By ‘hacking’ into a partner’s account, or anyones account for that matter the person is breaking the law. Just how much you are breaking the law depends on the circumstances of the ‘hacking’ – and I use the term in the loosest possible sense. Even if a partner has at one time given you their password, you are still breaking the law logging into their account(s) if you didn’t seek permission for subsequent access.
Under the Computer Misuse Act 1990, Section 1, it covers ‘gaining unauthorised access to a computer’. Don’t forget, servers are just computers, so logging into someone else’s account is by the definition in the act, ‘gaining unauthorised access to a computer’.
Well, you’re not going to get in much trouble if you get caught are you? Just a slap on the wrist? It’s a commonly held misconception but this is actually false. Should a person be charged and found guilty of this offence you could face 6 months in prison and / or a £5000 fine.
Say your partner has annoyed you and not only do you ‘hack’ their account, but you go in there intending to do something else in there. Maybe another criminal offence? Fraud maybe? A little bit of spending on a partner’s credit card is OK isn’t it?
Well, now the person would be in even bigger trouble. In addition to Section 1, you could now also be charged under Section 2 as you have logged into their account to ‘gain unauthorised access to commit or facilitate commission of further offences’. This ones also a 6 months in prison and / or £5000 fine.
Say you were really mad, and you deleted some e-mails and changed the password to lock your partner out of their account? Well now things have got even worse – in addition to Section 1 and Section 2 offences, you’ve now collected an entire set by adding a Section 3 offence as you’ve made ‘unauthorised modification to computer material’. Another offence punishable with 6 months in prison and / or a £5000 fine.
Things are looking dire now aren’t they? Well, let’s just say your partner didn’t give you their password, you obtained it by ‘other means’. Well this isn’t good news for the person concerned. They can now also be charged under the Forgery and Counterfeiting Act 1981 for ‘the making of a false instrument’.
Traditionally ‘making of a false instrument’ consisted of, for example, cloning someones key to gain access to their house. But, since the digital age, this has been successfully used to charge people obtaining others passwords and using them as it was decided that legally, cloning a key and ‘cloning’ a password, we’re exactly the same thing.
Computing law is not widely understood and this could make people fall foul of the law unexpectedly, especially as the importance of computers increases and more stringent laws are put in place. When doing something on a computer, just stop and think, ‘would this be legal in real life’ or ‘would a real life equivalent situation be illegal’? If so, you will in 99.999% of cases still be breaking the law. The fact that it is done on a computer makes no difference to the courts.
So next time your curiosity gets the better of you, it would be advisable to remember just quite how much trouble you might end up in!!
View Comments (18)
1 2 Next »Hmm, interesting. Never knew you could be sentenced for "stealing a password" under the Theft Act. I'm not sure how it is a false instrument though, because it is the same. Are you "cloning" anything? You're using a password.
Sorry, I've quoted the wrong act. It's actually the Forgery and Counterfeiting Act 1981. However, the offence is correct - "making of a false instrument".
It's not to do with the actual "stealing" of the password, its what you do to it.
Take this for example. You drop a cheque on the ground, I pick it up. You've sent me a letter in the past, so I've also got your signature. I then write a cheque to myself, perfectly copying your signature.
The signature is the same, but you did not sign it. I have therefore 'made a false instrument'.
This is exactly the same as knowing / obtaining someone elses password and then using it yourself. Hence also 'making of a false instrument'.
This was established by the crown in R v Schifreen 1985. :).
Think I'm yawning already... ;)
Lol, you're supposed to enjoy law lessons! ;).
Not really. We have to do enough disclaimers at work.
Disclaimers are boring when compared to this real interesting computing law!!! :D.
zzzzzz
Tired? ;-).
Well when it comes to legal stuff, yes ;-)
You sure you don't want us to set up your place on a DPS Computer Legal course.
We'll even do role play - set it up like a courtroom and act out the cases ;).