Computer hacking and misuse under the Computer Misuse Act 1990
Produced in partnership with Dan Hyde of Penningtons Manches LLP
Computer hacking and misuse under the Computer Misuse Act 1990

The following Corporate Crime guidance note Produced in partnership with Dan Hyde of Penningtons Manches LLP provides comprehensive and up to date legal information covering:

  • Computer hacking and misuse under the Computer Misuse Act 1990
  • Background
  • Offences under the Computer Misuse Act 1990
  • Elements of the offence of unauthorised access
  • Sentencing for the offence of unauthorised access
  • Elements of unauthorised access with intent to commit further offences
  • Sentence for unauthorised access with intent to commit further offences
  • Unauthorised acts with intent to impair or with recklessness as to impairing the operation of a computer
  • Sentencing for unauthorised acts with intent to impair or with recklessness as to impairing the operation of a computer
  • Making, supplying or obtaining articles for use in offences under the Computer Misuse Act 1990, s 1 or s 3
  • more

Background

The Computer Misuse Act 1990 (CMA 1990) was principally enacted in response to the threat of unauthorised access to computers, colloquially known as ‘hacking’ offences. It had become apparent that there was no legislation in place to effectively prosecute hacking, a lacuna exposed, in particular, by R v Gold & Schifreen where the Court of Appeal quashed a conviction for creating a false instrument contrary to the Forgery and Counterfeiting Act 1981 in relation to conduct that amounted to unauthorised access to BT’s Prestel Computer Network. The House of Lords upheld the Court of Appeal’s decision and confirmed that this conduct was outside the scope of the false instrument offence as the false information, where the passwords used to gain access, had to be stored on the instrument for an appreciable time.

CMA 1990 has been amended by the Police and Justice Act 2006 (PJA 2006) and the Serious Crime Act 2015 (SCA 2015) to create five offences.

Offences under the Computer Misuse Act 1990

CMA 1990 creates five offences:

  1. to knowingly cause a computer to perform any function with intent to secure unauthorised access to data or programs held in any computer

  1. to commit the section 1 offence with intent to commit, or to facilitate the commission of, other serious offences

  1. to do an unauthorised