When Curiosity Becomes a Computer Crime

Introduction

Curiosity can explain why someone hacks into a system, but it does not usually make the hacking lawful. In the branch of UFO-linked hacking associated with Gary McKinnon, this distinction is essential: McKinnon said he was looking for evidence of UFOs, anti-gravity technology and hidden public-interest information, while US prosecutors described unauthorised access to military, defence and NASA computers, with alleged damage and disruption. The legal line is not drawn at whether the hacker believes the motive is noble, unusual or sincere. It is drawn first at authorisation: whether the person had permission to access the computer, account, files or network in the way they did. [WIRED]wired.comufo hacker tells what he foundWIRED'UFO Hacker' Tells What He Found21 Jun 2006 — 'UFO Hacker' Tells What He Found. The search for proof of the existence of UFOs landed…

That is why “curiosity-driven hacking” is legally dangerous. A person may think they are merely looking, testing, exposing secrecy or proving a belief. The law may still treat the conduct as unauthorised access, and more serious charges can follow if systems are impaired, data is copied, tools are installed, logs are deleted, threats are made, or national-security computers are involved. [Legislation.gov.uk+2Crown Prosecution Service]legislation.gov.ukComputer Misuse Act 1990An Act to make provision for securing computer material against unauthorised access or modification; and for conn…

The legal boundary starts with permission, not motive

In UK law, the Computer Misuse Act 1990 was created to secure computer material against unauthorised access or modification. Its basic offence concerns causing a computer to perform a function with intent to secure access to any program or data, where that access is unauthorised and the person knows it is unauthorised. The point is deliberately broad: a person does not need to steal money, sell secrets or plant malware before the law becomes relevant. [Legislation.gov.uk]legislation.gov.ukComputer Misuse Act 1990An Act to make provision for securing computer material against unauthorised access or modification; and for conn…

The Crown Prosecution Service guidance separates the basic unauthorised access offence from more serious forms of computer misuse. Section 2 concerns unauthorised access with intent to commit or facilitate a further offence, while other provisions address unauthorised acts that impair systems, create serious risk, or involve tools used for computer misuse. This structure matters for curiosity cases because the first legal question is not “Was the motive malicious?” but “Was the access authorised?” [Crown Prosecution Service]cps.gov.ukcomputer misuse actcomputer misuse act

For UFO-motivated hacking, that means a belief that government networks might contain hidden information does not itself create permission to enter those networks. Nor does the absence of a conventional criminal motive automatically turn an intrusion into journalism, research or whistleblowing. A person who guesses passwords, enters poorly secured systems, uses remote-access tools without permission, or searches through internal files is still crossing the authorisation line.

The National Crime Agency’s Cyber Choices programme makes the same governance point in a public-facing way: cyber skills can be developed legally, but illegal hacking of computers and networks is treated as cyber-dependent crime. The programme exists partly because young or technically curious people may not understand that “just exploring” someone else’s system can carry criminal consequences. [National Crime Agency]nationalcrimeagency.gov.ukOpen source on nationalcrimeagency.gov.uk.

Why the McKinnon case is the clearest UFO-hacking example

Gary McKinnon’s case became famous because his stated motive sounded different from ordinary cybercrime. In interviews, he said he was searching for evidence of UFOs, suppressed energy technology and government secrecy. Wired reported his claim that he found references such as “Non-Terrestrial Officers” and saw what he believed was a UFO image on a NASA system, although those claims were not independently verified through released files or authenticated records. [WIRED]wired.comufo hacker tells what he foundWIRED'UFO Hacker' Tells What He Found21 Jun 2006 — 'UFO Hacker' Tells What He Found. The search for proof of the existence of UFOs landed…

The legal allegations looked very different. The US Department of Justice said McKinnon was indicted under the Computer Fraud and Abuse Act after allegedly accessing and damaging 92 computers belonging to the US Army, Navy, Air Force, Department of Defense and NASA, as well as six computers belonging to private businesses. The indictment included a count involving a computer used by the military for national defence and security. [Department of Justice]justice.govDepartment of JusticeLondon, England Hacker Indicted Under Computer Fraud…One count charges McKinnon with accessing and damaging witho…

That contrast is the heart of the legal limit. A UFO motive may explain why a hacker went looking. It may affect public sympathy, media framing, mental-health arguments, charging discretion or sentencing debate. But it does not by itself answer the criminal-law question. If the access was unauthorised, the curiosity is not a licence.

