MPs take fresh look at hacking legislation

The All Party Parliamentary Internet Group (Apig) has called for an overhaul of the Computer Misuse Act (CMA) to bring the 1990 legislation up to date with recent technological developments.

Brian White MP, Treasurer of Apig, said in a statement that it was necessary to update the legislation and ensure that the penalties it defines are strong enough to deter today's criminals.

"The CMA has stood the test of the time remarkably well. However, it was drafted before the revolutionary nature of the internet and the world wide web was fully known," he said.

"As more people find increasingly sophisticated ways to attack our information systems it is important we have all the protections we need. A review of the Act is therefore timely."

The inquiry will examine whether CMA's generic definitions of computers and data need upgrading and find ways to plug any loopholes that may exist. Apig said it also needed to make sure that the law met the UK's current international treaty obligations.

Richard Allen, Apig's joint vice chairman, told vnunet.com that while malicious internet activity such as hacking was clearly illegal and covered by the CMA, other activity, such as denial of service attacks, phishing and some virus attacks, fell into grey areas.

Another concern is the difficulty of dealing with attacks across jurisdictional borders.

"We are talking about network attacks which are difficult to judge, and the CMA needs some clarity," said Allen.

"The Home Office has recognised this and we thought it would be helpful to get the technical angle. Also, we need to make sure we have parallel procedures with other countries' laws."

Industry has the same concerns about the CMA.

"In some respects it works quite well, in others it is too broad," Nick Ray, chief executive officer of intrusion protection software company Prevx, told vnunet.com.

"It would be useful to make the law more specific and crystal clear about identifying what is illegal and how to prosecute offenders."

Interested parties are being asked to present written evidence to the inquiry before 9 April 2004.

A public hearing will be held in the House of Commons on 29 April, when MPs will question industry, government and the public on their suggested revisions to the CMA.