Computer Use and Misuse: the Constellation of Control
Total Page:16
File Type:pdf, Size:1020Kb
Computer use and misuse: the constellation of control Stefan Frederick Fafinski Submitted in accordance with the requirements for the degree of Doctor of Philosophy The University of Leeds School of Law September 2008 The candidate confirms that the work submitted is his own and that appropriate credit has been given where reference has been made to the work of others. This copy has been supplied on the understanding that it is copyright material and that no quotation from the thesis may be published without proper acknowledgement. Acknowledgements This study was funded by the Centre for Criminal Justice Studies at the University of Leeds from 2005 – 2008. I will remain indebted for some considerable time to Professor Clive Walker for his meticulous and thorough guidance as well as his thought- provoking and robust comments on a multitude of earlier drafts. I should also like to extend my grateful thanks to Professor David S. Wall for his insight and support. This thesis is for Emily. SF Wokingham September 2008 ii Abstract This study is concerned with the nature of computer misuse and the legal and extra- legal responses to it. It explores what is meant by the term ‘computer misuse’ and charts its emergence as a problem as well as its expansion in parallel with the continued progression in computing power, networking, reach and accessibility. In doing so, it surveys the attempts of the domestic criminal law to deal with some early manifestations of computer misuse and the consequent legislative passage of the Computer Misuse Act 1990. Having outlined the new criminal offences introduced by the 1990 Act, the study examines the extent to which the 1990 Act has been effective in controlling computer misuse, taking both prosecution rates and issues of judicial interpretation into account. It further examines the amendments made to the 1990 Act by the Police and Justice Act 2006 and their potential ramifications when they come into force. Having considered the position at domestic criminal law, the study turns to assess whether the solution to the effective regulation of computer misuse requires more than just the domestic criminal law. It explores the characteristics and purpose of the criminal law in the context of computer misuse and examines whether the domestic criminal law has limitations. The study then introduces theories of risk from realist, cultural and symbolic, ‘risk society’ and governmentality perspectives before considering the idea of a governance network as a means of responding to risk. It examines computer misuse and the role of the domestic criminal law in the light of these theories. Having established the theoretical governance framework, the study then explores the role of the law in general within this framework, examining potential new nodes of governance from the European Union, Council of Europe, Commonwealth, United Nations and Group of Eight. It considers whether there might be advantages in moving beyond the domestic criminal law in the response to computer misuse. The study then broadens the discussion of potential means of governance beyond the law to encompass extra-legal initiatives. It establishes a typology of these extra-legal initiatives and examines the contribution made by each to the governance of computer misuse. Finally, this study concludes with an examination of the complex governance network built up throughout the work and considers whether the regulation of computer misuse is only viable in a global networked society by a networked response combining nodes of both legal and extra-legal governance. iii Table of contents Acknowledgements........................................................................................................ i Abstract ........................................................................................................................ ii Index of tables............................................................................................................viii Index of figures............................................................................................................ ix Table of cases ............................................................................................................... x Court of Justice of the European Communities and Court of First Instance............. x European Court of Human Rights ............................................................................ x United Kingdom ...................................................................................................... xi United States of America ....................................................................................... xiii Hong Kong ............................................................................................................ xiii Table of legislation .....................................................................................................xiv European Union ......................................................................................................xiv Treaties and agreements......................................................................................xiv Regulations.........................................................................................................xiv Directives ............................................................................................................xiv Framework Decisions...........................................................................................xv Council Decisions ................................................................................................xv European Commission documents .......................................................................xv United Kingdom .....................................................................................................xvi Acts of Parliament ..............................................................................................xvi Statutory instruments.........................................................................................xvii Bills ....................................................................................................................xvii United States.........................................................................................................xviii Hong Kong ...........................................................................................................xviii Council of Europe.................................................................................................xviii United Nations .....................................................................................................xviii Table of abbreviations ............................................................................................... xix 1 Introduction................................................................................................................1 1.1 Central thesis and contribution to knowledge ...................................................2 1.2 Principal research questions and chapter structure.............................................2 1.3 Methodology.....................................................................................................4 1.3.1 Documentary research.................................................................................4 1.3.2 Fieldwork approach ....................................................................................4 1.3.3 Form of interview .......................................................................................5 iv 1.3.4 Interview guide ...........................................................................................6 1.3.5 Sampling strategy ........................................................................................8 1.3.6 Analysis..................................................................................................... 11 1.3.7 Research ethics ......................................................................................... 12 1.3.8 Informed consent...................................................................................... 13 1.3.9 Confidentiality and data protection.......................................................... 13 1.4 Terminology.................................................................................................... 14 Part 1 Constructing the problem of computer misuse ............................................... 19 2 The emergence of the problem of computer misuse .................................................. 20 2.1 A brief history of computing ........................................................................... 20 2.1.1 Key advances in computing....................................................................... 20 2.1.2 The growth of networked computing ....................................................... 23 2.1.3 Knowledge gap.......................................................................................... 24 2.2 Manifestations of computer misuse................................................................. 25 2.3 Pre-1990 regulation .......................................................................................... 28 2.4 The genesis of the Computer Misuse Act 1990 ................................................ 34 2.4.1 The Scottish Law Commission.................................................................. 34 2.4.2 The Law Commission of England and Wales............................................. 36 2.4.3