The House of Lords judgment in McKinnon’s extradition litigation recorded the US allegation that the conduct damaged computers by impairing the integrity, availability and operation of programmes, systems, information and data, with repair costs alleged at over $700,000. Whether one views McKinnon as a misguided searcher, a protester, a vulnerable defendant or a serious intruder, those alleged effects moved the case far beyond a harmless look around. [UK Parliament]publications.parliament.ukmckinn 1mckinn 1

Damage and intent change the seriousness

Unauthorised access is often the starting point, but damage and intent determine how serious the case becomes. In a simple curiosity scenario, a person might access a system without permission, view files and leave. That can still be unlawful. But the legal risk escalates when the person copies files, deletes logs, installs software, disrupts availability, bypasses controls repeatedly, or leaves messages that imply coercion or disruption.

The US allegations against McKinnon included not only access but damage. The Department of Justice described unauthorised access and damage to military, NASA and private computers. A separate report of the indictment stated that he installed tools used for obtaining unauthorised access, deleted critical system files, copied unclassified files and deleted system logs. [Department of Justice]justice.govDepartment of JusticeLondon, England Hacker Indicted Under Computer Fraud…One count charges McKinnon with accessing and damaging witho…

This is why “I did not mean harm” is not always decisive. Some computer misuse offences focus on knowledge that access is unauthorised. Others look at intent to impair, recklessness as to impairment, or intent to facilitate another offence. Even where a person does not set out to cause damage, careless exploration inside live systems can create operational risk. On defence, military, health, transport or critical infrastructure systems, that risk is treated especially seriously because interruption can affect more than the machine in front of the intruder.

For readers following UFO-related hacking stories, the useful test is not whether the target might be hiding something interesting. It is whether the person had permission to access the system and whether their actions changed, impaired, copied, exposed or disrupted anything. The further the conduct moves from passive viewing to interference, persistence or concealment, the harder it becomes to frame it as mere curiosity.

Public interest is not a general hacking pass

Public interest arguments are strongest when someone obtains and discloses information through lawful means, authorised access, protected reporting channels or carefully governed security research. They become much weaker when the person breaks into systems first and argues later that the public deserved to know what might be inside.

That distinction matters in UFO cases because the supposed public interest can be emotionally powerful. If someone genuinely believes a government is hiding evidence of non-human technology, they may see intrusion as a moral shortcut. Law generally resists that shortcut because it would allow any strongly held belief to become a self-issued warrant to enter someone else’s systems.

The UK debate over Computer Misuse Act reform shows how narrow this issue is. The Home Office’s review recognised that the Act is the main legislation criminalising unauthorised access and damage to computer systems and data. It also considered concerns from the cyber-security sector about whether legitimate research can be chilled by broad offences. [GOV.UK]GOV.UKOpen source on gov.uk.

That reform debate is about properly bounded security work, not curiosity-driven raids on government systems. Campaigners for a statutory defence tend to focus on vulnerability research, threat intelligence and academic or professional cyber-security activity. Those proposals usually depend on factors such as purpose, proportionality, responsible handling of data, avoidance of harm and reporting vulnerabilities to the affected organisation. [UK Parliament Bills]bills.parliament.ukOpen source on parliament.uk.

The United States has moved in a similar direction at the prosecutorial-policy level. The Department of Justice’s CFAA charging policy says prosecutors should decline prosecution where the available evidence shows the conduct consisted of, and was intended as, good-faith security research. But that is not the same as a free-standing right to break into systems out of curiosity, activism or belief. It is a limited policy aimed at security research, not a general public-interest defence for unauthorised exploration. [Department of Justice]justice.govDepartment of Justice9-48.000Department of Justice9-48.000

Why “weak security” is not consent

One recurring argument in UFO-hacker stories is that the target’s poor security makes the intrusion less blameworthy. McKinnon and some supporters emphasised weak passwords and exposed systems, and commentators have often treated the case as an embarrassment for US government cyber-security as well as a prosecution. But weak security is not the same thing as permission. [The Guardian]theguardian.comOpen source on theguardian.com.

