Draft EU Law Proposes 2 Year Minimum Sentence for Hackers
The changes could see tougher laws introduced in the UK and across the EU
A draft EU-wide law would see a minimum two-year jail sentence for those convicted of compromising IT systems.
The proposed directive, which was backed by 50 votes at the European Parliament’s Civil Liberties Committee compared to one against, would mean the UK would no longer rely on the Computer Misuse Act that currently has a maximum sentence of two years for a single breach of systems.
It would also see the minimum sentence pushed up to five years where there are “aggravating circumstances” such as wide-scale attacks using botnets, or those that cause serious damage.
“We are dealing here with serious criminal attacks, some of which are even conducted by criminal organisations,” said European Parliament rapporteur Monika Hohlmeier.
“The financial damage caused for companies, private users and the public amounts to several billions each year. No car manufacturer may send a car without a seatbelt into the streets. And if this happens, the company will be held liable for any damage. These rules must also apply in the virtual world.”
Hohlmeier wants the European Parliament and Council to reach an agreement on the proposals by the summer.
Cyber crime centre
Meanwhile, the European Comission is to propose establishing a cyber crime centre to inform EU-wide investigations and support the Europol police agency. It is expected the facility will open in 2013.
Arbor Networks said it was in support of the centre, but had concerns about industry collaboration.
“In Arbor’s Worldwide Infrastructure Report published last month, it was revealed that almost three quarters (74 percent) of respondents do not refer security incidents to law enforcement. This figure, which appears to be caused by factors such a low level of confidence that something will be done, lack of resource within companies and general company policy – is a concerning one,” said Jeremy Nicholls, Arbor’s European channel director for EMEA.
“We believe that the EU’s move towards creating this centre is a step in the right direction, but there needs to be a coordinated effort across the industry to really make this work.”
The UK itself set up three regional cybercrime hubs last month, which will support the Metropolitan Police e-Crime Unit (PCeU) in tackling malicious hackers.
How much do you know about security? Test yourself with our quiz.