The Computer Misuse Act became law in August 1990. The Act identifies three specific offences:
1. unauthorised access to computer material; for e.g. a program or data
2. unauthorised access with intent to commit or facilitate commission of further offences for e.g. obtaining personal data such as Internet banking passwords.
3. unauthorised modification of computer material. What can happen to individuals under the law?
The basic offence as a summary offence carries a maximum prison sentence of six months or a maximum fine of £2000 or both.
Offences 2 and 3 are punishable with imprisonment for a term not exceeding five years, or a fine or both.
Example 1: Unauthorized access to computer material
This would include using another using another person’s user name and password without proper authority in order to use a data or a program, reading examination papers or examination results and essentially having a look around.
Example 2: Unauthorized access to a computer with intent to commit a further crime
This would include for e.g. gaining unauthorised access to a user’s credit card details and then using them to order goods fraudulently from a website.
Example3: Unauthorized modification of computer material
This would include deleting another user’s files; modifying system files, creating and sending of a virus or in the case of some adware, running code that takes up so much of the system resources that the computer fails to function properly.
Action to deal with misuse
- Preventative measures
The simplest form of preventing action is training so that all employees are perfectly clear about what their responsibilities are and what standards are expected of them. - Computer security
These include security mechanisms, access levels, firewalls and anti-virus software.
You can find more information on this website: http://en.wikipedia.org/wiki/Computer_Misuse_Act
Questions
- What are the three specific offences of the Computer Misuse Act?
- In which month and year did it become law?
- Define user names and passwords.
Exam Tips
Do not use one-word answers e.g. 'passwords' for questions about security precautions. You must explain what you mean' for example , 'Each authorised user should be given a password to use to access the system and forced to change it regularly.'