Computer misuse legislation
Computer Misuse Act (1990)
The Computer Misuse Act protects personal data held by organisations from unauthorised access and modification).
The act makes the following illegal:
- Unauthorised access to computer material. This refers to entering a computer system without permission (hacking)
- Unauthorised access to computer materials with intent to commit a further crime. This refers to entering a computer system to steal data or destroy a device or network (such as planting a virus)
- Unauthorised modification of data. This refers to modifying or deleting data, and also covers the introduction of malware or spyware onto a computer (electronic vandalism and theft of information)
- Making, supplying or obtaining anything which can be used in computer misuse offences
These four clauses cover a range of offences including hacking, computer fraud, blackmail and viruses.
Failure to comply with the Computer Misuse Act can lead to fines and potentially imprisonment.
| Offence | Penalty |
|---|---|
| Unauthorised access to computer material | Up to six months in prison and/or an up to a £5,000 fine |
| Unauthorised access to computer materials with intent to commit a further crime | Up to a five-year prison sentence and/or an unlimited fine |
| Unauthorised modification of data | Up to a five-year prison sentence and/or an unlimited fine |
| Making, supplying or obtaining anything which can be used in computer misuse offences | Up to a ten-year prison sen |