Cyber crime and hacking law to be formally reviewed, Priti Patel announces
British Home Secretary Priti Patel processes through the Central Lobby on the way to the House of Lords to listen to the Queen's Speech during the State Opening of Parliament in London, Britain May 11, 2021. Stefan Rousseau/PA Wire/Pool via REUTERS
The Computer Misuse Act is being formally reviewed after years of complaints it criminalises cyber security researchers.
The law designed to prevent malicious hackers from accessing personal information and other types of cyber crimes will be formally reviewed to ensure it is fit for purpose, Home Secretary Priti Patel has announced.
The Computer Misuse Act was first introduced in 1990 to prohibit unauthorised access to computer material and has been revised several times to account for technological developments, including making the supply or owning of hacking tools illegal and acts that could aid cyber warfare.
Academics, law enforcement agencies and cyber industry experts will be called to provide information to ensure the Act is fit for purpose and up to date, Ms Patel said in a speech made at the annual CyberUK conference.
“It is critical that government has all the right levers available to it to ensure that those who commit criminal acts in the cyberspace are effectively investigated by law enforcement and prosecuted by our criminal justice system, including those perpetrating the most heinous and appalling crimes against children and those committing serious fraud,” she said.
“As part of ensuring that we have the right tools and mechanisms to detect, disrupt, and deter our adversaries. I believe now is the right time to undertake a formal review of the Computer Misuse Act.”
Cyber security experts have long criticised the Act as being out of touch, arguing that it was created when internet use was restricted to less than one per cent of the UK population and before the modern concept of cyber security existed.
CyberUp, a campaign group formed to push for reform of the Act, has called it in its current form “hopelessly outdated and legally ambiguous,” claiming it prevents security professionals from researching cyber threats for fear of prosecution.
Ollie Whitehouse, chief technical officer of IT security firm NCC Group and spokesperson for the CyberUp Campaign, said the group hoped the review would highlight the Act’s current shortcomings and lead to “sensible reforms that will keep protecting the UK from an evolving landscape of cyber threats”.
“This law – written in 1990 – didn’t foresee the birth of the cyber security profession, and therefore leaves ethical cyber security researchers unclear as to whether or not they will be prosecuted simply for doing their jobs. The result is a chilling effect on the cyber security industry, leaving the UK less safe from cyber criminals,” he said.
“This is a long overdue step for a piece of legislation that simply hasn’t kept pace with changes in technology.”
The National Cyber Security Centre took down 700,595 malicious online campaigns during 2020, 15 times more than in 2019 as criminals sought to take advantage of people during the pandemic.
The Centre also observed an increased in hacking and phishing attempts across the world, it announced in its fourth annual report.
Source: (iNews)