Law Stack Exchange
Law Stack Exchange

Questions tagged [computer-misuse-act]

Questions involving the U.K. Computer Misuse Act

The 1990 U.K. Computer Misuse Act is frequently cited in questions. A similar law in the U.S. is the .

42 questions
16
votes
3 answers

Are Drone Intrusion Prevention Systems (Drone IPS) systems illegal?

A drone intrusion prevention product being advertised at RSA Conference this year has piqued my interest, and I'm trying to determine whether it and other drone IPS systems are illegal. For background, a WIPS is a device which looks for unexpected…
Polynomial
  • 261
  • 1
  • 6
14
votes
2 answers

Could it be illegal to intentionally "poison" AI crawling?

There is a youtube about generating images with features designed to "poison" generative AI trained on those images. This technique could potentially be used by anyone who was worried about their content being harvested by AI's. On any website…
User65535
  • 10,342
  • 5
  • 40
  • 88
12
votes
1 answer

Legal Rule that computers are presumed to be operating correctly

I was reading the following academic paper. At the very beginning, it mentions that under the Law in England & Wales, a computer is presumed to be operating correctly. This is the line I am interested in: "In England and Wales, courts consider…
user5623335
  • 1,374
  • 2
  • 14
  • 34
10
votes
1 answer

Exploiting online video games illegal, a tort, or allowable under the law?

Recently a news story came out about "Manfred", a hacker who makes a living exploiting bugs in online video games to make in-game currency (or items) which he then sells to other gamers. Here is a description: A hacker says he turned finding and…
Cicero
  • 7,354
  • 5
  • 37
  • 60
8
votes
1 answer

Section 3A of the United Kingdom's Computer Misuse Act 1990

Section 3A of the United Kingdom's computer misuse act states you are not allowed to produce, obtain or supply articles which can be used for computer misuse. How do UK information security bloggers and conference speakers go about this, as…
Lucas Kauffman
  • 331
  • 1
  • 9
6
votes
3 answers

How is "unauthorized" access determined under the Computer Misuse Act?

Regarding the Computer Misuse Act as a whole, but in particular Section 1:- (1)A person is guilty of an offence if— (a)he causes a computer to perform any function with intent to secure access to any program or data held in any computer [F1, or to…
Bobby Tables
  • 61
  • 2
5
votes
1 answer

Purposeful Destruction of a Computer

A hobby of mine is reading up on the latest IT nasties, and i came across 'The USB Killer'. 'The USB Killer' is designed to look just like a USB Thumb drive, but when plugged in it causes a lot of damage to computer components including the…
Terry
  • 510
  • 4
  • 17
4
votes
2 answers

What is the limitation period for a violation of the Computer Misuse Act of 1990's provision(s) on phishing?

I came across a story about a twenty-something year old male who setup a fake website in order to 'phish' for usernames and passwords for a popular game. After acquiring the credentials he would then login in to these accounts and remove the in-game…
Terry
  • 510
  • 4
  • 17
4
votes
2 answers

Is it against the Computer Misuse Act to bypass a client-side paywall?

A common practice among news websites is to provide articles online, where an initial portion is freely viewable, and the remainder requires an active subscription. However, on numerous occasions, I have found that this is done through merely…
Joel Hemphill
  • 43
  • 6
3
votes
2 answers

Computer Misuse Act 1990 - Definition of unauthorised

My question is: What does "Unauthorised" mean? The legislation claims that it means not having "Consent" to access the system - does this refer to implicit or explicit? For example, would sending a username and password be considered consent, or…
AnotherUser
  • 165
  • 1
  • 4
3
votes
2 answers

Does merely serving content alone constitute "operating" in the EU and so should every website be compliant with the EU Cookie Law?

I was wondering if all websites in the world need to be compliant with the EU Cookie Law. For example a company website of a US company, hosted in the US but serving visitors in the EU. Also, does the situation change when that US hosted website…
Bob Ortiz
  • 249
  • 2
  • 12
3
votes
2 answers

Under US law, is it illegal to write a self propagating computer worm

Suppose a person creates a self-propagating computer worm that: does not modify or delete any of the victim's files rather displays a funny message to the user scans other computers and spreads itself and then self destructs without any…
nkvp
  • 141
  • 3
3
votes
1 answer

Legal status of Cellebrite hack

The CEO of Signal has posted the discovery of security vulnerabilities in Cellebrite products. These products are used by police to evade security on seized mobile devices and thereby download the contents for forensic examination. More details…
Paul Johnson
  • 14,252
  • 3
  • 39
  • 63
3
votes
1 answer

Are we legally liable for negligence if a breach in a 3rd party happens due to us giving extra visibility to a vulnerable system?

TL;DR - Found a dangling DNS record that was pointing to an IP address we don't own, the server found on that IP address was running a vulnerable piece of software. Wondering if attackers found & used the vulnerability whether we as a company are…
user24806
2
votes
1 answer

Has anyone been prosecuted for making/using malware?

Has anyone been prosecuted under the Computer Misuse Act 1990 Section 3A for using or making malware in the UK? I have found example in the US, but none for the UK.
user1883616
  • 21
  • 1
1
2 3