August 25, 2006 | Glyn Wintle

Denial-of-Service attacks

A Denial of Service (DoS) attack involves deliberately flooding a server such as a web or email server with information until that server collapses, causing difficulties to users, system admins and others dependent on the service. Techies, users, lawyers and even politicians all agree this activity should be illegal, but the law has for some time now been in need of clarification. For example, a judge last November cleared a teenager of charges arising from his sending 5,000,000 emails to a former employer.

In light of this absurd result amendments were introduced to the Computer Misuse Act 1990 by the Police and Justice Bill 2006 with the intention of clarifying the illegality of DoS attacks, these amendments are expected to reach the Statute book in the Autumn. Yet even more absurdly, this amendment was originally drafted so as to possibly outlaw linking to a site from a very popular site (such as Slashdot or BoingBoing), thereby generating a huge spike in traffic. Thankfully Lord Northesk removed this possibility by introducing a test of recklessness during the Lords Committee stage. Lord Northesk really does deserve a hearty pat on the back for all his hard work over many years trying to improve UK computing law.

And just to tidy things up, the disgruntled teen-employee's case was recently considered at the Court of Appeal, where it was decided that the lower court was wrong to throw out the case. The defendant subsequently pleaded guilty to breaking the Computer Misuse Act and was sentenced at Wimbledon Youth Court to a two month curfew. Somewhat ironically, he must also wear an electronic tag.