The Computer Misuse Act attempts to discourage people from using computers for illegal purposes. There are three separate parts to the Act:
It is illegal to access data stored on a computer unless you have permission to do so. Unauthorised access is often referred to as hacking.
It is illegal to access data on a computer when that material will be used to commit further illegal activity, such as fraud or blackmail.
It is illegal to make changes to any data stored on a computer when you do not have permission to do so. If you access and change the contents of someone’s files without their permission, you are breaking the law. This includes installing a virus or other malware which damages or changes the way the computer works.
The maximum punishment for breaking this law is a £5000 fine or several years’ imprisonment.
However, one key part of the law is that intent must be proved. If a computer is not well protected, someone could accidentally access its data without meaning to. Someone might also accidentally change a document without realising it. For anyone to be found guilty, it has to be shown that they intentionally accessed and changed data.
In order to make a successful prosecution under the Computer Misuse Act, the prosecutor must be able to prove intent.