The number of people found guilty of charges brought under the Computer Misuse Act has fallen for two years consecutively and is at its lowest level since 2003, according to figures released this week by the Ministry of Justice.
Critics have argued that cases brought under the Act, which was introduced in 1990, are often overly technical and difficult to explain to juries.
Only 10 people were prosecuted successfully from 19 cases brought under the Act in 2007, the last year for which the Ministry of Justice has data.
This compares to 18 successful prosecutions from 25 cases in 2006, 16 from 24 in 2005, 12 from 21 in 2004, and 5 from 19 in 2003.
Amendments to the Act came into force last summer that made a crime of " making, supplying or obtaining articles likely to be used to commit computer crimes", as well as criminalising denial of service attacks.
Critics argued this made the law even less clear because it was impossible for a supplier to assess the "likelihood" that a tool would be used in a crime.
Last year the Crown Prosecution Service issued guidance intending to make the law clearer.
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy