Whitehall begins review of UK's cybercrime laws

The Government has begun a review of the Computer Misuse Act, acting on concerns that UK law contains loopholes that make it...

The Government has begun a review of the Computer Misuse Act, acting on concerns that UK law contains loopholes that make it difficult for the police to prosecute the perpetrators of denial of service attacks.

The review, which is being spearheaded by the Internet Crime Forum and the Crown Prosecution Service (CPS), will assess the effectiveness of the Act against different types of denial of service attacks. It forms part of a wider re-assessment of the UK's computer crime laws planned by the Home Office, following the Government's decision to sign the European Convention on Cybercrime in November.

The Internet Crime Forum, which includes representatives from businesses, police and the Government, plans to draw on the expertise of its members to complete the review in a matter of months.

"We will clearly be looking to form a view of the effectiveness of the Computer Misuse Act and more particularly the areas we would advocate amending," said Mark Bowring, senior policy advisor at the CPS, who is co-ordinating the work.

The move comes after the National High-Tech Crime Unit voiced concerns to the Home Office about the difficulties of prosecuting certain types of denial of service attacks under the Computer Misuse Act.

In February Computer Weekly launched the Lock Down the Law campaign to co-ordinate industry efforts to persuade the Government to update the UK's computer crime laws.

Industry groups are concerned that the Act, which was formulated before the creation of the World Wide Web, should be updated to bring it into line with current business practices and security threats.

The Home Office said this week that changes will have to be made to computer crime laws in the UK, including the Computer Misuse Act, in order to implement the European Convention on Cybercrime.

"We are sympathetic to the concerns of industry and law enforcement in this area and are keen to work with them to ensure that any proposed amendments to the law are necessary, relevant and fit for the purpose," an official said.

The Home Office said case law for denial of service attacks is not yet mature, and that it would consider any recommendations made in the Internet Crime Forum's report.

Read more on IT legislation and regulation