Question to the Home Office:

To ask the Secretary of State for the Home Department, with reference to proposed changes to the Computer Misuse Act 1990, whether she plans to ensure any potential statutory defence covers cybersecurity researchers who are conducting threat intelligence.

The Government recognises the major role UK cybersecurity professionals play in enhancing and protecting the UK’s resilience against cyber threats, and it is vital that we support them. I acknowledge the strong sentiment regarding Computer Misuse Act 1990 (CMA) reform.

The Government is conducting an ongoing review of the Computer Misuse Act (CMA). It is crucial that any changes brought forward are proportionate, adaptable to evolving techniques, and do not undermine law enforcement’s ability to take action against cyber criminals. Engagement, including with the cyber security industry, is underway to refine the proposal and ensure it includes strong safeguards to prevent misuse.

The Home Office will provide an update on proposals taken forward in due course.