[Home] [Databases] [World Law] [Multidatabase Search] [Help] [Feedback] | ||
England and Wales High Court (Administrative Court) Decisions |
||
You are here: BAILII >> Databases >> England and Wales High Court (Administrative Court) Decisions >> Director of Public Prosecutions v Lennon [2006] EWHC 1201 (Admin) (11 May 2006) URL: http://www.bailii.org/ew/cases/EWHC/Admin/2006/1201.html Cite as: [2006] EWHC 1201 (Admin) |
[New search] [Printable RTF version] [Help]
QUEEN'S BENCH DIVISION
DIVISIONAL COURT
Strand London WC2 |
||
B e f o r e :
MR JUSTICE JACK
____________________
DIRECTOR OF PUBLIC PROSECUTIONS | Appellant | |
-v- | ||
DAVID LENNON | Respondent |
____________________
Smith Bernal Wordwave Limited
190 Fleet Street London EC4A 2AG
Tel No: 020 7404 1400 Fax No: 020 7831 8838
(Official Shorthand Writers to the Court)
MR TOM ALLEN (instructed by Messrs Tuckers Solicitors, Manchester M2 3HZ) appeared on behalf of the Respondent
____________________
Crown Copyright ©
LORD JUSTICE KEENE: I shall ask Mr Justice Jack to give the first judgment.
"(1) A person is guilty of an offence if—
(a) he does any act which causes an unauthorised modification of the contents of any computer; and
(b) at the time when he does the act he has the requisite intent and the requisite knowledge.
(2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing—
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in any computer; or
(c) to impair the operation of any such program or the reliability of any such data.
(3) The intent need not be directed at—
(a) any particular computer;
(b) any particular program or data or a program or data of any particular kind; or
(c) any particular modification or a modification of any particular kind.
(4) For the purposes of subsection (1)(b) above the requisite knowledge is knowledge that any modification he intends to cause is unauthorised.
(5) It is immaterial for the purposes of this section whether an unauthorised modification or any intended effect of it of a kind mentioned in subsection (2) above is, or is intended to be, permanent or merely temporary."
"(7) A modification of the contents of any computer takes place if, by the operation of any function of the computer concerned or any other computer—
(a) any program or data held in the computer concerned is altered or erased; or
(b) any program or data is added to its contents;
and any act which contributes towards causing such a modification shall be regarded as causing it.
(8) Such a modification is unauthorised if—
(a) the person whose act causes it is not himself entitled to determine whether the modification should be made; and
(b) he does not have consent to the modification from any person who is so entitled."
(1) section 3 was intended to deal with the sending of malicious material such as viruses, worms and Trojan horses which corrupt or change data, but not the sending of emails;
(2) as D&G's servers were configured to receive emails, each modification occurring on the receipt of an email sent by Mr Lennon was unauthorised.
"But if an individual, by misusing or bypassing any relevant password, places in the files of the computer a bogus e-mail by pretending that the password holder is the author when he is not, then such an addition to such data is plainly unauthorised, as defined in section 17(8); intent to modify the contents of the computer as defined in section 3(2) is self-evident and, by so doing, the reliability of the data in the computer is impaired within the meaning of section 3(2)(c)."
The basis of the statement that such an email is unauthorised is that it enters the computer by a false pretence and so is bogus, in that it purports to come from somebody other than the actual sender. That conclusion was plainly justified on the facts of that case. I consider that the same analysis is also applicable to the circumstances here because D&G gave no implied consent to the receipt of malicious emails purporting to come from its Human Resources Manager. But I would not necessarily be of the view that in all circumstances an email purporting to come from one person but coming from another is to be treated as unauthorised. For example such an email might be sent as a joke with no malicious intent, and then it could be argued that it was covered by the implied consent of the computer's owner. The answer would depend upon the circumstances, and I express no view upon it.