House of Commons portcullis
House of Commons
Session 2004 - 05
Internet Publications
Other Bills before Parliament

Computer Misuse Act 1990 (Amendment) Bill


Computer Misuse Act 1990 (Amendment) Bill

1

 

A

Bill

To

amend the Computer Misuse Act 1990 to create offences in connection with

denial of service and to make further provision about proceedings and

penalties for an offence under section 1 of that Act; and for connected

purposes. 

Be it enacted by the Queen’s most Excellent Majesty, by and with the advice and

consent of the Lords Spiritual and Temporal, and Commons, in this present

Parliament assembled, and by the authority of the same, as follows:—

1       

Amendment of the Computer Misuse Act 1990

(1)   

The Computer Misuse Act 1990 (c. 18) is amended as follows.

(2)   

In section 1 (unauthorised access to computer material), for subsection (3),

substitute—

“(3)   

A person guilty of an offence under this section shall be liable—

5

(a)   

on summary conviction, to imprisonment for a term not

exceeding six months or to a fine not exceeding the statutory

maximum or both; and

(b)   

on conviction on indictment, to imprisonment for a term not

exceeding two years or to a fine or both.”

10

(3)   

After section 2, insert—

“2A     

Denial of service

(1)   

A person is guilty of an offence if, with the requisite intent—

(a)   

he does any act—

(i)   

which causes; or

15

(ii)   

which he intends to cause,

   

directly or indirectly, an impairment of access to any program

or data held in computer A;

(b)   

the act is unauthorised; and

(c)   

he knows at the time when he does the act that he is doing so.

20

(2)   

For the purposes of subsection (1)—

 
Bill 102 53/4
 
 

Computer Misuse Act 1990 (Amendment) Bill

2

 

(a)   

‘the act is unauthorised’ if the person doing it—

(i)   

is not the owner—

(a)   

of computer A, or

(b)   

(where paragraph (b)(ii) applies) of computer A

or computer B; or

5

(ii)   

does not have the permission of the owner—

(a)   

of computer A, or

(b)   

(where paragraph (b)(ii) applies) of computer A

or computer B; and

(b)   

‘the requisite intent’ is intent to damage the performance of an

10

activity—

(i)   

for which computer A, or any program or data held in

computer A, is used; or

(ii)   

for which computer B, or any program or data held in

computer B, is used, where that intended damage

15

results, or would result, in damage to the performance

of an activity for which computer A, or any program or

data held in computer A, is used.

(3)   

An offence is not committed under this section unless every act or other

event proof of which is required for conviction of the offence takes

20

place after the Computer Misuse Act 1990 (Amendment) Act 2005

comes into force.

(4)   

A person guilty of an offence under this section shall be liable—

(a)   

on summary conviction, to imprisonment for a term not

exceeding six months or to a fine not exceeding the statutory

25

maximum or both; and

(b)   

on conviction on indictment, to imprisonment for a term not

exceeding two years or to a fine or both.

(5)   

This section does not extend to Scotland.

2B      

Denial of service with intent to commit or facilitate commission of

30

further offences

(1)   

A person is guilty of an offence if, with the requisite intent—

(a)   

he does any act—

(i)   

which causes; or

(ii)   

which he intends to cause,

35

   

directly or indirectly, an impairment of access to any program

or data held in computer A;

(b)   

the act is unauthorised; and

(c)   

he knows at the time when he does the act that he is doing so.

(2)   

For the purposes of subsection (1)—

40

(a)   

‘the act is unauthorised’ if the person doing it—

(i)   

is not the owner—

(a)   

of computer A, or

(b)   

(where paragraph (b)(i)(b) applies) of computer

A or computer B; or

45

(ii)   

does not have the permission of the owner—

(a)   

of computer A, or

 
 

Computer Misuse Act 1990 (Amendment) Bill

3

 

(b)   

(where paragraph (b)(i)(b) applies) of computer

A or computer B; and

(b)   

‘the requisite intent’ is—

(i)   

intent to damage the performance of an activity—

(a)   

for which computer A, or any program or data

5

held in computer A, is used; or

(b)   

for which computer B, or any program or data

held in computer B, is used, where that intended

damage results, or would result, in damage to

the performance of an activity for which

10

computer A, or any program or data held in

computer A, is used;

(ii)   

together with intent—

(a)   

to commit an offence to which this section

applies; or

15

(b)   

to facilitate the commission of such an offence

(whether by himself or by any other person),

   

and the offence he intends to commit or facilitate is

referred to below in this section as the further offence.

