Home Office delay on hacking law continues

Selling hacking tools is still legal

The government has further delayed the introduction of crucial legislation to criminalise new forms of hacking activities.

Laws to amend the 18-year-old Computer Misuse Act (CMA) were due this month, but have been put back as the Home Office tries to iron out potential conflicts in the legislation.

The updates are important because they target cyber crime techniques that were not envisaged when the act was first written ­ particularly, denial of service attacks and the selling of hacking tools.

Amendments were first approved by parliament in the Police and Justice Act two years ago, but have not been implemented because of potential overlap with the Serious Crime Bill and a fear they might criminalise legitimate security professionals.

The legislation is needed urgently because the CMA has been so ineffective in tackling hacking, said shadow home affairs minister James Brokenshire.

“Further delays send out the message to criminals that the UK is a soft touch on cyber crime,” he said. “We need action.”

Denial of service attacks are becoming increasingly sophisticated. Last month, gambling company Gala Coral experienced a new breed of attack that disabled its network for almost half an hour ­ despite costly protection systems.

Even when the legislation comes into force there are no guarantees it will work, said MP John Hemming, who used to run an e-commerce site.

“The government often looks for simple solutions to complex situations and very often gets it wrong,” he said.

The Home Office said no date has been set for the commencement order.
“Work on legislation will begin in April ­ we are still considering when to bring in the legislation,” said a spokeswoman.