You would hope that nine months after Theresa May declared running through fields of wheat to be the naughtiest thing she has ever done, Conservative advisors might have briefed MPs to have a better answer at hand for that question.
They have not. Instead, when asked about the same question during a video profile, Conservative rising star Kemi Badenoch laughingly confessed that around a decade ago, she guessed the password to a Labour MP’s website – later revealed to be Harriet Harman – and altered it to say nice things about the Conservative party.
Whether or not this is actually the naughtiest thing Badenoch has ever done, it is, legally speaking, pretty naughty indeed. The act she’s describing appears, on the face of it, to be a fairly serious violation of the Computer Misuse Act, and a potential offence that can carry a jail term.
We tend to think of hacking as some strange and arcane act, the exclusive domain of computer geeks – stereotypically working only by the light of their screen (screens don’t light up faces) while wearing a hoodie (okay, hackers do quite like these).
The UK law’s definition of hacking is a lot more stringent than that, though. Let’s say you happen to know your ex’s Netflix password, and can’t shake the certainty that he left you because he was cheating. You try out his Netflix password on his Facebook account, and bingo – you’re in, and checking his messages.
Congratulations, you just committed a criminal offence. Any time you are knowingly accessing an electronic system you’re not supposed to have access to – this could even include flicking through a colleague’s emails while they’re away from the desk – you’ve breached the Computer Misuse Act, and could face all the consequences that come with doing so.
And people far younger than Badenoch often do feel those consequences. A small group of six hackers going by the name Lulzsec engaged in a series of generally fairly straightforward hacking attacks, more or less for fun – planting a fake news story on the front page of The Sun; defacing the website of the homophobic Westboro Baptist Church; and even briefly taking a (non-classified) CIA website offline. UK members of the group, several of whom had been in their teens when they were convicted, were sentenced to up to 30 months in prison.
Some of the Lulzsec hacks involved accessing personal data, which would escalate the wrongdoing above simply defacing a website – though it should be noted that Badenoch had no way to be sure she wouldn’t be improperly accessing private files, data, or documents when she decided to break into Harman’s site.
Others have faced serious penalties for doing less than Badenoch has admitted. One basic form of attack often described as a hack is a Distributed Denial of Service (DDoS). Such attacks, often conducted as a form of protest, involve thousands of computers regularly sending fake access requests to a website with the aim of taking it temporarily offline and preventing real users accessing it. When conducted for political reasons, these have been recognised by courts in other European countries as an act of protest, akin to a sit-in.
The UK doesn’t have such protections: teenagers taking part in DDoS campaigns they often didn’t even realise were illegal – when they were just one person out of thousands taking part – have been convicted and sentenced for these similar acts.
Badenoch was 28-years-old when she defaced Harman’s website, and now, at the age of 38, has apologised to the Labour MP for her actions. It might seem ridiculous that something so trivial is an offence which can see people jailed, but people with far less power, education and experience have faced just that for doing less than Badenoch admitted.
The UK’s laws on hacking are often draconian, and they are unevenly applied – as civil liberties and online rights groups have tried to highlight for years. There are multiple reasons Badenoch is vanishingly unlikely to face prosecution – her alleged offence occurred shortly before a change in law that removed the statute of limitations for hacking offences; and her victim has accepted her apology and shows no interest in prosecution.
And yet Badenoch’s casual admission speaks to either gross naivety, or grotesque confidence. Badenoch used to work as a software engineer and has a degree in law – and so if she was genuinely unaware what she was admitting to amounted to a criminal offence, that reflects terribly on her competence in both fields. If instead Badenoch was aware of this, but felt happy to confess, knowing that she would get away with it where so many others do not, her arrogance – while not misplaced – can only help erode people’s faith in a justice system that often seems to deliver very different results to people depending on their backgrounds.
The visuals of a serving MP casually admitting an offence for which others face the full weight of the law – coming after the public has seen expenses abuses, and numerous other reasons to lose faith in both parliament and the legal system – are terrible.
Badenoch’s privileged position – and some lucky legal timing – means she won’t face the punishment others might have for her actions. If she wants to restore faith in her, and faith in the law, she might want to consider campaigning for reforms to the UK’s hacking laws, to help others less fortunate than herself.
[See also: Kemi Badenoch’s stint as a hacker says a lot about her and the Westminster narrative]
Content from our partners
Related
