The law concerning the use of technology to conduct criminal activity has developed greatly in recent years, in part in response to the volume and sophistication of crimes involving technology.
The law concerning cyber security is evolving into a very sophisticated framework of rules and regulations, which can be difficult to navigate without a specialist solicitor. MacRoberts has experience in assisting clients across a number of sectors in dealing with cyber security.
What is cyber security?
Cyber security is the protection of computer systems from unauthorised access or from being rendered inaccessible. In a modern society, networks of computers are essential in providing a variety of services which are necessary for our everyday lives. The reliance we place on these systems results in severe disruption when things go wrong.
Why is it relevant to your business?
UK data protection law requires organisations to ensure they have the correct technical and organisational measures in place to ensure the security of personal data. Organisations are also subject to data breach reporting requirements under certain circumstances. Failure to implement appropriate security measurs can result in significant enforcement action being taken by the ICO, including the imposition of fines. This is demonstrated by the ICO's decision to fine British Airways £20m for a data breach affecting over 400,000 customers.
Whilst UK data protection laws focus on personal data, the Network and Information Systems Regulations 2018 focus instead on the security of IT systems. The NIS Regulations apply to operators of essential services (OES), such as energy, transport, health, water and digital infrastructure and to relevant digital service providers (RDSP), such as online marketplaces, search engines and cloud services. They impose cyber security and incident reporting requirements on the relatively small number of organisations whose activities are caught by their reach.
How can we help?
Our cyber security solicitors can advise you on how to comply with the foregoing requirements to ensure your business is not at risk, including:
- Cyber Risk Assessment and Due Diligence processes
- Incident response
- Contractual undertakings
- Transaction/project work
What is cyber crime?
Cyber crime is any kind of criminal activity that is committed with the use of a computer. This makes cyber crime and cyber security a potentially vast area of law, with greatly varying offences including hacking, fraud, harassment and espionage.
How can it impact my business?
Cyber crime, such as DDoS attacks, is not limited by borders and investigation of such offences may involve a number of international agencies. The main regulator of cyber crime in the UK is the National Cyber Crime Unit of the National Crime Agency. This agency investigates, prosecutes and polices instances of cyber crime and breaches of cyber security across the UK.
The Computer Misuse Act 1990 is most commonly applied to cyber crime in the UK. The main cyber crime offences that we see in relation to corporate offences are:
- Unauthorised access to computer material
- Unauthorised access with intent to commit or facilitate a crime
- Unauthorised modification of computer material
- Making, supplying or obtaining information which can be used in computer misuse offences
These offences are also very broad, and if you are caught assisting in cyber crime at any stage of the process, you may be held liable for committing an offence. The offence of ‘making, supplying or obtaining information which can be used in computer misuse offences’ is designed to catch individuals or organisations which create viruses or spyware designed to be released into a computer network.
The penalties for cyber crime depend on the crime’s severity. Under the Misuse of Computers Act, the lowest offence carries a maximum penalty of six months’ imprisonment in addition to a fine. All other cyber crime offences can attract up to five years in prison and, in certain circumstances, an unlimited fine.
Cyber Crime Legal Advice & Criminal Defence Scotland
Cyber crime is a fast moving area of law. If you have been affected by cyber crime in any way, it is crucial that you contact a specialist team of cyber crime lawyers to handle your case.
Our team has specialist knowledge and experience in dealing with cyber crime cases and can navigate the complex rules and regulations in this area. We have many years of experience in advising our clients who have been involved in cyber crime investigations, and we can offer expert representation at all stages should you require it.