[ISN] MPs ponder whether 'benign' hacking should be legal

From: InfoSec News (isn@private)
Date: Tue Apr 27 2004 - 04:13:18 PDT

  • Next message: InfoSec News: "[ISN] DOD decentralizes Wi-Fi"

    http://news.zdnet.co.uk/internet/security/0,39020375,39153024,00.htm
    
    Graeme Wearden
    ZDNet UK
    April 26, 2004
    
    With Britain's Computer Misuse Act heading for a revision, some MPs
    want to explore whether ethical hacking should be allowed
    
    Should UK citizens ever should have the right to launch a hack attack
    against a computer or a network?
    
    A group of tech-savvy MPs are poised to consider this question, as the
    All-Party Internet Group (APIG) launches an investigation into
    Britain's cybercrime laws.
    
    APIG has recognised that the Computer Misuse Act (CMA), which came
    into law in 1990, needs to be updated to cover attacks upon the
    Internet and on other computer networks. Like many experts, the group
    is concerned that the existing legislation may not apply to
    denial-of-service attacks -- where a network is driven offline by a
    flood of Web traffic.
    
    "As it stands, the Computer Misuse Act suffers from a lack of a
    network focus. Today, the primary threat from hackers is to the
    network, rather than to individual computers, and if the network goes
    down we've got problems," said Richard Allan MP, joint vice-chairman
    of APIG.
    
    APIG has already received written evidence from interested parties,
    and is taking further oral evidence at a session in parliament on
    Thursday. The Home Office has said it is revising the CMA at present,
    and APIG wants to feed the views of the UK IT industry into this
    process.
    
    And while Allan is adamant that tough action is needed against denial
    of service attacks, he's also keen to examine whether ethical hacking
    should be protected in law. He cited the law on criminal damage, where
    a defendant can claim that they acted to avoid a worse event taking
    place.
    
    "If a successor to David Blunkett was going to introduce tough
    censorship laws on the use of the Internet in the UK, should someone
    be able to justify a hacking attack against the IT involved because
    they opposed that censorship," asked Allan, who is the liberal
    democrat MP for Sheffield Hallam.
    
    The idea of a draconian home secretary smashing our human rights may
    be far-fetched -- or not, depending on your take on the ID Card issue
    -- but Allan points out that such suppression is already thriving in
    other parts of the world.
    
    "When the Chinese government blocked access to the BBC Web site,
    people very rightly sought to subvert that censorship. As a
    legislator, am I prepared to support legislation that says benign
    hacking can result in several years in prison?"
    
    Other issues that should be covered at this Thursday's oral evidence
    session are whether the CMA should be revised to meet Britain's
    international treaty obligations with other countries, and whether the
    level of penalties within the CMA are sufficient to deter today's
    criminals. The rise in organised e-crime makes these issues
    increasingly relevant.
    
    E-envoy Andrew Pinder is due to attend this session, as are
    representatives from the home office and the ISP industry, as well as
    legal experts and security providers.
     
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Tue Apr 27 2004 - 07:32:13 PDT