Life Sentences For Serious Cyberattacks Proposed In Britain 216
Bismillah (993337) writes 'The British government wants life in prison for hackers who cause disruption to computer networks, resulting in loss of life or threat to the country's national security. From the article: "The UK government will seek to amend the 1990 Computer Misuse Act "to ensure sentences for attacks on computer systems fully reflect the damage they cause. Currently, the law provides for a maximum sentence of ten years' imprisonment for those who commit the offence of impairing a computer. A new, aggravated offence of unauthorised access to a computer will be introduced into the Computer Misuse Act by the government, carrying far longer sentences."'
Why not the death sentence while You're at it? (Score:3, Insightful)
Stupid gits.
Re:Why not the death sentence while You're at it? (Score:5, Insightful)
No, the death sentence is reserved for politicians and prime ministers who go to war on false pretenses just to get re-elected, resulting in loss of life or threat to the country's national security. From the article: "The UK government will seek to ensure sentences for attacks on society fully reflect the damage they cause".
Re: (Score:2)
No, the death sentence is reserved for politicians and prime ministers who go to war on false pretenses just to get re-elected
The strange thing is that this isn't even a very good strategy, at least not in the UK. Blair's administration only just retained power at the general election after going to war in Iraq, and even that was because of a combination of quirks in our electoral system. At the following election, it was closer to "Labour? Who are they?".
Re:Why not the death sentence while You're at it? (Score:5, Informative)
But not only was the death penalty for treason abolished [wikipedia.org]; we're prohibited from restoring the death penalty (for any offence) as long as we're signed up to the European Convention on Human Rights.
Re: (Score:2)
Well, considering the damage various wars have caused to the faith in crown and country, some politicians should be very GLAD there's no death penalty for high treason anymore.
Re: (Score:3)
I don't know of anybody like that. I'm glad we don't have the death penalty.
Re: (Score:2)
Death is reserved for people who are unable to reform and function in society, who are unable to function within the prison system, and who are unable to be medicated into submission for their natural lives.
Well, you just described your average politician so I'm not sure what your beef is.
Re: (Score:2)
Re: (Score:2)
Fire, theft, or all risks?
Re: (Score:3)
These people fit into the third category; Medicated. They should be given all the care and treatment we can
Re: (Score:2)
FYI psychopath does not equal violent.
Re: (Score:2)
Re: (Score:2)
But not only was the death penalty for treason abolished; we're prohibited from restoring the death penalty (for any offence) as long as we're signed up to the European Convention on Human Rights.
Damn those pesky human rights. Maybe we could make like the Americans and set up a torture camp on the Falklands so we don't have to obey our own laws.
Re: (Score:2)
"A hack that causes deaths, serious illness or injury"
So what kind of punishment do you propose for such actions?
Re:Why not the death sentence while You're at it? (Score:5, Insightful)
I don't see why causing death by a hack should have any special treatment compared to causing death by an ice pick, a bullet, high voltage electricity, or any other exotic means.
There should be no special legislation needed for this.
Re: (Score:2)
Throw a bit about death and injury in there, but it will probably get used for monetary losses.
Re: (Score:2)
Precisely, and the national security aspect just sounds like a way of jailing any hacker they don't like (think Edward Snowden, Julian Assange) for a long time.
We already have manslaughter and murder laws, I hate laws that double up on the same crime, they lead to abuse by the justice system.
Re: (Score:2)
Exactly, because "threat to the country's national security" is such a nebulous term that it could be applied in an awful lot of cases which are very inflated applications of it.
Unless that is defined pretty rigidly, that gives them a tremendous latitude to apply it whenever they want to.
Re: (Score:2)
But but but but it was on a computer!
Re: (Score:2)
I don't see why causing death by a hack should have any special treatment compared to causing death by an ice pick, a bullet, high voltage electricity, or any other exotic means.
There should be no special legislation needed for this.