The physical analogy is imperfect but useful: an unlocked office door does not authorise a stranger to enter, search filing cabinets and copy documents. In computer law, the same principle is expressed through authorisation. A badly configured system may affect how easy the intrusion was, how foreseeable the damage was, how institutions should improve security, or how proportionate a punishment should be. It does not normally convert the intruder into an authorised user.

This is especially important for belief-driven hacking. UFO suspicion, distrust of secrecy, or frustration with official disclosure processes may make a person feel morally justified in probing restricted systems. Legally, however, the absence of strong technical barriers does not mean the owner has consented to access by the public.

Extradition debates do not erase the offence boundary

McKinnon’s eventual victory was not a ruling that curiosity-driven hacking was lawful. In 2012, then Home Secretary Theresa May blocked his extradition to the United States on human-rights grounds, stating that extradition would create such a high risk of him ending his life that it would be incompatible with his human rights. [GOV.UK]GOV.UKgary mckinnon extradition case home secretarys statementgary mckinnon extradition case home secretarys statement

That decision is often misread. It addressed whether McKinnon should be sent to the US for trial, not whether unauthorised access to defence and NASA systems was legally acceptable. The distinction matters because extradition cases can turn on health, proportionality, forum, likely prison conditions, prosecutorial pressure and human-rights risks. Those issues can stop a person being extradited without validating the underlying conduct.

The aftermath confirms the point. UK authorities later decided not to bring further criminal proceedings, with reporting at the time saying the police and Crown Prosecution Service considered the chances of conviction poor after the long delay and practical difficulties. That was a case-management and evidential outcome, not a broad legal endorsement of UFO-motivated hacking. [The Guardian]theguardian.comgary mckinnon no uk chargesgary mckinnon no uk charges

McKinnon’s case also influenced later UK extradition debate. The “forum bar”, inserted into the Extradition Act 2003 after the McKinnon controversy, became important in Lauri Love’s case, where the High Court refused extradition to the US on serious computer-hacking allegations. Again, the issue was where and whether prosecution should proceed, not whether political, activist or curiosity-driven hacking was lawful. [Matrix Chambers]matrixlaw.co.uklauri love wins extradition appeallauri love wins extradition appeal

The safe route for curiosity is authorised research

The legal lesson is not that people should stop asking questions about secrecy, UFO records, defence transparency or cyber-security. It is that the route matters. Curiosity becomes safer when it stays within authorised channels: public records, freedom-of-information requests, released archives, lawful journalism, open-source research, consent-based security testing, bug bounty programmes, lab environments and responsible disclosure.

For technically skilled people, the dividing line can be summarised in practical terms:

This is the governance gap exposed by the McKinnon story. Societies benefit from curiosity, scepticism and security research, but they also depend on reliable boundaries around private, government and defence systems. A legal order that excused hacking whenever the intruder claimed a public-interest motive would be unworkable: every conspiracy theory, political cause or personal suspicion could become a reason to trespass digitally.

The lasting rule from UFO hacking cases

The McKinnon case remains memorable because it combined UFO belief, weak security, transatlantic prosecution, mental-health concerns and a long extradition battle. But the legal rule underneath is less mysterious than the story around it. Curiosity may explain the search; it does not authorise the access.

For UFO-focused readers, that is the key limit. A hacker who believes NASA or the military holds hidden information is still bound by computer misuse law. Public interest may matter in debates over disclosure, security reform, prosecutorial discretion, extradition or sentencing. It does not automatically defeat the basic offence of entering systems without permission.

The safest and strongest form of inquiry is therefore the one that can survive scrutiny without the intrusion itself becoming the story. Once a person crosses into unauthorised access, the argument shifts away from what they hoped to find and towards what they did to someone else’s computer system.

Amazon book picks

Further Reading

Books and field guides related to When Curiosity Becomes a Computer Crime. Use these as the next step if you want deeper reading beyond the article.

Book

Ghost in the Wires

By Kevin Mitnick

Illustrates how curiosity-driven intrusion can lead to serious legal consequences.

See on Amazon

Book

Sandworm

By Andy Greenberg

Shows how computer intrusions can escalate into major legal and societal issues.

