Police powers: Protests
An overview of the relevant legislation, guidance and debates concerning the policing of protests.
A Westminster Hall debate has been scheduled for 11.30am on Tuesday 19 April 2022 to consider the Computer Misuse Act 1990. The debate will be opened by Dr Jamie Wallis MP.
Westminster Hall debate on the Computer Misuse Act 1990 (2 MB , PDF)
There will be a Westminster Hall debate on the Computer Misuse Act 1990 on 19 April 2022. The debate will be led by Dr Jamie Wallis MP.
The Computer Misuse Act 1990 was created to specifically address cyber- dependent crimes such as hacking and misuse of communications systems.
In 2021 the Home Office published a consultation calling for views on the legislation and whether it could be strengthened to respond to the ongoing threat of cyber- dependent crime. This consultation ended in June 2021. A recent response to a parliamentary question said that the responses to the review were being considered and that the Government would provide an update to Parliament in due course.
Cybercrime can be divided into two categories:
The Computer Misuse Act 1990 was created to specifically legislate for cyber-dependent crimes such as hacking and misuse of communications systems.
The 1990 Act sets out the offences associated with interfering with a computer (hacking) and the associated tools (such as malware, viruses and Trojan Horses) that enable computer systems to be breached. Sections 1 to 3A create five criminal offences to tackle cybercrime:
The Act was most recently amended in 2015 by the Serious Crime Act 2015 which created the offence under section 3ZA of unauthorised acts causing serious damage.
Further information on the offences in the Act is provided in Crown Prosecution Service guidance, Computer Misuse Act.
The Government has said that, whilst the Computer Misuse Act continues to be a key part of the response against cybercrime, changes to society’s use of the internet in the last thirty years and an increasing threat from cyber criminals mean that the Act should be reviewed to ensure it is effective in protecting against the threat of cybercrime. The Home Office held a consultation on the Computer Misuse Act between May and June 2021.
The consultation noted the increased use of the internet and the significant threat from cybercrime:
[…] the Act was passed 30 years ago, and since then the reliance of society on the digital world has increased enormously, we are now critically dependent on the internet. The threat is significant. As the Serious Organised Crime Strategy 2018 sets out, cyber security breaches create significant costs for businesses, particularly ransomware attacks, where businesses and organisations, including the NHS, are significantly disrupted. To take action against these threats, the Government has invested £1.9bn through the National Cyber Security Programme between 2016 – 2021 to develop the UK’s cybersecurity.
The consultation asked respondents about whether there were “legislative gaps in our response to cyber-dependent crime, and in particular if there is a need to make changes to the Computer Misuse Act to improve our ability to protect our society from the threat posed by cyber-dependent crime.”
It asked about several elements in the Act, including whether:
This consultation ended in June 2021. A recent response to a parliamentary question said that the responses to the review were being considered and that the Government would provide an update to Parliament in due course.
One concern raised by representatives of the cybersecurity industry is that the Computer Misuse Act applies a blanket prohibition of all unauthorised access to computer material, irrespective of intention. They report that this inadvertently criminalises a large proportion of vulnerability and threat work undertaken by UK cybersecurity professionals.
The CyberUp campaign group (a coalition of industry bodies) is calling for the inclusion of a statutory defence within the Computer Misuse Act to ensure that “cyber security professionals who are acting in the public interest can defend themselves from prosecution by the state and from unjust civil litigation.” It argues that the current legislation “leaves the UK’s cyber defenders having to act with one hand tied behind their back because much of their defensive work requires the interaction with compromised victims’ and criminals’ computer systems where owners have not, or are unlikely to, explicitly permit or authorise such activities.” The CyberUp campaign provides more detail on this issue in a campaign briefing.
A 2020 report by the Criminal Law Reform Now Network (which facilitates collaboration between academics and others on criminal law reform) provides an analysis of the Computer Misuse Act and makes proposals for reforms. It states that the Act “requires significant reform to make it fit for the 21st Century” and proposes a number of changes to the legislation.These include:
More information is provided in the report, Reforming the Computer Misuse Act 1990.
Westminster Hall debate on the Computer Misuse Act 1990 (2 MB , PDF)
An overview of the relevant legislation, guidance and debates concerning the policing of protests.
Ofcom enforces measures in the Online Safety Act to protect web users from suicide or self-harm content. It also regulates broadcast media, but not the press.
A Westminster Hall debate has been scheduled for 1.30pm on 5 September on waste crime in Staffordshire. The debate will be opened by Adam Jogee MP.