Various British MPs are lobbying for increased jail sentences for computer crime. This is stupid: the day computer crime is anything more than a mild annoyance to anybody will be the day I eat a salad made entirely of hats.
As an individual, if you’re too half-witted to install AV software, download security patches, and avoid clicking on “make your web experience way groovy with our dodgy software” links, you probably shouldn’t be using a computer. As a business, similar rules apply: you ensure your networks are properly firewalled and patched, you ensure customer data is kept on secure servers, or you go back to ledgers and abaci. It’s not rocket science.
There are, admittedly, a few people who might use cybercrime to cause serious damage to non-idiots – fraudsters, extortionists and terrorists. However, they’re already eligible for long prison sentences for fraud, extortion or terrorism. The proposed legal changes would make zero impact on these crimes, while leaving mostly-harmless recreational hackers eligible for serious jail time…
It’s not like the CMA is often used anyway. This really is posturing. (Actually, the idea of explicitly making denial-of-service attacks illegal is a good one, but still noone gets prosecuted.)