The latest statistics released by the Ministry of Energy, Telecommunications and E-Commerce show that 90 percent of Bermuda's homes have a computer and 84 percent have Internet access – one of the highest rates in the world. Bermuda's students use computers everyday, from simple tasks such as writing essays or doing research to recording music and movies, running websites and writing new computer programmes.

For those particularly gifted with today's technology, the lure of pitting their skills against professionals in the information technology (IT) industry can be difficult to resist. 'Hacking' is the generic term for gaining, or attempting to gain, unauthorised access to a computer. Some people see hacking as a talent that needs nurturing, others view it as an inherently dishonest pursuit. It can be a difficult distinction to draw – where is the line between harmless fun and criminal mischief?

The Computer Misuse Act 1996 (the "Act") sets out three separate criminal offences in connection with the unauthorised use and modification of computer material. A person commits an offence under the Act if he causes a computer to perform any function with the intent to secure unauthorised access to any programme or data. The scope of this offence is wide, encompassing hacking, or seeking to gain unauthorised access to a computer or its data, and, for persons who have access to a computer, simply going beyond the limits of their authorised use.

'Securing access' to a programme or data is defined as causing a computer to perform a function that alters, deletes, copies, moves or uses the programme or data. For example, think of a computer virus, the development and dissemination of which most can agree is wrong. Another example, which can be a grey area, is where a person is able to gain access to a database and copy or alter the details contained therein. When a person has the technical ability to beat a system, their achievement is often applauded to the same degree that it is admonished.

On the other hand, there are those who access other computers for more sinister reasons. The second offence under the Act is aimed at those with sinister motives; it is an offence to gain unauthorised access to data or a programme with the intent to commit a further, more serious offence. To fall under the ambit of this part of the Act, the further offence must be one that is punishable on conviction on indictment by a term of imprisonment not less than two years. It is important to note that the intention to commit such an offence is sufficient to warrant being charged. Such offences may include theft of credit card and personal data.

The third offence is the unauthorised modification of computer material, where such modification is made with the intention to impair the operation of the computer or any programme, hinder access to any programme or data – and where the person knows that such modification is unauthorised. A modification can be an alteration, deletion or addition to a programme, and an offence is committed whether the modification is permanent or temporary.

The Act has been in effect in Bermuda for 12 years, and to date, there has only been one Supreme Court judgment in connection with it; however the main purpose of that judgment was an appeal on an unrelated point of law.

In his judgment in Rayner v Lacey [2003] Bda L.R. 58, Kawaley J gave an indication of the Court's view on prosecutions for the offence of gaining unauthorised access to computer material, stating: "A more discriminating approach should be adopted when exercising the discretion to prosecute, particularly in cases where the time and resources required to prosecute a complaint are disproportionate to the actual damage caused, where a civil remedy exists and there is no obvious public interest to be served by a criminal prosecution".

During the reading of the United Kingdom's Computer Misuse Bill, the House of Lords debated the ability to secure convictions against persons for offences under the legislation, offences that often have unwitting victims.

The Lords accepted that convictions would indeed be difficult to obtain, however they hoped that the legislation would sufficiently deter potential hackers from attacking vital technology-reliant industries.

While some may view hacking as a harmless enterprise necessary to advance both the skills of the future IT experts and computer technology itself, in a society increasingly reliant on e-commerce, the protection of sensitive information available to those with the skill to find it must remain a priority.

Attorney Christopher Brough is a member of the Corporate and Commercial Practice Group at Appleby. A copy of Mr. Brough's column can be obtained on the Appleby website at www.applebyglobal.com. This column should not be used as a substitute for professional legal advice. Before proceeding with any matters discussed here, persons are advised to consult with a lawyer.