The Consumer Protection from Unfair Trading Regulations 2008 413Regulation 9 requires producers and distributors who know that they have placed an
unsafe product on the market or supplied an unsafe product to notify the authorities in
writing. If the risk is serious they must identify the product, fully describe the risk, give all
information needed to trace the product and describe the action they have taken to prevent
risks to the consumer.
Regulation 29 sets out the standard defence of due diligence. Regulation 31 sets out a
by-pass procedure.
Local authority enforcement authorities are given very wide powers, including issuing
suspension notices, withdrawal notices and recall notices. They can require that products
are marked or warnings are issued. Products can be forfeited and test purchases can be
made. Authorities are also given the power to enter premises and carry out searches.
The Computer Misuse Act 1990
The Computer Misuse Act 1990 was passed to deal with computer hacking. Since 1968, the
Theft Act could deal adequately with computer crime where money was stolen or where
property was obtained by deception. However, no statute dealt with computer hacking,
that is to say with merely accessing another’s computer system without that person’s
express or implied permission. The need for a new statute was made plain by the House
of Lords decision in R vGold (1988). In that case two journalists gained access to BT’s
computer network and altered some data. One of the journalists also gained access to the
Duke of Edinburgh’s PC and left the message: ‘GOOD AFTERNOON, HRH DUKE OF
EDINBURGH.’ The journalists, who claimed to have acted to demonstrate how easy hack-
ing was, were charged with an offence under the Forgery and Counterfeiting Act 1981. The
House of Lords held that the defendants had committed no offence under this Act and so
the need for new legislation was made apparent.
The unauthorised access offence
Section 1(1) of the Computer Misuse Act makes hacking a criminal offence. The offence does
not require that the defendant succeeds in securing unauthorised access, it is enough that
he intends to do this. The maximum prison sentence is six months.
Intent to commit a further offence
The more serious s. 2 offence is committed by committing the s. 1 offence with the intention
of committing, or facilitating the commission of murder or a further offence which carries a
sentence of at least five years’ imprisonment.
There is no requirement that the further offence should be committed at the same time
as the s. 1 offence. Indeed, the s. 2 offence can be committed even though it was impossible
to commit the further offence. The sentence for the s. 2 offence is five years’ imprisonment.
So the s. 2 offence will not generally be used where the defendant succeeds in committing
the further offence, because the defendant could anyway be sentenced to at least five years
for having committed that offence. The s. 2 offence is therefore useful when the defendant
does not succeed in committing the further offence. For example, it would be useful where
a defendant hacked into a computer to try and commit blackmail, but failed so abysmally
that he could not be convicted of blackmail or attempted blackmail.
Unauthorised modification of computer material
Section 3 makes it an offence to modify computer material without authorisation. The
following points should be noted.