See on Amazon

Book

This Is How They Tell Me the World Ends

By Nicole Perlroth

Provides context on the risks and significance of unauthorized access.

See on Amazon

Book

Cybersecurity and Cyberwar

By P.W. Singer, Allan Friedman

Explains legal, ethical and security dimensions of computer access.

See on Amazon

Browse more on Amazon: Ghost in the Wires Sandworm This Is How They Tell Me the World Ends

As an Amazon Associate I earn from qualifying purchases.

eBay marketplace picks

Marketplace Samples

Example marketplace items related to this page. Use the search link to explore similar finds on eBay.

Shop location

Using USA USA USAUKCanadaAustraliaIreland

Example eBay listing

UFO ABDUCTION OVER THE OCEAN -FRAMED WALL ART PAPER PRINT POSTER

Search eBay.co.uk: ufo wall art

Browse similar on eBay.co.uk

Example eBay listing

VINTAGE UFO ABDUCTION ILLUSTRATION FRAMED WALL ART PICTURE POSTER PRINT

Search eBay.co.uk: ufo wall art

Browse similar on eBay.co.uk

Example eBay listing

I Want to Believe Vintage UFO Print, Photographic Alien Wall Art Decor, Space

Search eBay.co.uk: ufo wall art

Browse similar on eBay.co.uk

Example eBay listing

COOL FLYING UFO IN FOREST LANDSCAPE FRAMED WALL ART PICTURE POSTER PRINT

Search eBay.co.uk: ufo wall art

Browse similar on eBay.co.uk

Browse more on eBay.co.uk

Example items shown for inspiration; availability and pricing can change. Branchoria may earn a commission if you purchase through outbound eBay links.

Endnotes

1. Source: wired.com
   Title: ufo hacker tells what he found
   Link: https://www.wired.com/2006/06/ufo-hacker-tells-what-he-found/
   Source snippet

   WIRED'UFO Hacker' Tells What He Found21 Jun 2006 — 'UFO Hacker' Tells What He Found. The search for proof of the existence of UFOs landed...

2. Source: justice.gov
   Link: https://www.justice.gov/archive/criminal/cybercrime/press-releases/2002/mckinnonIndict.htm
   Source snippet

   Department of JusticeLondon, England Hacker Indicted Under Computer Fraud...One count charges McKinnon with accessing and damaging witho...

3. Source: legislation.gov.uk
   Link: https://www.legislation.gov.uk/ukpga/1990/18/contents
   Source snippet

   Computer Misuse Act 1990An Act to make provision for securing computer material against unauthorised access or modification; and for conn...

4. Source: cps.gov.uk
   Title: computer misuse act
   Link: https://www.cps.gov.uk/prosecution-guidance/computer-misuse-act

5. Source: nationalcrimeagency.gov.uk
   Link: https://www.nationalcrimeagency.gov.uk/cyber-choices

6. Source: met.police.uk
   Link: https://www.met.police.uk/cyberchoices

7. Source: publications.parliament.uk
   Title: mckinn 1
   Link: https://publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1.htm

8. Source: justice.gov
   Link: https://www.justice.gov/archive/usao/nj/Press/files/pdffiles/Older/edva_mckinnon_indictment.pdf

9. Source: GOV.UK
   Link: https://www.gov.uk/government/consultations/review-of-the-computer-misuse-act-1990/review-of-the-computer-misuse-act-1990-consultation-and-response-to-call-for-information-accessible

10. Source: GOV.UK
    Title: analysis of responses accessible
    Link: https://www.gov.uk/government/consultations/review-of-the-computer-misuse-act-1990/outcome/analysis-of-responses-accessible

11. Source: bills.parliament.uk
    Link: https://bills.parliament.uk/publications/60406/documents/6385

12. Source: justice.gov
    Title: Department of Justice9-48.000
    Link: https://www.justice.gov/jm/jm-9-48000-computer-fraud

13. Source: justice.gov
    Link: https://www.justice.gov/archives/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act

14. Source: GOV.UK
    Title: gary mckinnon extradition case home secretarys statement
    Link: https://www.gov.uk/government/speeches/gary-mckinnon-extradition-case-home-secretarys-statement

