Off Topic: UK spammer gets two months in bedroom
A UK teenager pleaded guilty on Wednesday to breaking the Computer
Misuse Act by crashing the email server of his former employer.
David Lennon, 18, was then sentenced to a two-month curfew by a judge in the Wimbledon Magistrates court.
Lennon had originally been cleared of the charges in November 2005,
after another judge ruled that it wasn't an offence to overwhelm an
email server with millions of messages. This ruling was later
challenged by the Crown Prosecution Service. In May 2006, the case was
sent back to the Magistrates Court.
On Wednesday morning, the judge ruled that Lennon should be subject
to a curfew, which means he must stay at home between the hours of
12.30am and 7am on weekdays, and between 12.30am and 10am on weekends.
If he breaks this curfew, he risks a more serious sentence.
The curfew has been timed so as not to interfere with Lennon's work
at a local cinema. The judge said it was a "happy coincidence" that it
will end the day before Lennon starts college in September.
The prosecution dropped its demand that Lennon should pay costs
amounting to £29,000, which arose from his attack on Domestic &
General Group in which 5 million emails crashed its servers.
The defence argued that Lennon should receive a conditional
discharge, given the confusion over whether the Computer Misuse Act
outlawed the sending of masses of emails. The judge, though, argued
that this was inappropriate.
"Even given his age at the time, this was a grave offence and caused
serious damage, so I need to impose something to make him think again,"
the judge told the court.
The Computer Misuse Act, which was introduced in 1990, explicitly
outlaws the "unauthorised access" and "unauthorised modification" of
computer material. Section 3, under which he was charged, concerns
unauthorised data modification and tampering with systems.
Lennon's original case was heard by a district judge, who ruled that
massive amounts of email did not violate the Computer Misuse Act
because email servers were set up to receive emails. As such, each
individual email could be ruled to make an "authorised modification" to
the server.
The Computer Misuse Act is now seen as insufficient to combat the
rise of cybercrime such as denial-of-service attacks. A series of
amendments are being introduced by the government to update it.
Colin Barker
August 24, 2006
Source: CNET.co.uk