A new bill currently in the drafting stage that would introduce new offences relating to computer hacking has been criticised by the Joint Committee on Human Rights (JCHR).
The proposals for new computer misuse laws are contained in the Serious Crime Bill, and seek to prevent what is described as damage to the environment or any country’s economy or national security.
Certain offences would be punishable by life imprisonment.
The issue of digital security has reached the foreground over the past few years, with data leaks and high-profile security breaches resulting in calls for more legal protection for governments and corporations.
However, the JCHR has said further explanation of what constitutes a criminal offence under the Bill is required before it becomes law.
“We do not doubt the need to ensure that the criminal law provides adequate protection against cyber-attacks on critical infrastructure,” the JCHR said in a report.
“We doubt, however, whether the concepts of ‘damage to the environment’, ‘damage to the economy’ or ‘damage to national security’ are sufficiently certain in their meaning to justify their inclusion as an ingredient of a criminal offence carrying maximum sentences of 14 years and life imprisonment.”
If enacted, the bill would amend the existing Computer Misuse Act and introduce stiffer penalties for computer hacking. It would mean that hacking into a computer in the knowledge that such action is unauthorised and has the potential to create a significant risk would be a criminal offence. This includes hacking that causes “loss to human life, human illness or injury.”
“The broad and vague definition of the new offence of computer misuse appears to be without precedent, and the Bill therefore appears to cross a significant line by using these unsatisfactory concepts in the definition of a serious criminal offence carrying a lengthy sentence. We recommend that the Bill be amended to remove these particular elements of the new computer hacking offence,” the JCHR said.