The problem was the legislation that was used to prosecute hacks didn't make this distinction. All they are proposing is to bring it in line with the other, existing, legislation.
Re: (Score:2)
Re: (Score:3)
At least in the US, it's common to treat death caused by felonious action as premeditated murder. Therefore, if somebody violated the CFAA by maliciously breaking into a hospital system, and disrupted life-support systems in an ICU, they might well face first-degree murder charges.
Re:Why not the death sentence while You're at it? (Score:5, Interesting)
Oh, the government claims they cannot release the names due to "operational considerations"...
This is why allowing vague terms like "national security" or "terrorism" as a justification for any penalty in law is dangerous. There is a certain irony in this news arriving on the same day that there are moves to hold a terrorism trial completely in secret. It's not so long after the Gary McKinnon fiasco, either.
Re: (Score:2)
It would be cheaper to have some one constantly monitor them and not allow them to own their own computer, then putting them in prison.
Reform is always better then punishment.
Re: (Score:2)
Typical posturing crap from politicians. No doubt teenagers will be sent to prison for life for discovering security vulnerabilities. Having said that the morons known as the general population put up with this shit so lets concentrate on saving the children from terrorists and pedos by turning off the internet. When they have safely grown up we can pay them benefits cheques instead of a job or put them in prison for the rest of their lives sewing mail bags. Lets get our priorities right eh.
Civilisation is
Re: (Score:2)
Stupid svns
FTFY.
Re: (Score:2)
I thought U.S. law enforcement were the lazyest on this planet, now the U.K. is trying to co
Re: (Score:2)
Because no member of the EU can punish someone by death.
http://europa.eu/legislation_s... [europa.eu]
Re: (Score:2)
if they float they are guilty (Score:5, Insightful)
http://listverse.com/2012/07/2... [listverse.com]
Re:if they float they are guilty (Score:5, Funny)
The next test for guilt in "hackers" might be that they float
Real hackers only use int.
Re: (Score:2)
The next test for guilt in "hackers" might be that they float
Real hackers only use int.
Which is funny if you use a language where "real" means float (i.e. a real number, as opposed to rational or integer). At least Fortran does this, and I think we can all agree that Fortran is one of the few languages fit for a Real hacker.
Re: (Score:3)
Aapparently we are just over a decade behind the US where a hacker could "start a nuclear war by whistling into a pay phone".
Re: (Score:2)
The next test for guilt in "hackers" might be that they float
- What makes you think she's a witch?
- She turned me into a newt!
- A newt?
- I got better.
- Burn her anyway!
- Quiet! Quiet!
- There are ways of telling whether she is a witch.
- Are there? What are they? Tell us. - Do they hurt?
- Tell me, what do you do with witches?
- Burn them!
- And what do you burn, apart from witches?
- More witches! - Wood!
- So why do witches burn?
- 'Cause they're made of wood? - Good!
- So, how do we tell if she is made of wood?
- Build a bridge out of her.
- Ah, but can you
Re: (Score:2)
So you mean, there really are no hackers?
Re: (Score:2)
Re: (Score:2)
Also, the nice thing about using brutal sentencing to slow the pace of attacks is the cost shifting. The Taxp
Life Sentences! (Score:4, Insightful)
How about for corruption, embezzlement and all the other ways criminals and terrorists outright destroy the lives of citizens daily?
Re: (Score:3, Insightful)
Add self-serving & corrupt bankers and lawyers to that lot and you get my vote
Re:Life Sentences! (Score:5, Insightful)
You got that wrong. We want to lock up those that could present a danger to the powers that are, not the ones that fund them.
Re: (Score:2)
You dont count, its only crimes against the State that attract special attention. Nothing like as bad as China but with stuff like this we are equally capable of creating bad law.
Re: (Score:2)
How about for corruption, embezzlement and all the other ways criminals and terrorists outright destroy the lives of citizens daily?
Won't work, because the criminals and terrorists will never agree to it.
