What’s the 1990 Computer Misuse Act?

Print anything with Printful



The Computer Misuse Act 1990 in the UK makes activities like hacking, software abuse, and accessing protected computer files illegal. It was created after the successful appeal of Robert Schifreen and Stephen Gold’s conviction for hacking into British Telecom Prestel’s system. The act prohibits unauthorized access, modification, and use of someone else’s identification to access a computer or commit a crime. Violations can result in fines and/or imprisonment.

The Computer Misuse Act 1990 is a UK law that makes certain activities illegal, such as hacking into other people’s systems, abusing software, or helping a person access someone else’s protected computer files . The act was created after the R v. Gold 1984-1985, which was appealed in 1988. The appeal was successful, inspiring parliament to create a law making the conduct committed by Robert Schifreen and Stephen Gold punishable. Obviously it couldn’t be applied retroactively, but its goal was to discourage behavior like theirs in the future.

What happened to start the case and ultimately lead to law was the following: Gold saw a Prestel employee at a trade show enter his username and password into a computer. Gold and Schifreen then used this information from a home computer to access British Telecom Prestel’s system, and specifically to hack into Prince Philip’s private message box. Prestel learned of this access, trapped the two men and charged them with fraud and forgery. The men were convicted and fined, but have appealed.

One of the key aspects of the appeal was that the two men were not using the data in any way for personal or illegal gain. Since spying on someone else’s system implied no material gain, they argued that the charges under specific laws could not apply to them. The House of Lords acquitted the men but has become determined to ban this type of behavior in the future. This led to the development of the Computer Misuse Act and its adoption into law in 1990, two years after the appeal’s success.

The act is divided into three sections and makes the following acts illegal:

Unauthorized access to computer equipment
Unauthorized access to computer systems with the intent to commit another crime
Unauthorized modification of computer equipment
The first section of the act prohibits a person from using someone else’s identification to access a computer, run a program, or obtain data, even if such access does not involve any personal benefit. Individuals also may not modify, copy, delete or move a program. The Computer Misuse Act also prohibits any attempt to obtain someone else’s password. Obviously, if someone gives another person their identification and can legally use the computer, these laws in case of unauthorized access do not apply.
The second provision of the law is access to a computer system to commit or facilitate a crime. An individual may not use someone else’s system to send material that may be offensive or to run worms or viruses. Also, he can’t give someone his identification of hers so they can use a system for this purpose. This second part means that the individual would be facilitating someone else’s intent or crime.
Unauthorized modification in the Computer Misuse Act means that a person cannot delete, modify or corrupt the data. Again, if someone put a virus on someone else’s system, he would be violating the act. Usually, just committing unauthorized access is considered a crime punishable by a fine. Intentional access and unauthorized modification are considered more severe and can be punished with large fines and/or prison.




Protect your devices with Threat Protection by NordVPN


Skip to content