15. Source: wired.com
    Link: https://www.wired.com/2012/10/mckinnon-extradition-win

16. Source: hansard.parliament.uk
    Link: https://hansard.parliament.uk/Commons/2022-04-19/debates/AE9413F3-D4F2-44EC-890E-75B0250328C4/ComputerMisuseAct1990highlight%3Dstatistics

17. Source: hansard.parliament.uk
    Title: uk Gary [Mc Kinnon]({{ ‘mc-kinnon/’ | relative_url }}) (Extradition)
    Link: https://hansard.parliament.uk/commons/2009-12-01/debates/09120144000002/GaryMckinnon%28Extradition%29

18. Source: GOV.UK
    Title: latest on gary mckinnon case
    Link: https://www.gov.uk/government/news/latest-on-gary-mckinnon-case

19. Source: leap.hillingdon.gov.uk
    Link: https://leap.hillingdon.gov.uk/media/13085/Cyber-Choices-Guidance—External/pdf/mjCyberChoices_Guidance_-_External.pdf?m=1701791050703

20. Source: nationalcrimeagency.gov.uk
    Link: https://www.nationalcrimeagency.gov.uk/who-we-are/publications/811-cyber-choices-brochure-2026-parents-1/file

21. Source: southeastcyber.police.uk
    Title: computer misuse act
    Link: https://southeastcyber.police.uk/computer-misuse-act/

22. Source: assets.publishing.service.gov.uk
    Title: public views 2
    Link: https://assets.publishing.service.gov.uk/media/5a74d979e5274a3cb2867add/public-views-2.pdf

23. Source: assets.publishing.service.gov.uk
    Title: Factsheet Computer Misuse Act
    Link: https://assets.publishing.service.gov.uk/media/5a819c6de5274a2e87dbe8fd/Factsheet_-Computer_Misuse-_Act.pdf

24. Source: assets.publishing.service.gov.uk
    Title: CMA consultation070223.docx
    Link: https://assets.publishing.service.gov.uk/media/63e1201be90e0762637e30a9/CMA_consultation070223.docx

25. Source: health-ni.gov.uk
    Title: computer misuse act 1990
    Link: https://www.health-ni.gov.uk/articles/computer-misuse-act-1990

26. Source: open.edu
    Link: https://www.open.edu/openlearn/mod/oucontent/view.php?id=48328&section=3.3

27. Source: open.edu
    Link: https://www.open.edu/openlearn/ocw/mod/oucontent/view.php?id=80038&section=_unit8.3.3

28. Source: malicious.life
    Link: https://malicious.life/episode/us_vs_gary_mckinnon/

29. Source: theguardian.com
    Link: https://www.theguardian.com/theguardian/2005/jul/09/weekend7.weekend2

30. Source: theguardian.com
    Title: gary mckinnon no [uk charges]({{ ‘uk-charges/’ | relative_url }})
    Link: https://www.theguardian.com/world/2012/dec/14/gary-mckinnon-no-uk-charges

31. Source: matrixlaw.co.uk
    Title: lauri love wins extradition appeal
    Link: https://www.matrixlaw.co.uk/judgments/lauri-love-wins-extradition-appeal/

32. Source: Wikipedia
    Title: Gary Mc Kinnon
    Link: https://en.wikipedia.org/wiki/Gary_McKinnon

33. Source: Wikipedia
    Title: Computer Misuse Act 1990
    Link: https://en.wikipedia.org/wiki/Computer_Misuse_Act_1990

34. Source: stannescatholicprimary.com
    Title: Cyber Choices
    Link: https://www.stannescatholicprimary.com/wp-content/uploads/2023/07/Under-12s-Cyber-Choices.pdf

35. Source: theguardian.com
    Title: gary mckinnon timeline extradition
    Link: https://www.theguardian.com/world/2012/oct/16/gary-mckinnon-timeline-extradition

36. Source: theguardian.com
    Link: https://www.theguardian.com/technology/2008/jul/31/hacking.hitechcrime

37. Source: theguardian.com
    Title: gary mckinnon hacker aspergers us
    Link: https://www.theguardian.com/world/2009/jul/31/gary-mckinnon-hacker-aspergers-us

38. Source: theguardian.com
    Link: https://www.theguardian.com/world/gary-mckinnon

39. Source: theguardian.com
    Title: gary mckinnon extradition computer hacker
    Link: https://www.theguardian.com/technology/2009/jan/12/gary-mckinnon-extradition-computer-hacker