Re: (Score:2)
>How about for corruption, embezzlement and all the other ways criminals and terrorists outright destroy the lives of citizens daily?
Yeah, but the politicians themselves are often in on those sort of things, so ...
Another case of 'same, but with a computer' (Score:5, Insightful)
The first part 'loss of life' should already be covered by simply applying murder and/or manslaughter charges. There is no reason to invent a new law for this, only because it's done with a computer.
The second part 'threat to the country's national security' on the other hand is such a broad term, it is basicly a blank check where they can fill in any sentence for any crime as they wish.
So I guess it's really about the second part, and the first part is only there to give it more weight: 'HACKERS MIGHT KILL YOU!'
Combine it with the other announcement. (Score:5, Insightful)
The second part 'threat to the country's national security' on the other hand is such a broad term, it is basicly a blank check where they can fill in any sentence for any crime as they wish.
Now combine this with the other announcement: "UK Seeks To Hold Terrorism Trial In Secret" so such "threat the national security" rule also means that the trial get to be secret.
So I guess it's really about the second part, and the first part is only there to give it more weight: 'HACKERS MIGHT KILL YOU!'
Yup. To me it sounds like "You do something we don't like with a computer? We get the right to disappear you! For Life! Cause, you see, it's a matter of national security. Thus the trial is secret, and the sentence is life"
Re: (Score:2)
EG:
People have fridges with embedded computers, that can re-stock themselves with food by ordering online. Disrupting that computerised fridge could be seen as attempting to starve them to death with a computer:
'cause deadly civil unrest through cutting off food distribution, telecommunications networks or energy supplies'
Re:Another case of 'same, but with a computer' (Score:5, Insightful)
The first part 'loss of life' should already be covered by simply applying murder and/or manslaughter charges. There is no reason to invent a new law for this, only because it's done with a computer.
A cynical guess as to why they might want a separate law is because the prosecutor doesn't want to have to actually prove murder and/or manslaughter according to conventional standards of evidence.
Re: (Score:2)
http://intrawebnet.com/wp-cont... [intrawebnet.com] ;)
Re: (Score:3)
The first part 'loss of life' should already be covered by simply applying murder and/or manslaughter charges. There is no reason to invent a new law for this, only because it's done with a computer.
That's the problem. In UK law, it is murder if you intended to kill or cause serious injury to someone, and someone dies as a result (may be another person). If some bloody idiot hacks into a hospital's computer system "for the lulu" (Safari replaces a z with an u, and I find it actually more appropriate that way), and as a result people die without any intent to cause death, then apparently this isn't murder currently.
Re: (Score:2)
Re: (Score:2)
What if someone cuts the water or power to the hospitol and mixes suger in the gas of the generator? There is no reason this should specifically include computers and not other attacks.
The difference between this and computer hacking is that you have to be physically present. You see a hospital. Your mind realises there is a hospital with people. The hacker doesn't see a hospital, he sees a keyboard and a screen. For some low lives there is no connection between their actions and real people. It's like a violent computer game.
Re: (Score:2)
The first part 'loss of life' should already be covered by simply applying murder and/or manslaughter charges. There is no reason to invent a new law for this, only because it's done with a computer.
That's the problem. In UK law, it is murder if you intended to kill or cause serious injury to someone, and someone dies as a result (may be another person). If some bloody idiot hacks into a hospital's computer system "for the lulu" (Safari replaces a z with an u, and I find it actually more appropriate that way), and as a result people die without any intent to cause death, then apparently this isn't murder currently.
In the UK, I'm, fairly sure this would currently be classed as Involuntary manslaughter: http://en.wikipedia.org/wiki/M... [wikipedia.org] & http://en.wikipedia.org/wiki/I... [wikipedia.org]
What if someone cuts the water or power to the hospitol and mixes suger in the gas of the generator? There is no reason this should specifically include computers and not other attacks.
