Categories
Archives
- May 2008
- April 2008
- March 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
David Lennon, a U.K. teenager has been sentenced by a Magistrate Judge in Wimbledon Magistrates Court to a two-month curfew for sending 5 million e-mails to Domestic & General Group which crashed its servers. The conviction came under the Computer Misuse Act which explicitly outlaws the "unauthorized access" and "unauthorized modification" of computer material.
Lennon’s case was reviewed earlier by another judge who held that massive amounts of e-mail did not violate the Computer Misuse Act because e-mail servers were set up to receive e-mail and therefore each individual email constitutes an "authorized modification" to the server under the Act. The previous ruling was challenged by the prosecution and was sent back to the Magistrate Court.
The Magistrate Judge, in realizing that some damage has been made, said,
Even given his age at the time, this was a grave offense and caused serious damage, so I need to impose something to make him think again.
It is interesting to note how the U.K. Courts have struggled with applying the Computer Misuse Act in computer contexts such as this one. Arguably, as the initial court held, sending e-mail messages to a server is "authorized" and should not be criminal even if done on a large scale basis (5 million). In reality, some damage has been done to the servers because they crashed under the heavy load, and the Magistrate Judge seemed to realize this, but still seem uncomfortable. In the United States, early e-mail spam cases were brought under the Computer Fraud and Abuse Act (or state equivalents) with mixed success. Although it is not exactly clear whether the CAN-SPAM Act has had any significant impact on the amount of spam, it has provided an easy to use and clear tool to fight spam in the United States.
Because of cases such as this one, the U.K. Computer Misuse Act has been considered insufficient to stop crimes such as large scale spam or denial-of-service attacks and amendments have been proposed which would increase penalties and would criminalize behavior such as "maliciously impairing the operation of a computer or preventing access to programs or data." [Will Sturgeon, U.K. cybercriminals threatened with 10-year term, CNET , Jan. 26, 2006]
Recent Posts
- No download? Maybe no infringement in another Federal District Court
- CAN-SPAM Rules Modified
- CFAA Damages Calculation Includes Cost of Tracking Hacker
- Courts split on whether making a copyrighted song available for download violates copyright law.
- How to Respond to Data Breach
- Border Agents Can Search Laptops
- What is your return address?
- Proposed FRE 502 is good for electronic discovery, but it is not going to drastically reduce the cost of litigation as the authors are hoping.
- British Authorities: Insult to Injury
- Introduction to James Paulick
- TXJ Costs Continue Increasing
- Proposed Amendments to Section 1030
- Securing the Endpoints
- Measurement of Spam Damages For Federal Sentencing Purposes
- Email Attack Targets Executives