Computer Misuse Act 1990

Course Content Specification

Describe and identify the implications for individuals and businesses of the Computer Misuse Act 1990:

- Unauthorised access to computer material
- Unauthorised access with intent to commit a further offence
- Unauthorised modification of programs or data on a computer

Computer Misuse Act

This piece of legislation deals with the misuse of computer networks in an illegal manner.

This law makes it an offence to:

Gain unauthorised access to computer material.
Unauthorised access with intent to commit or facilitate commission of further offences
Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etc.

So for example if a pupil attempts to, or manages, to gain access (hack) to the school network to change their grade they would be breaching the Computer Misuse Act as they have gained unauthorised access (Offence 1) and also modified data (Offence 3).

If a disgruntled employee sabotaged a network or released security information to a competitor so that they could access the network that could also be an offence. This law can enforce fines, prison sentences and/or confiscation of all computer equipment.

Some further reading

Official Computer Misuse Act Legislation - https://www.legislation.gov.uk/ukpga/1990/18/contents

CPS Site - https://www.cps.gov.uk/legal-guidance/computer-misuse

Computer Misuse Act Cases: http://www.computerevidence.co.uk/Cases/CMA.htm

Next - Security Risks