So…. did The BBC break the law when it bought and implemented a 22,000-strong botnet as part of its Click news reporting?
Nick Farrell of IT Examiner reports that Sophos’ Graeme Cluely suggests that they did because the UK Computer Misuse Act makes it an offense in the United Kingdom to access another person’s computer, or alter data on their computer, without the owner’s permission. Mel Morris of PrevX, the security firm working with The BBC, defended its participation in the Click program, but his argument did not seem to be based on law as much as on the failures of PC security vendors to do an adequate job protecting security.
So far, there’s no statement on the Information Commissioner’s Office web site.