As would this
Re: (Score:2)
Inddeed. "Threat to the national security" was recently used to quash an investigation into corruption and bribery involved in a deal with Saudi Arabia. Important to have the Saudi royal family on your side, apparently. More important than the law or justice; so the "National Security" card was played and everything got dropped.
This move is about stopping people like Edward Snowden. It what we've come to expect from the Britsh State.
Meanwhile, the government gets up to whatever the hell it likes under the u
Don't worry (Score:2, Funny)
This will never be abused to give people disproportionate sentences by stretching the definition of what a "threat to the country's national security" is.
Loss of life (Score:5, Insightful)
I can see stiffer sentences if the hacking leads to loss of life DIRECTLY. For example, hacking into a hospital system and bringing down critical life saving systems.
But to me, and I don't know how the UK manslaughter laws are rigged, it would be more helpful to update those laws instead of this one.
Having said that, national security combined with unauthorized computer access can and will be used against whistleblowers of government abuse. Watch for that to happen.
Re: (Score:2)
I can see stiffer sentences if the hacking leads to loss of life DIRECTLY. For example, hacking into a hospital system and bringing down critical life saving systems.
But to me, and I don't know how the UK manslaughter laws are rigged, it would be more helpful to update those laws instead of this one.
Having said that, national security combined with unauthorized computer access can and will be used against whistleblowers of government abuse. Watch for that to happen.
I'm generally in favour of people not getting any discounts on sentences for 'cyber attacks'. This is partly because I remember a time long ago when certain egotistical morons saw creating malware and letting it loose on the public as a good career move, a short cut to a well paying job. However, even those people don't deserve a life sentence and whoever thought of that idea should look up the word 'draconian' in a dictionary. If a cyber attack kills somebody use the manslaughter laws, if they cause massiv
Re: (Score:3, Interesting)
If a cyber attack kills somebody use the manslaughter laws
Exactly.>/i>
We already have laws covering both unauthorised access to a computer, and covering loss of life (whether negligent, unintentional, or premeditated). You don't need a new law to cover them both!
Hacker causes life support machines to fail by setting off the sprinkler system, causing electrical faults? Computer Misuse Act (10 years) + Manslaughter (Unintended consequence, maximum life) = sentence
Hacker causes industrial machinery of previous employer to fail catastrophically intentional
This is why no Briton.... (Score:5, Insightful)
...is in a position to criticism the US. I lived in Scotland for years, so I'm fairly familiar with the UK, and from Oz originally.
The US is losing it's way, but not as badly as the UK. Crazy amounts of surveillance, very poor rights for photographers and journalists, ridiculous laws such as going to jail if you forget an encryption key...
Not to mention this nonsense. Prison is not meant to be primarily a deterrent, but a way to rehabilitate if possible. Because, you know, the punishment should fit the crime.
Something all western countries seem to have forgotten...
Re: (Score:2)
I'm not disagreeing with any of your observations, but I do think "people who live in glass houses" isn't much of an argument, even in the best of cases.
The way I look at it is all today's governments are abominations, so they all need criticizing. And today happens to be the UK's turn.
Re: (Score:2)
"Prison is not meant to be primarily a deterrent, but a way to rehabilitate if possible"
Err , sorry , excuse me? A primary deterrent is exactly what it is and a way to keep criminals out of main society. Rehabilitation comes later if it even works which with a lot of psychopaths and sex offenders it doesn't.
Re: (Score:2)
No, it is not a deterrent. Nor should it be a punishment. It should be focused on rehabilitation.
It is much cheaper and far more effective, and far better for society.
A TINY amount of people can't be rehabilitated, but they can be medicated.
Re: (Score:2)
"very poor rights for photographers"
Like what? If you mean you can't go and break into someone's garden and take pictures of them naked through their bedroom window to sell to the tabloid press, then yes, we're absolutely awful in this respect. What a shame.
