Significant to the argument, is the relatively low number of offenders charged and convicted under the existing rules. Part of the challenge seems to lie in what critics argue is the vagueness of the law that is rendered even less clear in court, as it is impossible for a supplier to assess the ‘likelihood’ that an internet or software tool may be used in the commission of a crime. Opponents cite that the CMA does not allow for application of the rules to the cases which are often highly technical, and not readily translatable for jury consideration. The results are near null from a national perspective, which led to prosecution of a mere nineteen cases in 2007, with only ten defendants charged and convicted according to the Ministry of Justice.
The most recent conviction numbers contribute to the overall picture of computer misuse enforcement and indicate a reduction in violations since ratification of the Act and instatement as code. Predictability may not be found, then, in the capacity of the number of users that might be knowledgeable enough to intentionally commit violations and only reliant upon enforceability; yet that is to be determined by due process of complaint. Charges rarely occur in a vacuum of random and unintentional incidence in correspondence to the strict liability of the Act, as it pertains to institutional transactions, can only, then, be founded on investigated wrongdoing correspondent to acts and attendant outcomes (i.e. victims).
In the UK, the number of computer misuse violations is miniscule, and in fact receding. Prior to 2007, charges under the CMA saw a consecutive decrease over the past three years. Comparatively speaking, the numbers from 2007 are fewer than the past three years, with 18 successful prosecutions from 25 cases in 2006, 16 from 24 in 2005, 12 from 21 in 2004 and only higher in conviction