Poll: Should this bill be passed into law?
As many are of the opinion, Aye (18)
43.9%
On the contrary, No (13)
31.71%
Abstain (10)
24.39%
This discussion is closed.
toronto353
  • Political Ambassador
Badges: 19
Rep:
?
#1
Report Thread starter 5 years ago
#1
V691 - Cybercrime Prevention Bill 2014, TSR Opposition


Cybercrime Prevention Act 2014



An Act to legislate measures that protect the nation from the trouble of Cybercrime, whilst recognising an individual's right to freedom of privacy.



BE IT ENACTED by the Queen’s most Excellent Majesty, by and with the advice and consent of the Lords Spiritual and Temporal, and Commons, in this present Parliament assembled, and by the authority of the same, as follows:—

1. Definitions

—1. Cybercrime is hereby defined to be criminal activities carried out by means of computers or the Internet.
—2. Hacking is hereby defined to be gaining unauthorised access to data in a system or computer.
—3. Black Hat Hackers are hereby defined to be an individual or entity who violates computer security for malicious reasons or for personal gain.
—4. White Hat Hackers are hereby defined to be an individual or entity who violates computer security for non-malicious reasons, with a known contractual agreement with the organisation or entity it is hacking.
—5. Damage is hereby defined to be physical harm which reduces the usefulness or normal function of something, be it Economic, Environmental, Social or impairment of National security.
—6. "Victim" is hereby defined for the purpose of this bill to be an individual or entity to whom damage is done, as a result of hacking.
—7. Right to privacy is defined for the purpose of this bill to be the freedom given to an individual to expect their data not to be accessed, unless for the purpose of securing national security or preventing conflict in society.

2. Offences

—1. An individual or entity is found guilty of an offence if -
——a. Damage is done to a "Victim".
——b. Hacking occurs with no effort made to warn or inform the "Victim" that the act of Cybercrime was to occur.
——c. Hacking occurs which results in a breach of an individual or entity's right to freedom of privacy.
——d. Information sharing occurs between the hacker and another individual or entity anywhere in the world without the "victim"'s consent, whereby each party is either sending and/or receiving information that had been gained through Cybercrime.
——e. Control of another computer occurs without agreement from the computer's owner and is used for malicious purposes (e.g. DDoS attacks, Command and Control servers etc).
——f, Equipment is built specifically to hack, control and cause damage to a "victim" (this includes equipment used to hijack electronics such as drones).

3. Exemptions

—1. A hacker is exempted from Sub-section 2.1.b if the hacker was a professionally certified White Hat Hacker with an implicit contractual agreement with the "victim" which involved simulating a Cyberattack or testing the "victim"'s ability to defend against Cyberattacks. This exemption clause may be used in situations where hacking needed to be done without explicit prior notice as to when such attack would occur, or if the hacker was a member of a law enforcement agency with a mandate to shut down a "victim"'s Cybercrime operation.
—2. A hacker is exempted from Sub-section 2.1.c if the hacker had been sanctioned by a court or the Parliamentary Intelligence and Security committee for reasons of protection of society or national security.
—3. A hacker is exempted from Sub-section 2.1.d if the hacker receives a court order or an approval from the Parliamentary Intelligence and Security committee that specifically allows the data gained from hacking to be given to another intelligence agency for reasons of protection of society or national security.
—4. A hacker is exempted from Sub-section 2.1.f if the hacker is using the equipment for the purpose of White Hat Hacking.

4. Sanctions

—1. Those found to be in contravention to Sub-section 2.1 -
——a. May be imprisoned for a maximum of 10 years (to be determined by the judge) where they are unable to provide compensation to repair the damage done or if they had previously been found guilty of being in contravention to any offence listed in Section 2, and where no exemption from Section 3 applies.
——b. May be fined so that they provide sufficient compensation (to be determined by an independent expert in all non governmental cases) to repair the damage done when they are financially capable of doing so, and where no exemption from Section 3 applies.
——c. Where there had been no prior history of being found guilty of being in contravention to any offence listen in Section 2, the hacker may be given a warning where any further offence will result in imprisonment as detailed in Sub-section 4.1.a.