Other than that apart from some police officers who got it wrong in terms of letting people take pictures where they actually could I don't really see what the deal is. I've been able to take pictures just fine in everything from military bases, to the L
Re: This is why no Briton.... (Score:2)
The UK has always had a headstart on corporate-driven fascism, way back to the Empire, but Americans are proving adept at catch-up. See, this kind of sentencing makes perfect sense as soon as you adopt the position that only corporate interests matter.
Re: (Score:2)
Re: (Score:2)
Britons are not party to the nefarious shenannigans of the British state (by and large). Britons who oppose such things should be free to criticise them wherever they happen. As should everyone.
How about the other way around? (Score:2)
Shouldn't maintainers of compromised systems be held liable for skimping on security?
Re: (Score:2)
That's right. Blaming the victim has always been a popular tactic amongst the criminal classes.
Re: (Score:2)
So you leave your doors unlocked and open when you go out do you?
I assume nobody in your neighbourhood would even consider walking in and stealing all your shiny things...
Re: (Score:2)
Bad anology.
If I was foolish enough to leave my door open then I'd get stuff stolen. That would be bad enough. I wouldn't also expect the authorities to come around and hold me liable for having my stuff stolen.
Re: (Score:2)
If you're using an insecure system which you know is an insecure system ... are you still a victim?
Say you know you're running a system which hasn't been patched for the Heartbleed bug, and you know about the issue (because, you pretty much couldn't know).
If you get hacked, you're not a victim, you're an idiot.
Re: (Score:2)
... are you still a victim?
Yes. Unless you are suggesting that being foolish/ignorant/unaware makes it ok to commit crime against.
Re: (Score:2)
No, I'm saying your being foolish/ignorant/unaware in this case means you have only yourself to blame.
The reality is, computer attacks are automated, widespread, and more or less inevitable.
The crime is going to happen anyway. But if you don't take your own reasonable steps to ensure it doesn't happen to you then don't be surprised when it happens.
I'm not saying this is true for all crimes -- but at a certain
how many of the bankers went to jail... (Score:2)
you know the ones that caused the crash through corruption and fraud...
Exactly why do the hackers go to jail for making machines write "poop" on the home screen but bankers can cause literal trillions to evaporate and we just shrug?
Just curious...
Imprison the whole GCHQ for life? (Score:2)
Obviously, GCHQ has done the most damage to "computer infrastructure" since the Morris worm, and funneled data about British citizens out of the country, into the hands of possible malign foreign actors.
The whole GCHQ should be arrested for treason.
Re: (Score:2)
"possible malign foreign actors"
That'll be the NSA then?
Re: (Score:2)
life sentences life in prison (Score:2)
A life sentence does not equate to life in prison. They are almost always eligible for parole after 15 years.
Re: (Score:2)
Still has no relevance to the crime at hand. Rape? 5 years. Ruining the economy by embezzlement? Priceless, but free.
Re: (Score:2)
"Rape" and "ruining the economy by embezzlement" are not the topics of this article.
Re: (Score:2)
No, but good examples of real crimes.
Do what we say... (Score:2)
.. not what we do. What is doing the GCHQ would be worth to be in jail till the sun turns into nova.
Even peaceful use of technology could be seen as an hostile act by the authorities that actually use it as a weapon.
Oi. The stupid. It hurts... (Score:2)
While I agree with longer sentences for repeat offenders, I can't really condone LIFE sentences for hacking/cracking.
You have people out there knifing, stabbing, shooting and strangling people when they're not just straight out beating them to death or killing them with a car.
You have people committing all sorts of frauds that cost people their life savings and endanger their health and well-being.
All of these people get slaps on the wrist. But a hacker/cracker should get life?
Uh. WHAT?
Basically this is y
"Life" != Life (Score:3)
The phrase "life imprisonment" means nothing in the UK. Recently a man absconded from a prison who was said to be serving 3 life sentences. From reading the newspaper article reporting the case it transpired that his tariff was actually 13 years (sorry can't remember which paper or exact details).
