The security ramifications of the Police and Justice Act 2006

Abstract

Like much legislation, the Computer Misuse Act 1990 was implemented to plug a hole in the law. It may have made it easier for prosecutors to punish those abusing computer systems nearly 20 years ago, but conditions have changed dramatically since then. The Police and Justice Act 2006 was passed at the end of last year, and nestled among its non-computer related measures is a raft of new rules designed to bring the terms and conditions relating to computer crime into the 21^s^t century. IT criminology expert Stefan Fafinski examines the ramifications of the law, and wonders whether its scope might cause collateral damage for legitimate security practitioners. During the 1980s, some of the potential problems resulting from the misuse of computer technology came to light on a widespread scale. The emergence of the computer virus began with the relatively innocuous Elk Cloner (1981), via Brain (1986), the first global IBM-compatible boot sector virus, to viruses with more malicious payloads such as Suriv-3, or the Jerusalem virus (1988) and Datacrime and FuManchu, which was a Jerusalem variant (1989).