Open navigation
Search
Search
All expertise
Explore our breadth of expertise.
International Desks
Helping you access overseas markets with support from our country and region-specific experts
Sectors View all
Practice Areas View all
Offices
Discover the scope of our presence in the jurisdiction.
Global Reach
Learn about our capabilities beyond borders.
CMS United Kingdom
All insights
Leverage our expert analysis, intelligence and thought leadership for your strategic advantage.
Personalised updates
Receive tailored insights and intelligence that apply directly to your business.
Topics in focus View all
Insights by type
CMS Spotlight: join our events and webinars!
CMS News
Stay up to date with our growth, evolution and our many successes.
CMS Press Office
Contact us
For all general enquiries.
About CMS
CMS Careers

Select your region

International Europe Africa Asia-Pacific The Americas Middle East
Legal Update

Murdering a computer is now as serious as murdering a person ... in some cases

20 Apr 2015 United Kingdom 2 min read

This article was produced by Nabarro LLP, which joined CMS on 1 May 2017.

On the 3rd of May 2015 the Computer Misuse Act 1990 will be amended in three important respects:

For acts of computer misuse (essentially: impairing the operation of a computer without authorisation) resulting in material damage or risk of material damage there will be a maximum penalty of life imprisonment. To attract that penalty, the damage must be serious and the risk must be significant. Whether the damage or risk of damage is material falls within four classes: human welfare, the economy, the environment and national security.

The offence carries a mental element meaning that there must have been an intention to carry out the unauthorised act or the person must have acted recklessly i.e. wanton indifference to a clear and obvious risk. For cases involving the environment or the economy the sentence is capped at 14 years imprisonment; for the other two, however, the maximum term is life. Hackers who are UK nationals are not safe even if they act abroad and the effects are felt abroad. As long as the act carried out in the other jurisdiction was a criminal act there, then they can be prosecuted in the UK.

Those acquiring computer damaging software (such as hacking software or virus writing software) will commit an offence by the mere act of acquisition of that software. Their intention in doing so must have been to commit a misuse offence or to assist others to do so. Previously the rule was that the acquisition had to have been made with the intention of supplying the software to others to commit an offence or assist in an offence being committed. The new state of mind is marginally easier to prove.


More insights
Cyber TMT - Technology, Media & Telecommunications Data Protection & Freedom of Information Technology Communications Media

Explore more

Expert Guide International

Data protection and cybersecurity laws in the United Kingdom

38 min read
Event United Kingdom

CMS Update Morning: Media, Sports and Entertainment

29 Apr 2026
Publication United Kingdom

Cyber risk management for senior leadership teams

02 Oct 2025 1 min read
Back to top Back to top
You will now find all Law-Now content on CMS.law
Explore more
Law-Now, RegZone, LEXplicite and Blogtt have moved to CMS.law. Law-Now has moved to CMS.law. RegZone has moved to CMS.law. LEXplicite has moved to CMS.law. Blogtt has moved to CMS.law.
Learn more Learn more Learn more Learn more
If you want to use third party tools, please enable personalisation cookies as part of your cookie preferences. You can change this setting at any time via the button below or in our Cookie Notice.