[source](https://www.legislation.gov.uk/ukpga/1990/18/contents) - does not define what a computer is - this turned out to be very sensible, because what a computer is has radically changed over the last thirty years - 😭 feeling those years rn - The origin of this law can be traced to the hacking of the mailbox of Prince Philip - there is currently pressure among certain groups (who?) to update or rewrite the Act ## Test cases - 1991: a police officer is charged under section 1, for unauthorised access to the [[Police National Computer]]. This case is DPP v Bignell - this case fails, on the basis that the officer instructed an operator, who did indeed have authorised access to the [[Police National Computer|PNC]]. The operator acted correctly in obeying order - the [[Police and Justice Act 2006]] is passed, amending the Computer Misuse Act. Specifically, it increases the seriousness of section 1 offences, and creates a new offence of 'making, supplying, or obtaining articles for use of computer misuse offences' - In 2001, Aaron Caffrey was charged under section 3, on suspicion of running a [[Denial of Service|DoS]] attack on the Port of Houston's web-based systems. He claimed the [[Trojan horse defence]] - ## Sections - section 1: unauthorised access - section 2: unauthorised access with intent to commit a more serious offence - section 3: intent to impair - an unauthorised act, or an act with reckless intent - this covers [[Denial of Service|DoS]] attacks and [[virus]] attacks - comes with 10 years in prison and/or a fine - section 3A: - 1. making articles intended for use in an offence under 1, 3, or 3ZA - 2. making articles believing them to be used for 1, 3, or 3ZA - 3. obtaining an article, intending or having a view to commit an offence under 1, 3, or 3ZA - section 3ZA is the most recent amendment, and deals with attacks on [[critical national infrastructure|CNI]] and damage to human health, the economy, national security, or the environment - it comes with a chunky 14 years in prison