Introduction
The growth of computer use over recent years has resulted in many operations becoming computerised, both in the work place and in everyday life. This reliance has resulted in the need for an effective legislation over them, to control crime and misuse, leading to the creation of the Computer misuse act 1990.
Overview Of The Legislation
The Computer Misuse Act 1990 protects and secures computer material against unauthorised access and any harmful type of modification. It has three offences, unauthorised access which can hold a sentence of imprisonment for six months, unauthorised access with intent to commit of facilitate commission of further offences which holds sentences of up to five years along with, unauthorised modification.
Its main purpose is to prevent copyright infringements, hacking, using computer data for fraud or blackmail, the creation of viruses and the illegal deleting or altering of computer data. The act makes the offences which can be made on computers clear making sure the ever growing amount of people using them, both victims and criminals are aware of the offences they could be subject to, in both committing and being a part of them.
Cases Related To The Legislation
R v Pile- the defendant created Pathogen and Queeg viruses, using a Polymorphic encryption engine, to conceal viruses within computer programs, and was convicted for unauthorised modification.
DPP v Bignall- Police officers obtained details relating to two motor cars from the police national computer, as this was a non police purpose it was classed as unauthorised use. However they did not commit an offence under section1therefore were acquitted.
DPP v Ellis- The defendant had used non open access computers at a university, despite warnings so the appeal was dismissed, for committing unauthorised access.
R v Feltis- Video surveillance showed a computer operator, disconnecting cables on IBM AS/400 at Thorn UK, causing a cost of damage of £500,000 to the company, and was sentenced for unauthorised modification.
Examples Of The Legislation’s Importance
Preventing computer misuse in the work establishment is very important as it’s very easy to become a victim. The main ways to lower your chances of being effected is to continually change passwords and make sure they are strong to lower chances of receiving viruses and Trojan horses via emails. Make sure all computers have up-to-date virus protection software. Implement restrictions on the internet to sites which can be accessed by employees and monitor what they are using them for. And finally educate employees making them aware of computer crimes they can become subject to without knowing.
Summary
Currently the computer misuse act is the only way of preventing and dealing with computer misuse in the UK so is very important legislation, in keeping the 13.9 million people in the UK who own computers, safe from unauthorised access and modification, especially when dealing with businesses where it can result in huge losses of finance.
Table Of Cases
R v Pile [1995] Plymouth Crown Court
DPP v Bignall [1998] 1 Cr. App. R. 1
DPP v Ellis [2001] EWHC Admin 362 (QBD)
R v Feltis [1996] EWCA Crim 776
Bibliography
Computer misuse act 1990
Westlaw
http://www.statistics.gov.uk/pdfdir/inta0806.pdf
http://www.computerevidence.co.uk/Cases/CMA.htm
Lloyd, J. (2008) Information technology law, Oxford: Oxford University Press
Updated 18 March 2026
This article provides a basic overview of the Computer Misuse Act 1990 but contains several significant inaccuracies and omissions that readers should be aware of.
Statutory amendments: The article describes the Act as having three offences and states that unauthorised access carries a maximum sentence of six months’ imprisonment. This is no longer accurate. The Police and Justice Act 2006 and the Serious Crime Act 2015 both made important amendments to the 1990 Act. The Serious Crime Act 2015 introduced a new section 3ZA offence of unauthorised acts causing, or creating risk of, serious damage (for example to critical national infrastructure), which can carry a maximum sentence of life imprisonment. The 2015 Act also increased the maximum sentence for the section 3 unauthorised modification offence and introduced section 3A, which criminalises the making, supplying, or obtaining of articles for use in computer misuse offences. The maximum sentence for the section 1 unauthorised access offence was also increased to two years by the Police and Justice Act 2006. The article’s statement that section 1 carries only six months is therefore outdated.
Scope of the Act: The article’s claim that the Computer Misuse Act 1990 is concerned with preventing copyright infringement is misleading; copyright infringement is primarily dealt with under the Copyright, Designs and Patents Act 1988, not the 1990 Act.
Case law — DPP v Bignall: The article’s treatment of DPP v Bignall [1998] should be read alongside the later House of Lords decision in R v Bow Street Metropolitan Stipendiary Magistrate, ex parte Government of the United States of America [2000] 2 AC 216 (the Allison case), which is generally considered to have undermined the reasoning in Bignall on the question of what constitutes authorised access.
Current relevance: The article’s summary states that the Computer Misuse Act 1990 is the only legislation dealing with computer misuse in the UK. This substantially understates the current legal landscape, which now includes relevant provisions in the Serious Crime Act 2015, the Investigatory Powers Act 2016, and various data protection and cybersecurity frameworks. The Act remains central but does not operate in isolation.
Overall, the article offers only a partial and in places inaccurate picture of the law as it currently stands and should not be relied upon without reference to the amendments made since 1990.
