Doormat-ologist needed

David Biggins David_Biggins at usermgmt.com
Thu Sep 9 15:52:30 BST 2010 

> -----Original Message-----
> From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
> bounces at chiark.greenend.org.uk] On Behalf Of Peter Fairbrother
> Sent: 08 September 2010 04:38
> To: cb at qualia.co.uk; UK Cryptography Policy Discussion Group
> Subject: Re: Doormat-ologist needed
> 
> RIPA section 2(2) says that an interception can only be of a
> communication "while being transmitted". Section 2(7) says:

All true.  

But BT's voicemail system is not simple tape - it is a computer system.

Which surely brings into play the CMA:

1.  Unauthorised access to computer material.- 
(1) A person is guilty of an offence if-
(a) he causes a computer to perform any function with intent to secure
access to any program or data held in any computer [F2 , or to enable
any such access to be secured] ;
(b)the access he intends to secure [F3 , or to enable to be secured,] is
unauthorised; and
(c)he knows at the time when he causes the computer to perform the
function that that is the case.

Further, reading the recordings changes the "marked as read" state,
meaning that the intended recipient is likely not to actually receive
them, so:

3.  Unauthorised acts with intent to impair, or with recklessness as to
impairing, operation of computer, etc.
(1) A person is guilty of an offence if-
(a)he does any unauthorised act in relation to a computer;
(b)at the time when he does the act he knows that it is unauthorised;
and
(c)either subsection (2) or subsection (3) below applies.
(2) This subsection applies if the person intends by doing the act-
(a)to impair the operation of any computer;
(b)to prevent or hinder access to any program or data held in any
computer;
(c)to impair the operation of any such program or the reliability of any
such data; or
(d)to enable any of the things mentioned in paragraphs (a) to (c) above
to be done.
(3) This subsection applies if the person is reckless as to whether the
act will do any of the things mentioned in paragraphs (a) to (d) of
subsection (2) above.

So whether or not "interception" took place, certainly unauthorised
access, and possibly reckless impairment took place.

Possibly worth a prosecution, I'd have thought.

D.

More information about the ukcrypto mailing list