek Wyatt MP, Chairman of the All Party Parliamentary Internet Group said:
"There is a lot of very disruptive activity on the internet, from outright hacking and the distribution of viruses, through denial of service attacks on systems, and right down to the sending of spam via insecure end-user machines. Some of this is clearly illegal today, but some of it seems to fall into grey areas or is difficult to deal with across jurisdictional borders."
The Group, a discussion forum between new media industries and parliamentarians, is to hold the public inquiry on the issue on 29th April and has called on all interested parties to put forward written evidence to the inquiry before 9th April.
Mr Wyatt explained:
"We need to know if the law, both in the UK and elsewhere, needs strengthening to ensure that we can deter bad behaviour, and also prosecute and convict where necessary."
The inquiry will particularly focus upon:
Whether the Act is broad enough to cover the criminality encountered today;
Whether the Act's generic definitions of computers and data have stood the test of time;
Whether there are "loopholes" in the Act that need to be plugged;
What revisions may be needed to meet the UK's international treaty obligations; and
Whether the penalties within the Act are sufficient to deter today's criminals.
Denial of service attacks represent one of the most obvious loopholes in the 1990 Act. These attacks involve a server being deliberately flooded with requests for information, causing it to collapse due to overloading.
The loophole exists because the Act expects there to be access to or modification of material. With a denial of service attack it can be argued that there is no such access. However, in England, it is possible that such an attack could also constitute an offence under the Criminal Damage Act. In Scotland, it could potentially be prosecuted as malicious mischief.