An influential computer crime group representing
businesses, police, government departments and the Crown
Prosecution Service has called for tougher prison sentences to
deter computer hackers.
The Internet Crime Forum has urged the Home Office to amend the
Computer Misuse Act to increase the maximum prison sentence for the
least-serious hacking offences from six months to five years.
Last year Computer Weekly launched its Lock Down the Law campaign
in an attempt to co-ordinate industry efforts to persuade the
government to update the UK's computer crime laws.
The ICF's proposals, contained in a review of the Computer Misuse
Act presented to the Home Office, are designed to update UK law and
bring it in to line with emerging European computer crime
treaties.
The government has been facing growing pressure to review the law
in the light of the development of the internet and the emergence
of new threats, such as denial of service attacks. The Act has been
criticised by businesses because hackers prosecuted under it have
received light community service orders or fines rather than prison
sentences.
The ICF paper urged the Home Office to increase the maximum
sentence for basic unauthorised-access offences to five years, as
is the case with more serious offences, such as modifying data
without authorisation. This would make all hacking crimes
extraditable offences and give police powers to search and seize a
suspect's computer equipment for evidence. It would also mean that
law enforcement agencies would have three years to bring a
prosecution rather than the current time limit of six months.
The ICF also urged the government to clarify section three of the
Computer Misuse Act, which makes it an offence to modify computer
data without authorisation, so that it can be more easily used to
bring prosecutions against perpetrators of denial of service
attacks, some of which may be difficult to prosecute under the
Act's current wording.
The UK's National High-Tech Crime Unit welcomed the ICF's
proposals, saying that any move to increase sentencing and assist
police in gathering evidence would help in the fight against
cybercrime.
"Everyone has been consulted and has contributed so it is really a
case of industry, police and lawyers all getting together and
working positively to fix some cracks in the legislation. It should
make life better for the cops and more uncomfortable for the
robbers," said another police source.
The ICF said the Computer Misuse Act would have to be reworked, or
new primary legislation introduced to bring UK law into line with
the European Convention on Cybercrime and a proposed European
Council framework on attacks against information systems.