(3)   

This section applies to offences—

20

(a)   

for which the sentence is fixed by law; or

(b)   

for which a person who has attained the age of eighteen years

and has no previous convictions may (subject to subsection (4))

be sentenced to imprisonment for a term of five years.

(4)   

The reference in subsection (3)(b) to a sentence of imprisonment for a

25

term of five years applies—

(a)   

in England and Wales, to offences for which a person might be

so sentenced but for the restrictions imposed by section 33 of the

Magistrates’ Courts Act 1980; and

(b)   

in Northern Ireland, to offences for which a person might be so

30

sentenced but for the restrictions imposed by Article 46(4) of the

Magistrates’ Courts (Northern Ireland) Order 1981.

(5)   

It is immaterial for the purposes of this section whether the further

offence is to be committed on the same occasion as the denial of service

offence or on any future occasion.

35

(6)   

A person may be guilty of an offence under this section even though the

facts are such that the commission of the further offence is impossible.

(7)   

An offence is not committed under this section unless every act or other

event proof of which is required for conviction of the offence takes

place after the Computer Misuse Act 1990 (Amendment) Act 2005

40

comes into force.

(8)   

A person guilty of an offence under this section shall be liable—

(a)   

on summary conviction, to imprisonment for a term not

exceeding six months or to a fine not exceeding the statutory

maximum or both; and

45

(b)   

on conviction on indictment, to imprisonment for a term not

exceeding five years or to a fine or both.

(9)   

This section does not extend to Scotland.”

 
 

Computer Misuse Act 1990 (Amendment) Bill

4

 

(4)   

In section 4 (territorial scope of offences under this Act)—

(a)   

in subsection (1), for the words “section 1 or 3”, substitute the words

“section 1, 2A or 3”;

(b)   

in subsection (3)—

(i)   

for the words “section 1”, substitute the words “section 1 or 2A”;

5

and

(ii)   

for the words “section 2”, substitute the words “section 2 or 2B”;

and

(c)   

in subsection (4)—

(i)   

for the words “section 1”, substitute the words “section 1 or 2A”;

10

and

(ii)   

for the words “section 2” on each occasion where they appear,

substitute the words “section 2 or 2B”.

(5)   

In section 5 (significant links with domestic jurisdiction), in subsection (2), for

the words “section 1”, substitute the words “section 1 or 2A”.

15

(6)   

In section 10 (saving for certain law enforcement powers)—

(a)   

for the words “Section 1(1)”, substitute the words “Section 1(1) and

2A(1)”; and

(b)   

for the words “section 1(1)”, substitute the words “section 1(1) or

2A(1)”.

20

(7)   

In section 11 (proceedings for certain offences), in subsection (2), for the words

“section 1 above”, substitute the words “section 1 or 2A above that is to be tried

summarily”.

(8)   

In section 12 (conviction of certain offences in proceedings for certain other

offences)—

25

(a)   

for the word “or” after paragraph (a) of subsection (1), substitute—

“(aa)   

an offence under section 2B above; or”;

(b)   

for the words “section 1”, on each occasion where they appear,

substitute the words “section 1 or 2A”;

(c)   

in subsection (1), at the end, insert the words “for an offence if it were

30

to be tried summarily”; and

(d)   

subsection (2) shall cease to have effect.

(9)   

In section 14 (search warrants for offences under section 1)—

(a)   

in subsection (1), for the words “section 1”, substitute the words

“section 1 or 2A”; and

35

(b)   

in subsection (4), for the words “section 1”, substitute the words

“section 1 or 2A”.

(10)   

In section 16 (application to Northern Ireland), in subsection (11), in the

subsection that is to be inserted in section 11 in its application to Northern

Ireland, for the words “section 1”, substitute the words “section 1 or 2A”.

40

2       

Consequential amendment of the Terrorism Act 2000

(1)   

The Terrorism Act 2000 (c. 11) is amended as follows.

(2)   

In paragraph 19 of Schedule 9 (scheduled offences in Northern Ireland under

the Computer Misuse Act 1990), for the word “and” after paragraph (b),

 
 

Computer Misuse Act 1990 (Amendment) Bill

5

 

substitute—

“(ba)   

section 2A (denial of service),

(bb)   

section 2B (denial of service with intent to commit further

offence), and”.

3       

Short title, commencement and extent

5

(1)   

This Act may be cited as the Computer Misuse Act 1990 (Amendment) Act

2005.

(2)   

This Act shall come into force at the end of the period of two months beginning

with the day on which it is passed.

(3)   

This Act does not extend to Scotland.

10

 
 

 
contents
 
House of Commons home page Houses of Parliament home page House of Lords home page search page enquiries

© Parliamentary copyright 2005
Revised 6 April 2005