Despite only having been around for a tiny fraction of human history, computers have completely changed the world. They are just so useful, making many tasks much easier. As a result, in just a few decades, many humans across the whole world have developed a peculiar reliance upon them. Computers also tend to hold great fascination for players in a roleplaying game. If the GM notes that there is a computer in a room, it's pretty much guaranteed that at least one PC will begin tinkering around with it sooner or later.
Of course, if the computer belongs to the character and friends, then this is generally fine, but more often than not, it is someone else's and the players are accessing it illegally. This may go even further. In many modern day, future, dark future and sci-fi settings, playing a 'hacker' can be a popular character concept.
So where does the law stand on all of this?
Well, in English law at least, the law is actually quite vague, perhaps mostly because the technology is changing faster than the law can keep out. In the UK, the relevant statute is called the Computer Misuse Act 1990 (think how much things have changed since 1990!). In the US, there is the Computer Fraud and Abuse Act. Both of these are quite similar, and in both cases the prohibited offence is simply using a computer with the intention of accessing unauthorised data. The US statute is more specific on the type of data, but the idea is the same. But note carefully... the crime here is accessing the data, not actually stealing the data.
Herein could almost be a loophole, in the UK anyway. Stealing data would technically fall under the category of theft, but theft in the UK requires the item that is stolen to be tangible. So, someone breaking into a building, using a computer to access secret data and then printing it out could technically be convicted of the breaking and entering, using the computer to access the data, and the theft of a piece of printer paper, but not for the theft of the data itself!
For more up to date methods such as remote access, slave computers and the like, the law has completely fallen behind and the courts are having to make it up as they go.
That's just accessing and stealing data. When it comes to more advanced computer misuse, there are no specific statutory offences to cover the myriad of crimes that could possibly be committed. Instead, other more established and old-fashioned offences are having to be adapted to suit each case that reaches the courts. Take, for example, a current case in the news, that of 'Spam King' Robert Soloway http://news.bbc.co.uk/2/hi/technology/6707333.stm
Whilst there is no specific offence that covers his spamming activities, instead he is being charged with mail theft and identity fraud. If convicted, the precedent may make it easier for other cases to be heard and dealt with.
But what about more malicious computer use such as introducing a virus and causing damage?
There is still no specific statutory offence, not even for the relatively common activity of introducing a harmful virus. Instead this is currently dubiously covered by the Criminal Damage Act in the UK and marginally more specifically in the Computer Fraud and Misuse Act in the US.
Again, these are very vague on the subject, and for each new case, the courts are basically having to just adapt what they have to suit. Don't underestimate the lawyers though. For all their sins, they can be quite creative when it comes to finding some offence that fits the crime, no matter how obscure!
So, hackers beware! While it can be argued that there are legal loopholes that may allow the crafty to get away with a few things, these are gradually being closed up as the law catches up with the technology. But in the (dark) future, will the technology stay ahead or will the law finally catch up? That's up to you.
Next time: 'Things Every Evil Overlord Should Know: The Rule of Law and how to avoid it'