5. Commencement, Short Title and Extent

—1. This Act may be referred to as the Cybercrime Prevention Act 2014.
—2. This Act extends to the entire United Kingdom.
—3. This Act will come into effect on the 1st of April 2015.




Notes
Spoiler:
Show


1. This act was designed to modernise legislation to respond effectively against new efforts by hackers to profit from Cybercrime through Ransomware, DDoS attacks, and information leaking (such as the attack and consequent data sharing by Hack in a box on The Student Room).

2. This act continues to allow those attempting to strengthen the Cybersecurity of individuals and firms (known as White Hat Hacking or Ethical Hacking) to operate without acting in a manner that is illegal.

3. Those in violation of any offence outlined in Section 2 without an exemption from Section 3 are deemed to be Black Hat Hacking, for which Section 4 applies.

4. All national intelligence agencies (GCHQ, MI5, MI6) are legally obliged to comply with this act unless exempted under a condition outlined in Section 3.

5. National intelligence agencies can continue to operate as per usual, but as detailed in Sub-section 2.1.c, may not gain intelligence in a manner which does first ask for permission from an individual or entity without first gaining authorisation from the Parliamentary Intelligence and Security committee or a joint direct authorisation by the Secretary of States for Defence and Foreign Affairs, to extract data specifically from their "Victim". This was written in response to concerns regarding the recent hacking programme by the NSA and GCHQ.

6. National intelligence agencies can continue to operate as per usual, but as detailed in Sub-section 2.1.d, may not share or gain intelligence obtained from hacking or spying, with another intelligence agency without gaining authorisation from the Parliamentary Intelligence and Security committee or a joint direct authorisation by the Secretary of States for Defence and Foreign Affairs, approving the specific data being shared. This was written in response to concerns regarding a possible legal loophole that allowed intelligence agencies to circumvent existing legislation.

7. DDoS attacks refer to when a hacker controls a computer network for the purposes of overwhelming another network to render it inoperable.

8. Command and Control servers refer to computers used by a hacker to distribute ransomware and proceeds gained from it.

9. Ransomware refers to malware which restricts a computer's operation and demands a ransom of some kind to be paid in order to regain full operation.

10. A maximum of ten years can be seen to be excessive, but this figure is set based on the existing maximum sentence of the Computer Misuse Act for impairing a computer, and the actual figure remains to be set at the discretion of the judge.

11. Equipment used to hack other devices can include drone hacking drones, hacking adapted smartphones and tablets, laptops running custom software for the purpose of accessing files without authorisation etc.



0
RayApparently
Badges: 21
Rep:
?
#2
Report 5 years ago
#2
This will be close, but I'm happy to contribute to the passing of this bill.
1
arminb
Badges: 3
Rep:
?
#3
Report 5 years ago
#3
You should make it clear which body will monitor the cyberspace. We need to ensure that this will not end up as an excuse to censor the internet and make it end up like Fox news.
0
RayApparently
Badges: 21
Rep:
?
#4
Report 5 years ago
#4
I like this bill but seriously what is it with the Opposition and really fancy crests?
0
Observatory
Badges: 20
Rep:
?
#5
Report 5 years ago
#5
I voted no, as it seems to grant many bodies, including political bodies, unlimited scope to authorise hacking.
0
toronto353
  • Political Ambassador
Badges: 19
Rep:
?
#6
Report Thread starter 5 years ago
#6
The Ayes have it, the Ayes have it! Unlock!
0
X
new posts
Back
to top
Latest
My Feed

See more of what you like on
The Student Room

You can personalise what you see on TSR. Tell us a little about yourself to get started.

Personalise

With HE fairs postponed, would a virtual HE fair be useful?

Yes (97)
61.78%
No (60)
38.22%

Watched Threads

View All