Cyber-Up Campaign welcomes Chancellor’s Budget commitment to Computer Misuse Act Reform

The CyberUp Campaign has today welcomed the Government’s commitment to introducing a statutory defence as part of expected reform of the outdated Computer Misuse Act 1990 (CMA). During his anticipated Spring Budget Statement, the Chancellor committed to implementing all nine recommendations made by Sir Patrick Vallance as part of his review of Digital Technology Regulation. The Review’s recommendation for cyber security was the inclusion of a statutory public interest defence in the CMA.

The review, published alongside the Budget yesterday, recommends “amending the Computer Misuse Act 1990 to include a statutory public interest defence that would provide stronger legal protections for cyber security researchers and professionals, and would have a catalytic effect on innovation in a sector with considerable growth potential.” The introduction of a statutory defence is just one of nine recommendations made in the review. During his statement to parliament yesterday, the Chancellor, Rt Hon Jeremy Hunt MP, said he is “accepting all nine of the digital technology recommendations made by Sir Patrick Vallance in the review I asked him to do in the Autumn Statement.”

The review also acknowledges the ongoing Home Office consultation on reform. The review references a July 2022 DCMS data breaches survey[1] which found that in the preceding year, 39% of businesses reported a cybersecurity breach or attack, which “illustrates the gravity of the threat such attacks pose to our economic and national security.” It also highlighted other countries with more permissive regimes such as France, Israel, and the United States and stated that reform would allow “the UK’s cyber industry to compete on a level playing field.”

Ollie Whitehouse, representative of the CyberUp Campaign said:

”The introduction of a statutory public interest defence is a key part of any reform of the Computer Misuse Act. I am therefore delighted to hear the Chancellor in his Budget commit to implementing recommendations in Sir Patrick Vallance’s Digital Technology Regulation Review which include the introduction of such a defence.

We agree that the potential benefits of reform include catalysing growth of the cyber security industry within the UK and ensuring the sector is able to compete on a level playing field internationally. Reform will enable the UK to face the cyber threats of the future.

CyberUp’s coalition of parliamentary and industry supporters will continue to work with the Government during the live consultation and programme of work. We hope they will move forward quickly with proposals.”

[1] https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2022/cyber-security-breaches-survey-2022