Changes in the British Computer Misuse Act
I was following some blog posts when I stumbled upon an entry that talks about the changes introduced in the British Computer Misuse Act. I knew about these changes for quite some time now but I have always been thinking that as long as you stay on the good side of the fence you will be alright. I guess I was wrong. Here is a snippet from the act:
Making, supplying or obtaining articles for use in computer misuse offences
After section 3 of the 1990 Act insert "3A Making, supplying or obtaining articles for use in offence under section 1 or 3"
- A person is guilty of an offence if he makes, adapts, supplies or offers to supply any articleâ€”>
- knowing that it is designed or adapted for use in the course of or in connection with an offence under section 1 or 3; or
- intending it to be used to commit, or to assist in the commission of, an offence under section 1 or 3.
- A person is guilty of an offence if he obtains any article with a view to its being supplied for use to commit, or to assist in the commission of, an offence under section 1 or 3.
- In this section "article" includes any program or data held in electronic form.
- A person guilty of an offence under this section shall be liable:
- on summary conviction in England and Wales, to imprisonment for a term not exceeding 12 months or to a fine not exceeding the statutory maximum or to both;
- on summary conviction in Scotland, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum or to both;
- on conviction on indictment, to imprisonment for a term not exceeding two years or to a fine or to both. Police and Justice Bill
So what can I say? I guess George Orwell's 1984 novel is not that far from the reality. Britain has the highest number of surveillance cameras in the world. I think that Britain will become the first country in the world that will enforce installation of GPS devices in cars too. Now this? This is madness.
If we stop disclosing vulnerabilities, if we stop putting all that effort in our research, you will be the one to suffer. The situation today is only better because we enforce security to vendors who are often not keen on fixing whatever because that potentially could result in lost of revenue. You cannot ignore the security minded people who try to educate the society about the possible dangers.
Enough said. Make up your mind and do not forget that computer security community have been through a lot of troubles to be at the level it is today. That only benefits the society. That, keeps you safe.