So when being used by the UK justice system the term "life" would seem to refer to about an average dogs life. It's totally meaningless and quite frankly an insult to your intelligence.
This being the case "life" for computer related offences will probably mean you serve about 1/2 hour in an open prison - unless you take some money off someone powerful in which case you'll probably get a "life" sentence of about 10 years.
This doesn't take away fropm the fact that this is anoter pathetic, ill thought out, idea for legislation dreamt up by one of the useless cretins currently in parliament.
The UK justice system is a sad joke whose only purpose is to protect the rich and powerful (same as the world over really)
Translation = (Score:2)
Those with the fat purses,
who own the computers,
do not wish to spend the $ to secure said computers.
Misuse is a pretty vague term
Hacking
impairing
Attacking
Are not far behind.
Smells like a planned way to... (Score:2)
Sensationist Bullshit (Score:5, Informative)
The linked story is Sensationist Bullshit, there is no such measure announced in the Queens speech, (Queens-Speech-2014-The-full-transcript) [telegraph.co.uk]
The planned "Serious Crime Bill" [www.gov.uk] will ensure sentences for attacks on computer systems fully reflect the damage they cause.
Given the current Computer Misuse act is absolutely useless [lawteacher.net] this is a good move.
Will they include MI5, MI6 and GCHQ? (Score:2)
the whole "cyberattack" thing is grossly overblown and is primarily a) outrage of US/UK against those doing the same to it as it does to them and b) a mega growth industry to complement or be absorbed by the current military industrial complex.
Too inflated already (Score:2)
um (Score:2)
How long do you think it will take for them to apply this to some high-school senior that hacks his grades or something? A month?
How about we start with... (Score:2)
Much like in the US... (Score:2)
...the penalties are worse for asaulting a computer than they are for asaulting a person!
Re: (Score:2)
I was thinking the same thing -- never known anyone getting life for aggravated assault, even for attempted murder. Seems like a terribly written law that could be very easily be broadly applied and abused by UK authorities.
This is not the right response (Score:2)
The real bad guys are simply undeterred by this, and botnets continue to expand.
Also... this seems wrong... it's like elevating a petty theft to a felony, because of some technicality, the thief wouldn't even have known about.
The real severe sentence should be on the folks who negligently designed computer networks that were susceptible to easy attack, And/OR the folks who broke policies and allowed them to come under attack.
For example: If you plug your waterworks into the internet, and some hac
Re: (Score:2)
Re: (Score:2)
You don't get a pass for sticking a spear in someone's chest, just because they exposed their belly.
It's an irrelevent analogy. A computer system is not someone's belly.
A more apt analogy is: Some shortsighted folks decided to setup a little tent somewhere in the middle of the interstate, and lie down to take a nap: and they are proposing to execute anyone running over these folks while they were asleep in their tent.
I remain opposed to the death penalty but ..... (Score:2)
Proporionate to other UK sentencing laws? (Score:2)
Anyone from the UK care to comment. Because I never thought of the UK as being draconian in their sentencing (if anything, a little light on some crimes).
What's the sentencing range for serious crimes like rape, aggravated assault, attempted murder, or causing serious bodily harm, etc? I mean do people get life for causing serious injury in the UK? I doubt it, so why does a football hooligan not get life for beating someone severely, but equivalently hurting someone with a computer merits life? Sounds like
10 years, No Computers Sufficient (Score:2)
10 years and no computer access should be sufficient, they would be mostly harmless by then with technology advancing
But other crimes for injury and death could be added on instead of just a blank life sentence.
I'd support this (Score:2)
A criminal negligence statute that all reasonable protections against hacking must be taken to secure customer data or data which affects a countries national security. Applicable to specifically to any company officer. Make safety of data a priority.
Re: (Score:2)
What the fuck is up with the 'Ads Disabled' feature being broken since last night? It's like /. is doing everything they can to drive away long time users.
Never ascribe to malevolence that which can be adequately accounted for by incompetence.