Changes in cyber crime laws proposed

Changes to UK computer crime laws have been proposed by Conservative peer Lord Northesk.

Last week, he said he was seeking to amend the Computer Misuse Act (CMA) 1990 to give the police and judiciary greater “legal clarity” when dealing with computer crime.

The Government is currently trying to update the CMA through amendments in the Police and Justice Bill 2006 being debated in the House of Lords. Northesk has proposed amendments to the government`s own amendments.

Silicon.com reported the proposed amendments: “As it stands, paragraph 1b of Clause 41 of the Police and Justice Bill would make it an offence to release a computer tool that is “likely to be used” in a computer offence. As reported last month, experts are concerned the government`s proposals would have criminalised IT and security professionals who make network monitoring tools publicly available or who disclose details of unpatched vulnerabilities.

“Northesk`s amendments would see this paragraph deleted, if passed. He believes it could even criminalise the police, if they create and distribute tools for forensic investigation.”

Northesk said: “The key point in Clause 40 is the inclusion of recklessness and intention [in launching attacks]. With effective civil disobedience, a whole series of people petition online [which may cause servers to crash]. Under the current draft this form of legitimate protest may be denied.

“The purpose of the Clause 40 amendment is to address the fundamental issue that a lot of internet activity – such as electronic civil disobedience – currently comes under CMA.”

Northesk told silicon.com sister site ZDNet UK: “I`m a great believer in legal clarity. Too often within government it`s not properly understood that which is trying to be achieved. In the desire to future-proof legislation, they tend not to address problems that are sitting there because they are seen as difficult to understand.”