British Teen Cleared in "E-mail Bomb" Case

legaleagll writes "According to this article , a British Judge has ruled that a teen who sent approximately 5,000,000 e-mails to his former employer was not in violation of the U.K.'s Computer Misuse Act. It appears that the Computer Misuse Act is a bit outdated being that it was created 15 years ago when a number, perhaps most, of the current methods for misuse of computers were not contemplated."

Your Rights Online?

[goofyheadedpunk]

At first I was a bit confused as to why this was posted in the your rights online section, until I considered this case from the point of view of the poor bastard that got blasted by the former employee. Denial of service attacks have been around quite some time before 1990. If UK law doesn't considered this sort of computer act to be illegal what else isn't? What is illegal?

Re:Proof...

[woolio]

I think its the letter of the law that confuses people.

If 1000 people camped out in the middle of a public road in front of the entrance to a company, would they be breaking a crime by not allowing people to enter/exit? In essence, they would be executing a "denial of service" attack to the companies road.

Or what if a few 18-wheelers decided to park in the middle of an interstate to block it. This is also a DOS attack.

What if 1 million people concertedly & simultaneously dialed 911 for "testing purposes" once a month. This would also be a DOS attack.

In each case different laws might be violated but the principle is the same: resources are being purposely mis-used in order to deprive others of them.

Now a question arises: is the Internet a public utility or just a privately owned network? IANAL, but the latter would seem to make the Britisher's offsense a Civil one, not a Criminal one.

Re:Time for a new server.

[Anonymous Coward]

I'am wondering if this helps my case in any way. I stand trial in the Netherlands because I informed a spammer I dodn't like there e-mails. Quite often, 70.000 times according to the spammer, but I think rule #1 is in effect. p.s. In the Netherlands initials are used when newspapers report about suspects, my initials are actually A.C.

Re:Only 5 million emails and the server crashed?

[richi]

Assume you posted these all at 2 am at night, at 8 the next morning all 30 people get to work and check their emails all at about the same time. Ouch

Well we don't know what mail server they were using, but that would be a problem with some popular servers that don't properly keep single copies of messages sent to multiple recipients CoughExchange5.5Cough. When I worked on OpenMail (now Scalix [scalix.com]) this sort of load would have been no problem for a small server with a few thousand users.

It's a question of minimizing the disk I/O -- or more importantly minimizing the amount that the disk heads need to move.

Re:spam

[twoshortplanks]

I don't think any *criminal* act was carried out here. This doesn't mean the company couldn't sue for loss of earnings or disruption to buisness. It's just not something the Crown can prosecute for. Of course, that's my best guess. I'm no law expert.

Re:Time for a new server.

[Anonymous Coward]

"Thus, they'll spend $2,000 on a server rather than $25/mo on a managed solution because they can pet the box"

Of course, some people like a bit of local control over what's going on with their data. Sign up with a $25/mo "solution", spend a few hours studying their non-negotaible Terms of Service, hope they don't go bankrupt, get bought out, etc.