UK gov urged to overhaul "unfit for purpose" Computer Misuse Act
Cyber security experts say 30-year-old law has not kept pace with advances in technology
A coalition of businesses, trade bodies, lawyers and cyber security lobby groups has urged the government to reform laws on cyber crime, which they say are "unfit for purpose".
The legislation first came into effect in 1990 after two men hacked into Prince Philip's Prestel account. At the time, the two couldn't be found guilty as no laws on computer hacking existed, so one was created. However, 30-years-on, the law now affects research into cyber crime.
The coalition calling for it to be changed includes NCC Group, F-Secure, techUK, McAfee, Trend Micro and many more. In their letter, they state that section 1 of the Act prohibits the unauthorised access to any programme or data held in any computer and has not kept pace with advances in technology.
"With the advent of modern threat intelligence research, defensive cyber activities often involve the scanning and interrogation of compromised victims and criminals systems to lessen the impact of attacks and prevent future incidents," the letter reads. "In these cases, criminals are obviously very unlikely to explicitly authorise such access."
The reasoning is that the law hampers research into threats and therefore increases the risk to the UK's critical national infrastructure. Those who signed letter suggest the issue is very urgent, highlighting the nation's resilience on secure digital technologies, especially given the impact of the coronavirus.
Cybersecurity crisis-planning checklist
Tips for planning and ensuring business continuityDownload now
The letter cites other examples from countries, such as the US and France, and suggests that the UK has fallen behind with its laws on cyber crime.
"This creates an advantage for competing cybersecurity sectors, which could see the UK lose out on as many as 4,000 additional high-skilled jobs by 2023 without reform," said the letter.
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now