THE UK government has pledged a wide scale refresh of computer law, including further amendments, by the end of 2008.

The Home Office made the announcement after The European Commission chastised the UK for not bringing its computer law up to date, even though it has been beset by large scale security failures that have damaged the government's reputation.

The delay has prompted a call for the UK's Computer Misuse Act (1990) to be ditched and the law on hacking and other computer crime to be rewritten. It has already been amended twice in the last three years.

"The Government intends to bring all of the changes in together," said the Home Office in a statement, refering to amendments to the Computer Misuse Act made by the Police and Justice Act (2006) and the Serious Crime Act (2007).

But the UK has been committed to make further changes since it agreed in 2005, before any of the existing amendments were made, to implement the European Framework on attacks against information systems.

Jacques Barrot, European commissioner for 'Freedom, Justice and Security', today chastised the UK, Ireland and Greece out for having dragged their feet over the implementation of the framework.

However, the Home Office said this evening that it had now set a time table for implementation of the Framework, after it had implemented the amendments it had already made to the Computer Misuse Act.

“We will implement the Framework Decision following this, along with ratification of the Council of Europe Cyber Crime Convention," it said, “We intend to complete this by the end of 2008.”

Member states had promised to bring the 2005 Framework into force by March 2007. Twenty other states had implemented the framework closely and quickly enough to avoid censure. But Malta, Slovakia and Spain were told off for failing to show they had done anything about it at all.

The government pledged to implement the Council of Europe Cyber Crime Convention in the Spring, after it was attacked by David Davis, the then Conservative shadow home secretary, for not taking computer crime seriously enough.

Professor Peter Sommer, a cyber security expert at the London School of Economics, said: "There has been a delay in the implementation because the Home Office got rather confused and now nothing regarding cyber crime is particularly fashionable with the government anyway. They are more concerned with anything to do with knives, ant-social behaviour or terrorism."

Dr Yaman Akdeniz, of the Leeds University Cyber Law Centre, said the Cyber Crime Convention represented an opportunity to "completely abolish" the Computer Misuse Act and "to redefine the law".

"What's needed is a complete overhaul of the Computer Misuse Act, because its hard to understand, its out of date, and it doesn't comply with the Council of Europe's 2001 Convention on Cyber Crime," he said.

"It's all a bit messy in my view. The EU version is much broader. There's more concern at the EU level on the protection of information systems than attacks on simpler computers," he added.

Barrot, who is also vice president of the Commission, said in a statement: "Recent successive criminal attacks against information systems, in particular the massive attacks directed against Estonian information infrastructures in 2007, underline the need for a closer European coordination of responses to such attacks." µ

L'Inq's
Hackers attack Boris as Tories call for crackdown
Pentagon hacker in the hands of the Lord(s)
NATO prepares software defences
Estonia defends NATO from Cybermen
Hacking microprocessors is the next step
Russian desperadoes launch cyber attack on Lithuania