What's so wrong about hacking an MPs website?

Kemi Badenoch MP
Kemi Badenoch, Conservative MP for Saffron Walden and, bizarrely for an MP with just a few months experience, Conservative Party vice-chairman with responsibility for selecting candidates in the 2022 election today confessed that ten-years ago she hacked into the website of a Labour MP to make changes to that MP’s website to “say nice things about Tories”.

This is a problem for two reasons so far as I can see.

First, we live in a climate where allegations of underhand and barely legal election tactics are thrown about regularly, apparently with some evidence to suggest that they are more than just allegations. Do we really want people in the House of Commons and at the top of the governing party who have confessed to engaging in completely illegal behaviour to influence voters?

Secondly, I mentioned that this sort of thing is illegal because it is a serious offence. It would appear likely that the MP whose website was hacked was Harriet Harman, then deputy leader of the ruling Labour Party. The BBC reported on the 25th April 2008 that her site had been hacked and altered to announce her defection to the Conservative Party. The hacker also used the opportunity to call on Labour voters to support Boris Johnson in the Mayoral election that was held a week later, on the 1st May 2008. I do not know whether that was the hack in question and so I shall not address that matter any further.

What I can say is that where somebody gains unauthorised secure access to any program or data and he or she knows that the access is unauthorised then an offence is committed under section 1 of the Computer Misuse Act 1990. The offence can be tried either at the magistrates’ court or in the Crown Court where the maximum penalty is two-years imprisonment.

Section 3 of the same Act creates a different offence for people who do any unauthorised act in relation to a computer, which the person knows to be unauthorised and by doing that act the person intends to prevent or hinder access to any program or data held in any computer or to impair the reliability of any such data. To my mind, that would seem to accurately describe the act of hacking into a website to change the data, which prevents or hinders access to the data by users and impairs the reliability of data obtained from the website. This offence can also be tried in either the magistrates court or Crown Court; however, the maximum penalty is ten-years imprisonment!

In R v Crosskey (Gareth) [2012] EWCA Crim 1645 the defendant was convicted of offences under both sections 1 and 3 of the Misuse of Computers Act 1990 after he managed to gain access to a Facebook account belonging to Selena Gomez for three days. Crosskey claimed throughout that he had taken control of the account to demonstrate Facebook’s weak security; however, he also made threats to disclose personal information from the account. On appeal. Crosskey’s sentence was reduced from 18 months to 8 months for the section 3 offence and 6 months was reduced to 4 months imprisonment for the section 1 offence.

The Court of Appeal held that 9-months imprisonment was the correct sentence for Victor Lindesay (R v Lindesay [2001] EWCA Crim 1720) who accessed three websites of a former employer to delete certain data with the aim of causing inconvenience.

Ms Badenoch made her confession after she was asked what the naughtiest thing she ever did was. With hindsight, maybe Theresa May’s approach of confessing to really innocuous and boring things like running through hayfields wasn’t a bad plan after all.


Popular posts from this blog

How do the police decide whether to charge a suspect?

Driving without insurance

National Identity Cards