Sophos Cloud Optix
Proposed changes to the Serious Crime Bill in the UK could see British hackers facing lengthy sentences where their actions damage national security, the environment, the economy or human welfare in any country.
Where the damage caused to human welfare or national security is deemed to be serious enough, the amendment to the Computer Misuse Act 1990 would allow judges to hand out life sentences – a situation some experts believe could be used to target whistleblowers.
The Bill reached the report stage at the House of Lords on 14 October where Baroness Williams of Trafford offered up some amendments in an attempt to clarify some of the computer misuse clauses, especially in regard to locations falling outside of territorial waters, such as oil rigs and ships.
Last week, the Joint Committee on Human Rights expressed concern over the ambiguity of the planned new legislation in other areas of its wording.
Definitions such as “damage to the environment”, “damage to the economy” and “damage to national security” were too vague, they said, considering the length of jail time that could be associated with them.
Legal certainty requires that criminal offences are precisely defined so that individuals know how to avoid such sanctions. Vagueness is not permissible in the definition of criminal offences.
...
The broad and vague definition of the new offence of computer misuse appears to be without precedent, and the Bill therefore appears to cross a significant line by using these unsatisfactory concepts in the definition of a serious criminal offence carrying a lengthy sentence.
The group did agree, however, that robust laws were required in the face of computer crimes, especially where attacks against critical infrastructure were concerned.
The Joint Committee concluded its review of the computer misuse proposals by suggesting further amendments to the Bill to remove those particular elements altogether.
The government, however, is keen to press ahead with the Bill.
A Home Office spokesperson claimed that its implementation would ensure that anyone responsible for a serious computer attack would face an appropriate level of justice, worthy of a crime that “blights lives and causes misery across the UK. It is a threat to our national security and costs hard-working taxpayers at least £24bn a year.”
Image of hacker courtesy of Shutterstock.
Link text: “UK hackers could “face the justice they deserve” with up to life in jail”
I don’t think so. A “life sentence” is not the same as “life in jail”. A “life sentence” is two parts; a tariff of 20 or 30 years (or whatever) in jail followed by “release on licence” (for the rest of your life) – effectively probation where any misbehaviour leads to a return to prison.
Jail and prison are not the same thing either. I wish people would state the correct term, as sometimes it can be misleading, especially now since people can be in jail for more than a year. It used to be anything over a year they go to prison and a year or less you stayed in jail. It is obvious in this article they mean prison though but not every article is clear.
I used to think of them as different – jail is when you are locked up (such as remanded in custody) while prison is a custodial sentence imposed by a court.
As for this “more than a year/less than a year,” I’ve never heard that distinction. Maybe it’s a US thing (complicated by local/state/federal variations)?
Since you yourself don’t seem clear on the difference (if jail can be more than a year these days, how is the article wrong?), I suggest we treat them as synonyms here. I reckon it’s pretty clear what is meant. Longer prison sentences for some hacking offences.
Parliament have to make sure the individual intended to hack into systems of national security, this may be a hard piece of legislation to push through as we all know hackers are able to make it appear someone else did the crime. that individual arrested may be innocent, you guys need to think about this seriously before you make such legislation. Don’t get it wrong or an innocent may spend a very long time in prison for something they never did.
This doesn’t sound all that different from how the U.S. handles hackers. They try to catch them early and a quarter of them end up on the government’s payroll. When prison sentences are complete prisoners go out on “supervised release”, which lasts up to a couple of years, depending on the severity of the offense. This “release on license” business sounds like our sex offender’s program – some crimes come with a lifetime of being listed on a public registry.
The problem our governments face with hackers is the ‘wild talent’ component – a brilliant highschool sophomore can do enormous damage, all while not violating the school night curfew his parents set. Being unable to correctly attribute such actions, we attempt to punish every kid in the scene by crushing the ones that do get caught. I don’t have any brilliant solution to this, but this underlying motivation often goes unmentioned …