ZDNet UK

CBS INTERACTIVE UK BUSINESS SITES:
BNET UK
silicon.com
ZDNet.co.uk

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

MPs start review of Computer Misuse Act

Munir Kotadia ZDNet.co.uk

Published: 29 Apr 2004 14:35 BST

MPs will review the Computer Misuse Act (CMA) at the House of Commons on Thursday, because the law was created before the emergence of the Internet and needs to be updated.

The All-Party Internet Group (APIG), an organisation that attempts to bridge the gap between the technology-industry companies and MPs, is holding the hearing in order to question whether the 14-year-old CMA has "stood the test of time".

Richard Allan MP, joint vice-chairman of the APIG, said the CMA focuses too much on the standalone computer and not enough on the computer network.

"Today, the primary threat from hackers is to the network, rather than to individual computers, and if the network goes down we've got problems," he said.

But security company executives say that if the CMA is updated, it should combine various security regulations to produce a watertight solution.

John Cheney, chief executive of email security firm BlackSpider Technologies, said the CMA and the European anti-spam laws have not been very good at solving the spam problem. He suggests that the various laws should be combined: "None of the spam legislation has made any difference, so it would be good to try and bring the Computer Misuse Act together with some of the other aspects of IT security, such as the spam laws, and deal with them together," he said.

David Williamson, UK head of operations at security services firm Ubizen, agreed that the CMA needs to be combined with other laws, but he also wants users to be better educated: "If you combine technology with legislation and education, then you start to tackle the problem. Legislation alone is not going to cure it," he said.

Mark Sunner, chief technology officer at MessageLabs and a participant at the hearings, said the level of malicious computer activity has increased exponentially. A strong law would help deter potential hackers and virus writers: "Some people are dabbling, so if there was strict enforcement out there, I would hope that would act as a deterrent to the non-hardcore element," he said.

But Sunner said that regardless of the law, if computer crime continues to pay, then people will take the risk of getting caught: "I don't think the people behind the very lucrative and complex phishing scams are going to take a blind bit of notice. To put things into perspective, it is illegal to break into a car, but we all have car alarms," he said.