The Serious Crime Act came into force on 3 March 2015 and deals with a number of issues relating to information technology. Many of the provisions bolster the Computer Misuse Act 1990, which has been roundly criticised as being outdated and unable to keep up with the times. This is unsurprising, given that it was introduced prior to the proliferation of the internet.
Section 37 creates a new offence of committing unauthorised acts relating to a computer which results in serious damage in any country to the economy, environment, national security or human welfare, or creates a significant risk of such damage. The offence is committed whether the perpetrator acts directly or indirectly and reflects the widely publicised concerns of the security services relating to so-called cyber warfare.
The offence has been deemed so serious by the government that it carries a maximum sentence of life imprisonment where the acts in question give rise to a significant risk of loss of life, serious injury or serious damage to national security. Causing or creating a significant risk of severe economic damage, environmental damage or social disruption carries a maximum sentence of 14 years’ imprisonment. A conviction requires the defendant to have acted deliberately to cause the damage or to have been reckless as to whether the damage would be caused.
Section 38 now includes an offence of obtaining a tool for use to commit an offence under the existing sections 1 and 3 of the 1990 Act. The original legislation required the prosecution to show that the tool was obtained with a view to being supplied to commit or assist in the commission of an offence under the 1990 Act. The new provision implements Article 7 of Directive 2013/40/EU on attacks against information systems and removes the requirement for the prosecution to demonstrate the tool was obtained with a view to being supplied.
Section 39 implements Article 12 of the Directive and allows for any British citizen to be prosecuted where an offence under the 1990 Act has been committed outside of the United Kingdom, even where the offence has no other link to the UK. This does, however, require the offence to also have been illegal in the country where the act took place.
Section 69 creates a new offence of possessing a paedophilic manual, which is any item containing advice or guidance about abusing children. The section reflects concerns about online child abuse and preparatory acts which take place online before abuse is carried out in the real world.
The provisions set out above reflect the need at both national and EU levels to take a tougher stance on computer offences. The new Act also aims to keep up with the challenges posed by the internet, given that the Computer Misuse Act could not, in its original state, encompass the offences set out above, even where it was interpreted broadly. The new Act addresses many of the concerns of police and security services, although the challenge for Parliament will be to keep up pace with wrongdoers in an ever-evolving online environment.