Obviously computer crime is a relatively modern phenomena, however it has taken some time for legislation to catch up with the real world.  In fact even today cyber criminals exploit weaknesses in such legislation by basing themselves in areas where there is little criminal law developed around computer crime.    In fact there has been more legislation regarding copyright issues in some countries, you can get fined for watching UK TV abroad like this or downloading software than actually cases of cyber crime.

Before 1990, the UK criminal law often struggled to deal with computer misuse. relying instead on other traditional‘ offences that were sometimes ill-equipped to deal with the nature of the technology itself. in particular the offences of criminal damage, abstracting electricity and forgery and counterfeiting were applied to deal with such cases.  In reality many were also applied to other issues although none were successful, activities like downloading from the BBC iPlayer abroad like this have never been a criminal offence. However, the two main loopholes then thought to require attention were: ~

– the failure of forgery legislation to deal with misuse of passwords
– that ‘data’ on disk was not ‘property’ or ‘tangible’ for the purposes of criminal damage legislation, so that if you trashed the contents of a hard disk you appeared not to be committing an offence.

For relevant legislation and some case law in this check out the reports on the case of R v Gold and Schifree/M1988] 1 AC 1963, including the Court of Appeal and House of Lords rulings.

It is clear that, by 1990, there were cracks appearing in the ability of the existing criminal law to deal with some manifestations of computer misuse, in articular those resulting from the intangible nature of the subject matter. The Report of the Law Commission of England and Wales (1989) recommended that three new offences of computer misuse be created.

The ensuing Computer Misuse Bill prompted much debate based around a number of key issues: the impact of computer misuse on industry and commerce; the inadequacy of the pre-existing criminal law; and the prevailing media reporting of the dangers posed by hackers at the time. it was envisaged that the new Bill would ease the difficulties associated with bringing a successful prosecution for computer misuse. it received royal assent on 29 June 1999 and became the Computer Misuse Act 1990.

In total the Computer Misuse Act 1990 created three main offences concerning unauthorised access to computer material. unauthorised access to computer material with intent to commit or facilitate further offences and unauthorised modification of computer material. The Police and Justice Act 2006 introduced three amendments to the 1990 Computer Misuse Act and came into force on i October 2008. The Computer Misuse Act 1990 now has four main sections:

Section 1 : unauthorised access to computer material
Section 2 1 unauthorised access with intent to commit or facilitate commission of further offences
Section 3 (as amended): unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etc.
Section 3A: making, supplying or obtaining articles for use in offence under section i or 3.