SIR - The Government's decision to amend the 1990 Computer Misuse Act and introduce stiffer penalties for Internet crimes has been a long time coming.

As a former detective at New Scotland Yard and head of the specialist Computer Crime Unit, I for one fully support the tougher stance the Government is now adopting in line with recommendations made by the All Party Internet Group (APIG) of MPs (‘APIG targets update of Computer Misuse Act', News Update, SMT, October 2004, p7).

If the Government's proposals go through then the maximum penalty for hacking will be ten years for the most serious offences. The revised Act would also make it an offence to supply the software used to break into systems, and make it clear that Distributed Denial of Service (DDoS) attacks - where large numbers of requests are sent to a server - count as hacking. Recent DDoS attacks, such as the one on the Million Dollar Homepage, have highlighted the desperate need for Government action.

The APIG has a reputation for being sensible when it comes to negotiating the interface between law and technology. In this case, however, it has refused to be bounced into proposing the sort of illiberal measures that often emerge when computer security and critical information infrastructure are discussed.

That said, I'm concerned that the new legislation has perhaps not gone far enough in addressing the theft of information. Intellectual property theft is a huge issue for businesses across all sectors, impacting on smaller businesses as much as - if not more than - your average FTSE-listed concerns. It is also one that costs UK businesses billions of pounds every year.

The new legislation certainly represents a step in the right direction. However, until the Government makes some serious moves to criminalise the theft of information, dishonest individuals will continue to threaten us.

Simon Janes International Operations Director Ibas

Source

SMT