A report today highlights an interesting ruling made in a UK court concerning the scope of the Computer Misuse Act, 1990. This is the legislation typically used in the UK to charge those suspected of distributing a virus, worm or Trojan.
The magistrate ruled that the actions of a teenager accused of sending millions of emails to his employer could not be considered a breach of the Computer Misuse Act, since it did not cause unauthorised changes to a computer as defined in the act.
The magistrate went on to add that so-called DoS (Denial of Service) attacks would also not be illegal under the act.
Clearly an act created 15 years ago, a PC world dominated by DOS, floppy disks and bulletin boards, is not the most effective legislation for a 'wired' world. There have been increasing calls for existing computer crime legislation in the UK to be overhauled: and this case will undoubtedly strengthen the case for change.