A LevelComputer ScienceOCRRevision Notes5. Legal, Moral, Cultural & Ethical Issues5.1 Computing Related LegislationThe Computer Misuse Act 1990

The Computer Misuse Act 1990 (OCR A Level Computer Science)

Revision Note

Jennifer Page

Written by: Jennifer Page

Reviewed by: James Woodhouse

The Computer Misuse Act 1990

What is the Computer Misuse Act?

  • The Computer Misuse Act (CMA) concerns the malicious use of computers. The act was originally created to make sure that computer hacking was covered within the law

  • It has been updated regularly to ensure it remains relevant

  • Features can be deployed to minimise the threat from unauthorised access for example digital signatures or certificates

  • Firewalls can be used to prevent external people accessing the system. They are key in preventing DoS or DDos attacks

Primary Offences Under the CMA

The Computer Misuse Act has 3 primary offences:

  1. Unauthorised access to computer materials
    E.g. If a student finds out a teacher's password and then accesses their computer and opens their files.

  2. Unauthorised access with intent to commit further offences
    E.g. If the student finds out a teacher's password and then accesses their computer with the intent to increase their marks on their last test result.

  3. Unauthorised modification of computer files
    E.g. If the student finds out a teacher's password and then accesses their computer and increases their mark on their last test result.

The consequences of each offence are worse depending on whether it's offence 1, 2 or 3 with each offence being punishable with time in prison. 

Case Study

Two individuals were sentenced under the Computer Misuse Act for Theft of Data

  • The Information Commissioner’s Office (ICO) has led the successful prosecution of 2 individuals for violating the CMA by stealing personal information to make scam calls

  • Kim Doyle who is now a former employee of the RAC was found guilty of transferring personal data to to accident claims firm without permission

  • This included data such as road traffic accident data, names, phone numbers and registration numbers

  • She pleaded guilty to conspiracy to secure unauthorised access to computer data, and selling unlawfully obtained personal data

  • Kim Doyle and William Shaw have been handed an 8 month prison sentence which was suspended for 2 years

Examiner Tips and Tricks

  • You need to make sure that when answering a question on the Computer Misuse Act that you not only describe the law but relate it to the relevant scenario asked

    • How does the Computer Misuse Act affect the company in the scenario?

    • What are the consequences of the actions taken?

Worked Example

“The Computer Misuse Act means that computer users are criminalised for simply trying to learn how systems work”

Discuss whether or not you agree with this statement. 

9 marks

How to answer this question:

  • Describe your knowledge of the Computer Misuse Act

  • Mention the three main offences 

  • Apply to a scenario, in this case the question hasn’t given us a full scenario so we can use our own

  • Keep the argument balanced, once you’ve spoken about one side, then speak about the other

  • Then write your conclusion and use your own opinion

Answer:

Example answer that gets full marks:

The Computer Misuse Act (CMA) is a provision for securing computer material against unauthorised access or modification to the system. 

Under the CMA there are three main offences that you can be prosecuted for; The unauthorised access to a computer system, the unauthorised access to the computer system with intent to make changes and unauthorised access to the computer system and making changes.

Users can still investigate how computer systems work; they would just need to get authorisation before doing so. For example you could ask the owner of the computer system to allow access first or you could create a virtual computer system and use this to investigate. 

The CMA could however be broken by accessing an email account of somebody without permission. Ultimately users need to make sure that they are aware of the law when accessing any computer system. 

In conclusion I disagree with the statement “The Computer Misuse Act means that computer users are criminalised for simply trying to learn how systems work” as users are able to educate themselves on the details of the CMA easily online and therefore should know the consequences of accessing a computer system without the right authorisation. There are plenty of online platforms, programs and systems that are accessible to access virtually and would not be in breach of the CMA. 

Last updated:

You've read 0 of your 10 free revision notes

Unlock more, it's free!

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

    Did this page help you?

    Previous:The Data Protection Act 1998Next:The Copyright Design & Patents Act 1988
    Author
    Reviewer
    Jennifer Page

    Author: Jennifer Page

    Expertise: Computer Science

    Jennifer has been teaching various Computing subjects for over 6 years in Northamptonshire across KS3-5. Working currently as a Head of Department as well as being an examiner and moderator for GCSEs. She has previously worked with a local teaching training school to provide training and mentor ECTs in Computing.

    James Woodhouse

    Author: James Woodhouse

    Expertise: Computer Science

    James graduated from the University of Sunderland with a degree in ICT and Computing education. He has over 14 years of experience both teaching and leading in Computer Science, specialising in teaching GCSE and A-level. James has held various leadership roles, including Head of Computer Science and coordinator positions for Key Stage 3 and Key Stage 4. James has a keen interest in networking security and technologies aimed at preventing security breaches.