updated 06:48 am EDT, Thu June 5, 2014
Proposed Serious Crime Bill in Queens Speech includes harsher cyberattack sentences
Hackers in the United Kingdom could face tougher penalties in the future, as a part of government plans announced in the Queen's Speech yesterday. The proposed Serious Crime Bill, part of which updates the 1990 Computer Misuse Act, would see penalties up to and including life sentences for cyberattacks that cause death or serious injury, or is deemed a threat to national security.
The Serious Crime Bill proposal states hackers that perform "cyberattacks which result in loss of life, serious illness or injury, or serious damage to national security, or a significant frisk thereof" will potentially receive the full life sentence, reports The Guardian. A maximum 14-year sentence will apply to attacks deemed "a significant risk of severe economic or environmental damage or social disruption," increasing the existing Computer Misuse Act limit of a 10-year sentence.
Opponents of the bill have already spoken out, with Open Rights Group Executive Director Jim Killock claiming the bill would be hard to prove as a necessary law, as existing laws already offer punishments for computer crimes and terrorism. "If a supposed cyberterrorist endangers life or property, there are existing laws that can be used to prosecute them," said Killock.
It is also suggested by opponents that the bill does not fix an issue in current law, which can be used to punish security researchers and penetration testers using similar techniques to criminals. According to the report, researchers examining the Heartbleed bug could in theory be prosecuted under the UK's hacking laws, and it is unclear if the bill allows altruistic hackers any leverage.