SolisImages – stock.adobe.com
The CyberUp coalition, a campaign to reform the Computer Misuse Act, has called on Liz Truss to push ahead with needed changes to safeguard cyber pros from potential prosecution
- Alex Scroxton,Security Editor
Published: 06 Sep 2022 14: 30
The CyberUp coalition, several businesses, trade associations, non-governmental organisations (NGOs) and lawyers drawn from over the cyber security community have called on the incoming prime minister Liz Truss to quickly push through long-awaited reforms to the Computer Misuse Act (CMA) of 1990.
The campaigners argue that the CMA has gone out of date and, as its wording currently stands, prevents cyber security professionals and hackers from having the ability to defend UK organisations from cyber attacks without risking prosecution for unauthorised usage of some type of computer.
In a letter to Truss, who won the race to become Conservative leader and for that reason prime minister on Monday, the campaigners said the CMA is stifling the security industry and called on her behalf to reform it posthaste, so the UKs ethical cyber security professionals can donate to defending the united kingdom from cyber threats, clear of worries of prosecution.
The federal government promised reform in 2021, but this technique has stalled in the house Office, which includes yet to supply any reaction to the views it received during an information-gathering exercise, even though campaigners say that by way of a freedom of information (FoI) request they are in a position to establish that 66% of respondents to the review were concerned that the prevailing CMA will not sufficiently protect legitimate cyber activity.
The campaigners are further making the case for reform predicated on the ongoing cyber threat posed by Russia. They told Truss: You’ll, needless to say, be all too alert to the increased cyber threat posed by our adversaries, not least following Russias invasion of Ukraine. We believe this strengthens the case for prioritising efforts to reform the Computer Misuse Act to add a statutory defence.
They added: You lead a government that’s already investing an incredible number of pounds to foster a constructive business environment for technology companies. With all this, it could seem remiss never to take the chance of the revenue-neutral step towards doing that. A statutory defence in the Computer Misuse Act would mark the united kingdom out in having a world-leading cyber crime regime and foster investment in what’s already a high-growth sector.
Former National Cyber Security Centre (NCSC) CEO Ciaran Martin, who’s among several prominent community names to possess put their signatures to the letter, said: I really do think the [Computer Misuse] Act is having a chilling influence on the city of researchers. Hacking isn’t a negative word and you can find highly ethical methods to develop expertise of this type, and you also certainly dont want people trembling with fear they may be violating the criminal law.
NCC Group CTO Ollie Whitehouse added: With the cyber threats facing the united kingdom ever increasing, this is the time for the federal government to reform our pre-internet era law to add a statutory defence. Doing this will unleash the entire reservoir of talent in the united kingdom cyber security industry operating of our collective national cyber defence.
The federal government reviewed the legislation last May, [and] beyond holding statements no material updates have already been provided since. With a fresh administration soon to assume office, I’d strongly encourage ministers to push forward with the reforms and make people safer.
Read more on Hackers and cybercrime prevention
New prime minister Liz Truss urged to press on with IR35 and loan charge policy reviews
Contracting market weighs in on Liz Truss pledge to examine IR35 rules if she becomes prime minister
Report reveals consensus around Computer Misuse Act reform
Lords proceed to protect cyber researchers from prosecution