40. Source: theguardian.com
    Title: gary mckinnon medical report us extradition
    Link: https://www.theguardian.com/world/2012/oct/12/gary-mckinnon-medical-report-us-extradition

41. Source: theguardian.com
    Title: gary mckinnon hacking ill father glasgow extradition us
    Link: https://www.theguardian.com/world/2014/jul/31/gary-mckinnon-hacking-ill-father-glasgow-extradition-us

42. Source: theguardian.com
    Title: gary mckinnon not extradited may
    Link: https://www.theguardian.com/world/2012/oct/16/gary-mckinnon-not-extradited-may

43. Source: theguardian.com
    Title: gary mckinnon hacker sparked storm
    Link: https://www.theguardian.com/world/2012/oct/16/gary-mckinnon-hacker-sparked-storm

44. Source: theguardian.com
    Link: https://www.theguardian.com/world/video/2012/oct/16/gary-mckinnon-extradition-theresa-may-video

45. Source: theguardian.com
    Link: https://www.theguardian.com/technology/2005/jul/27/hacking.internetcrime

46. Source: theguardian.com
    Link: https://www.theguardian.com/technology/2008/aug/28/hacking.security

47. Source: theguardian.com
    Title: computer activist lauri love loses appeal against us extradition
    Link: https://www.theguardian.com/law/2016/sep/16/computer-activist-lauri-love-loses-appeal-against-us-extradition

48. Source: media.techtarget.com
    Link: https://media.techtarget.com/rms/computerweekly/DowntimePDF/pdf/mckinnon.pdf

49. Source: freeprivacypolicy.com
    Title: computer misuse act 1990
    Link: https://www.freeprivacypolicy.com/blog/computer-misuse-act-1990/

50. Source: rahmanravelli.co.uk
    Link: https://www.rahmanravelli.co.uk/expertise/cybercrime/cybercrime-reducing-the-risks/

51. Source: termsfeed.com
    Title: computer misuse act 1990
    Link: https://www.termsfeed.com/blog/computer-misuse-act-1990/

52. Source: film-authority.com
    Link: https://film-authority.com/2026/05/12/gary/

Additional References

1. Source: youtube.com
   Link: https://www.youtube.com/watch?v=zezzoxhrnZ8
   Source snippet

   What Are The Ethical Issues Of The Computer Misuse Act In Cybersecurity?...

2. Source: youtube.com
   Title: What Are The Ethical Issues Of The Computer Misuse Act In Cybersecurity?
   Link: https://www.youtube.com/watch?v=KkUMv1b9Z_8
   Source snippet

   ITPro Asks: Is the UK's Computer Misuse Act fit for purpose?...

3. Source: youtube.com
   Title: The Man Who Hacked the U.S. Government
   Link: https://www.youtube.com/watch?v=ND0zQX1rGdg
   Source snippet

   How Did Landmark Cases Define "unauthorised Access" Under The Computer Misuse Act?...

4. Source: academia.edu
   Link: https://www.academia.edu/31360553/Gary_McKinnon_A_Curious_Case_Indeed

5. Source: researchgate.net
   Link: https://www.researchgate.net/publication/323786681_The_Computer_Misuse_Act_1990_to_support_vulnerability_research_Proposal_for_a_defence_for_hacking_as_a_strategy_in_the_fight_against_cybercrime

6. Source: jenner.com
   Link: https://www.jenner.com/en/news-insights/publications/client-alert-doj-revises-cfaa-charging-policy-to-provide-clarity-for-cybersecurity-research-and-terms-of-use

7. Source: nacdl.org
   Link: https://www.nacdl.org/Landing/ComputerFraudandAbuseAct

8. Source: cscp.org.uk
   Link: https://cscp.org.uk/wp-content/uploads/2021/06/Teachers-Cyber-Choices-Brochure_Online.pdf

9. Source: crimestoppers-uk.org
   Link: https://crimestoppers-uk.org/fearless/more-info/crime-types-explained/cyber-crime

10. Source: jonesday.com
    Link: https://www.jonesday.com/en/insights/2022/06/department-of-justice-significantly-revises-policy-on-charging-cfaa-violations