Introduction to cyber security: stay safe online
Introduction to cyber security: stay safe online

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Introduction to cyber security: stay safe online

2.3 The Computer Misuse Act 1990 (CMA)

The Computer Misuse Act 1990 (CMA) is one of the most influential pieces of legislation relating to computers. It has been updated and amended by a number of other acts:

  • Criminal Justice and Public Order Act 1994
  • Criminal Justice (Terrorism and Conspiracy) Act 1998
  • Police and Justice Act 2006
  • Serious Crime Act 2015

It has been the inspiration for similar laws being introduced in other countries.

The CMA came about, in part, because of a 1988 case where two hackers broke into the British Telecom Prestel network and obtained access to user accounts including that of Prince Philip.

Prestel was a text-based interactive information system developed by the UK Post Office in the late 1970s. Users could browse numbered pages of text (similar to the contemporaneous Ceefax and Teletext information services) on their television as well as send electronic messages to other Prestel users. Prestel services were expensive and the system did not become widely used, although Prestel technology was sold to many other telecom companies. Prestel was gradually sold off in the early 1990s as the internet became available to domestic users.

The two hackers were originally tried and convicted under a law concerned with forgery and counterfeiting, but the conviction was overturned by higher courts who concluded that the Forgery and Counterfeiting Act 1981 had never been intended to be used for this purpose. This led the majority of legal experts to conclude that hacking was not actually illegal in Britain at the time.

The CMA was drawn up hurriedly and was criticised at the time for not being adequately scrutinised, but its central aims have stood the test of time. The original Act introduced three new criminal offences:

  • unauthorised access to computer materials
  • unauthorised access with intent of committing or aiding further offences
  • unauthorised modification of computer material.

Note that ‘unauthorised’ in this context means that the attacker must be aware that they are not intended to use the computer in question. So using another person’s account details, or breaking in to a computer by a password attack are clearly unauthorised use of the computer.

The CMA has been amended a number of times to cover new offences including denial-of-access or denial-of-service to legitimate users (making denial-of-service attacks a criminal offence in the UK), and criminalising the creation and supply of software and hardware that might aid an attack on a computer. This not only criminalises the development of programs designed to break passwords or the development of certain types of malware, but it could potentially criminalise tools used by forensics experts to investigate computer systems which can be abused by attackers.

The CMA has been successfully used in a wide range of criminal cases including denial-of-service attacks against Kent Police, Oxford University, the United States Air Force, the CIA, Sony and Nintendo; fraudulent activities in online games; illegal access and disclosure of confidential emails and personal information; theft from online banks; stalking; hoax calls to emergency telephone numbers and piracy.

The next act you’ll find out about is The Fraud Act.


Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371