7. Problems

Whilst it is good news that we have this legislation in place, in practice we have seen very few cases actually prosecuted under the Computer Misuse Act. And even when the odd case does go to trial, sentences tend to be lenient.

The main problem seems to be actually proving that there was intent when the offence took place. Many people plead ignorance saying that they weren't aware what they were doing was illegal or that they didn't realise they were in possession of a virus.

Another issue is tracing who was actually responsible for the offence. Many people put the blame on others saying that it wasn't them logged on and that someone must have gotten hold of their password and user name.

Other problems are by the time the offender is actually caught, the damage to the company system has already been done. Data may have been lost or irretrievably damaged or it may have already been sold onto other companies.

The Computer Misuse Act was passed over 20 years ago. Is it perhaps time for an update?