http://www.vnunet.com/vnunet/news/2145513/teen-hacker-escapes-punishment Ken Young vnunet.com 03 Nov 2005 A judge has ruled that there was no case to answer after presiding over the trial of a teenager who allegedly flooded his former employer's email system with five million messages. The ruling has called into question the effectiveness of the Computer Misuse Act (CMA) in prosecuting such cases. The judge at Wimbledon Magistrates' Court ruled that the alleged actions did not fall foul of the CMA, even though the company involved claimed that the boy's actions had caused its email servers to crash. The unnamed teenager was charged under Section 3 of the CMA, which covers the more serious offence of unauthorised modification of a computer system. The defence argued that, since the firm's email server was set up for the express purpose of receiving emails, sending a flood of unsolicited emails could not be considered an act of unauthorised modification. Judge Grant told the court that "the computer world has considerably changed since the 1990 Act", and that there is little legal precedent to refer back to. He then went on to rule that denial of service attacks are not illegal under the CMA. In a written ruling, Judge Grant said: "In this case the individual emails each caused a modification which was in each case an 'authorised' modification. "Although they were sent in bulk resulting in the overwhelming of the server, the effect on the server is not a modification addressed by section 3 [of the CMA]." The CMA, introduced in 1990, explicitly outlaws the 'unauthorised access' and 'unauthorised modification' of computer material. Section 3 concerns unauthorised data modification and tampering with systems. The defendant was not called into the witness box during the trial, so was unable to confirm whether or not the attack had taken place. _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Fri Nov 04 2005 - 09:36:50 PST