- The Data Protection Act (DPA) created with a view of safe guarding of personal data and people's privacy.
- The Copyright and Patents Act implemented to protect people's intellectual property and work.
- Computer Misuse Act 1990 intended to provide legal protection to digital devices belong to individuals and organisations.
As the focus of this unit concerns digital forensics and discovering who did what to which computer the main legal framework that applies in this area is the Computer Misuse Act.
There are particular sections of the Computer Misuse Act together other laws, especially governing the seizure of property and the recording of evidence prospective analysts need to be aware of.
Computer Misuse Act 1990
It is an offence to cause a computer to perform any function with intent to gain unauthorised access to any program or data held in any computer. It will be necessary to prove the access secured is unauthorised and the suspect knows this is the case. This is commonly referred to as ‘hacking’.
The Police and Justice Bill 2006 amended the maximum penalty for Section 1 offences. The offence is now triable either way, i.e. in the Magistrates Court or the Crown Court.
The maximum custodial sentence has been increased from six months to two years.
An offence is committed as per S1 but the S1 offence is committed with the intention of committing an offence or facilitating the commission of an offence. The offence to be committed must carry a sentence fixed by law or carry a sentence of imprisonment of 5 years or more. Even if it is not possible to prove the intent to commit the further offence, the S1 offence is still committed.
Max penalty: 5 years imprisonment.
An offence is committed if any person does an unauthorised act with the intention of impairing the operation of any computer. This ‘impairment’ may be such that access to data is prevented or hindered or that the operation or reliability of any program is affected. This offence carries a maximum penalty of ten years imprisonment.
This offence is used instead of the Criminal Damage Act 1971, since it is not possible to criminally damage something that is not tangible. The Police and Justice Bill 2006 amended the original Section 3 Computer Misuse Act offence, unauthorised modification, and increased the maximum penalty to ten years imprisonment.
Police & Justice Bill 2006 & Police & Criminal Evidence Act (PACE) 1984
Only applicable in Scotland in cross border investigations.
The bill amends the Computer Misuse Act to make it an offence to make, supply (including offers to supply) or obtain items to commit Section 1 or Section 2 misuse offences.
This would cover for example, writing or distributing malicious software or obtaining malicious software for later use. Or even putting malicious software on media (eg USB drives) to give someone to use to load malware.
The maximum penalty is two years imprisonment.
- Section 14: Search Warrant: Police may apply for a search warrant if they believe:
- an offence has been committed
- or is about to be committed
- Section 8: Search Warrant (PACE): These can be granted by a Justice of the Peace (JP)
- if the police believe that an indictable offence has been committed
- and evidence is on the premises.
The warrant also give authority to persons accompanying the police, for example computer experts.
Criminal Justice & Police Act 2001
- Civic Government Scotland Act 1982
- Criminal Procedure Scotland Act 1995
- Common Law
Sets out the powers which can be used to seize items if it is believed to contain something or items for which authorisation has been given to search for.
In other words, the Police can seize electronic devices, if they've got reason to believe they contain evidence of a crime for which they've been given a search warrant for.
If the Police believe that something contains evidence but it can't be established at the time, maybe because its a device that switched off or password protected, then they have the right to seize it and take it away.
If the police believe that an item contains evidence which is contained in, or is part of another, for which they have have no authorisation to seize and it is not possible to separate them at the time, then both items can be taken.
In cases of digital technology, examples might include hard disks contained with larger servers.