Home Secretary Priti Patel has called for a review and reform of computer misuse laws after highlighting “truly horrific levels” of online child sexual abuse and a Covid-19-related surge in cybercrime.
Speaking at a virtual cyber conference, Ms Patel said the government is currently “making an estimated 800 arrests” every month, including perpetrators of the “most heinous and appalling crimes” against children or those committing serious fraud.
Ms Patel told attendees at the recent National Cyber Security Centre’s (NCSC) CyberUK event that the overall cost of computer misuse incidents against individuals has been estimated to be over £1bn and that “nearly 2 out of every 5 businesses in the UK identified at least one cyber security breach or attack in the last 12 months.”
Police data shows that since the pandemic, cyber attacks on UK businesses have increased by 31 per cent.
These hard-hitting statistics were followed with the announcement Ms Patel is launching a formal review of the 31-year-old Computer Misuse Act and has set out plans to launch a consultation to gather input and guidance from stakeholders later in 2021.
She said: “The Computer Misuse Act has proved to be an effective piece of legislation to tackle unauthorised access to computer systems, and it has been updated a number of times to take account of changes we now face.
“Alongside the Act, there is also separate legislation that provides powers for law enforcement agencies to investigate both cyber-dependent and cyber-enabled crimes.
“As part of ensuring that we have the right tools and mechanisms to detect, disrupt and deter our adversaries, I believe now is the right time to undertake a formal review of the Computer Misuse Act.”
The Computer Misuse Act, introduced in 1990, has come under fire in recent times.
A report last year from the Criminal Law Reform Now Network said the Act was “crying out for reform”, as it technically risks criminalising cyber security professionals as they carry out their legitimate jobs. This is because it makes it an offence to access or modify data on a computer without authorisation.
Ian Stevenson, chief executive of Cyan Forensics, an Edinburgh-based tech company that aims to helps law enforcement catch paedophiles and terrorists, said: “Helping to protect people from the actions of others online must be a priority, and we are pleased to see the government doing this. The focus on detection, removal and reporting of child sexual abuse material is key.
“The dreadful impact of this content is our key motivation, and indeed the focus of our work with law enforcement and social media companies, and we believe that the world-leading innovative technology being produced by the UK’s online safety sector can and will help to deliver on the commitments this legislation will make.”
Stevenson, also chair of the Online Safety Technology Industry Association (OSTIA), added: “We are hugely encouraged that the Bill’s consultation response focused on a pro-innovation approach to both online services and safety technology.
“It is, however, vital that the new duty of care guidance to be met by the regulator can account for the rapid development of both online platforms and safety tech.”
In her speech, the Home Secretary emphasised the “profound and lasting impact” that “these breaches and attacks” can have on people’s lives and livelihoods, saying “they cause real harm to people and businesses.”
But, she added, there is “action” that organisations can take.
“Be as prepared and engage with the NCSC and law enforcement as soon as you can, so they can assist with understanding and mitigating the incident. Understand the consequences of an incident and how it will affect your organisation in the future.
“This is not just about loss of data; there can be real disruption and significant impacts. Learn from incidents – prepare and exercise your response.”
After noting that the pandemic has highlighted new threats to the country’s national security, Ms Patel underlined her ambition to make the UK the “safest place to be online”.
She declared that the nation has made “great strides” in terms of building resilience and attributed this to funding from the National Cyber Security Programme – designed to help deliver the Cabinet Office’s National Cyber Security Strategies – which has helped bring “the most sophisticated organised crime groups to justice.”
Patel promised to develop a comprehensive cyber strategy that will set out how to “maintain the UK’s competitive edge and counter the threats from cyberspace.”
