back to article EU crackdown will see tougher sentences for stupid cyber-badhats

The European Parliament has agreed to toughen criminal penalties across the EU for cyber attacks, especially any that threaten national infrastructure or are deemed to be aimed at stealing sensitive data. The new directive forces the 28 member states to impose national maximum sentences of at least two years in prison for …


This topic is closed for new posts.
  1. Steen Hive

    Attack on critical infrastructure

    What the fuck is PRISM then? Ludo?

  2. Brenda McViking

    Give the toddler a bigger firearm

    So far, EU cyber law enforcement includes trying to lock someone up for a joke on twitter, trying to extradite Aspergers sufferers to corrupt regimes who exercise capital punishment, trying to jail 9 year-old girls for downloading pop music, and jailing those who provide a search engine capable of throwing up allegedly copyrighted material which technically is no worse than google.

    I guess if the MBTA subway hack happened here with these new laws, they'd also get the book thrown at them. National transport infrastructure - check. cyber attack - check. Automatic minimum 5 year jail-time - check. Never mind that the guys responsible were security researchers showing flaws in security for the public interest...

    How about they first prove they can apply the law properly - maybe then we can trust them with stronger deterrents. Until then, this move is idiotic, and bordering on dangerous.

    1. Yet Another Anonymous coward Silver badge

      Re: Give the toddler a bigger firearm

      It's a good idea - as long as it apples to everyone.

      Would be interesting to watch German police marching into Westminister to arrest Hague because GCHQ stored data on Germans.

    2. Matt 21

      Re: Give the toddler a bigger firearm

      While I agree that the cases you highlight show that current laws or application of them are flawed, none of them are specifically European laws, they were all national laws.

      The twitter prosecutions were made under English law, the extradition was attempted under a UK/US extradition treaty etc.

  3. h3

    The problem is companies not being professional in how they deal with personal data but there is a lack of anything of any substance aimed at them.

  4. Anonymous Coward
    Anonymous Coward

    Good Job

    It's a good job we have all these tough sentences, it keeps the prisons empty as nobody commits crimes for fear of going to jail.

  5. AndyBeans

    Financial costs?

    "...cyber intrusions that result in financial costs..." What about companies that claim the costs of subsequently, properly securing their networks were "caused" by the hackers? Has the EU wised up to that one yet?

  6. Graham Marsden

    And what about...

    ... the tougher sentences for those in big institutions (corporate or governmental) who manage to leave laptops on the train or fail to secure data so it can be hacked by skiddies?


  7. Anonymous Coward
    IT Angle

    Attack against critical infrastructure

    "if the attack is against a critical infrastructure network, like a power plant, transport or government network, the maximum penalty jumps to at least five years"

    What's the penalty for connecting your 'critical infrastructure` to the Internet?

  8. WatAWorld

    Impose Maximum or Minimum Sentences?

    Typically "getting tough" means imposing a minimum sentence -- anyone convicted must serve at least the minimum sentence.

    Imposing a maximum sentence means that the convicted criminal could receive any sentence less than that maximum, including no jail time at all, no parole at all, even an absolute discharge.

    1. Suricou Raven

      Re: Impose Maximum or Minimum Sentences?

      Neither. The directive is for a minimum maximum. Confusing, I know.

      What it means is that all members must have a maximum sentence for the covered 'cyber' crimes that is at least two years, or five for infrastructure.

      That doesn't mean members have to sentence everyone convicted to five years - it means they are required to give judges the option of at least that sentence. Judges are free to sentence to less, and individual countries are free to set a maximum higher than the directive requires.

      So in most situations, this isn't going to change anything. The only times it'll have any effect are when someone either commits a crime serious enough to earn a sentence higher than the a previous maximum since increased by this directive, or when someone upsets the Powers That Be in government and earns themselves a 'throw the book' order whispered in the prosecution's ear

  9. Anonymous Coward
    Anonymous Coward

    Too Late

    The crims win.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019