A British teenager has been cleared of launching a denial-of-service attack against his former employer, in a ruling that delivers another blow to the U.K’s Computer Misuse Act.
At Wimbledon Magistrates Court in London, District Judge Kenneth Grant ruled Wednesday that the teenager had not broken the CMA, under which he was charged. The defendant, who can’t be named for legal reasons, was accused of sending five million e-mail messages to his ex-employer that caused the company’s e-mail server to crash.
The teenager greeted the news with relief, although an appeal by the prosecution is still possible. “I feel very happy. This has been going on for two years. At the moment, this is no longer hanging over my head,” the teenager told ZDNet UK.
The CMA, which was introduced in 1990, does not specifically include a denial-of-service attack as a criminal offense, something some members of the U.K. parliament want changed. However, it does explicitly outlaw the “unauthorized access” and “unauthorized modification” of computer material. Section 3 of the act, under which the defendant was charged, concerns unauthorized data modification and tampering with systems.