Robert Schifreen

Early Life

Robert Jonathan Schifreen was born in October 1963 in the United Kingdom. Little is documented about his early background prior to the events that brought him to national attention in the mid-1980s.

The Hack and Arrest

In 1985, Schifreen was arrested for gaining unauthorized access to a British Telecom computer system — specifically the Prestel service, an early online information network. During the intrusion, he accessed the Telecom Gold email account of Prince Philip. Schifreen later acknowledged obtaining user passwords but denied acting for personal gain, stating that his activities ultimately prompted Prestel to improve its security practices. The vulnerability he exploited was significant: a top-level account identified as "2222222222" was protected only by the password "1234."

Trial and Conviction

Because no specific law against unauthorized computer access existed in the United Kingdom at the time, prosecutors charged Schifreen and his co-defendant Steve Gold under section 1 of the Forgery and Counterfeiting Act 1981. In June 1985, the two became among the first individuals charged under this provision on the theory that deceiving a computer system constituted forgery — even though the target was a non-human system rather than a person.

When the case came to trial in April 1986, Schifreen was convicted on six counts of forgery and fined £750.

Appeal and Acquittal

Schifreen appealed his conviction to the Court of Appeal, where the case was heard by three judges including the Lord Chief Justice, Lord Lane. On 21 July 1987, the Court found that applying a forgery charge to computer hacking was legally inappropriate and that the charges should have been dismissed. The judgment memorably criticized the prosecution's "Procrustean attempt to force the facts into the language of an Act not designed to fit them."

The Crown then appealed to the House of Lords in the case formally recorded as R v Gold and Schifreen [HL 21 Apr 1988]. In April 1988, the Law Lords dismissed the Crown's appeal. Their reasoning centered on the definition of "making a false instrument" — a necessary element of a forgery charge. Because the computer itself had generated the relevant memory segment containing false information, rather than Schifreen doing so directly, the Law Lords concluded the computer had effectively "forged itself." Schifreen's acquittal was upheld.

Impact on UK Law

The outcome of R v Gold and Schifreen exposed a significant legislative gap and is widely credited as the direct catalyst for the Computer Misuse Act 1990, which for the first time established specific criminal offenses for unauthorized access to computer systems in the United Kingdom. Following his acquittal, Schifreen was also required to pursue a judicial review action against the police in order to secure the return of his computers.

Later Career

After the legal proceedings concluded, Schifreen transitioned into the technology publishing and security sectors. For a period he served as editor of .EXE Magazine, a publication aimed at programmers. Under the online handle "hex" — a shortened form of the punning nickname "hex maniac" — he was an active participant in the CIX online community from the late 1980s onward, during a period when such communities were still a novelty.

Schifreen subsequently established himself as an IT security consultant and trainer, working with banks, large corporations, and universities across the United Kingdom. He has spoken at numerous information security conferences and contributed articles to the computer press and other publications. He has been associated with the University of Brighton as an IT security trainer and web developer, and lives in East Sussex.

In 2006, publisher John Wiley & Sons released his book Defeating the Hacker. In 2014, Schifreen began developing the software platform underpinning SecuritySmart.co.uk, an IT security awareness training program he founded; the platform launched in June 2016.

Notable Work

Schifreen's most enduring contribution remains his inadvertent role in shaping UK computer law. The legal proceedings arising from his 1985 arrest produced a body of case law — culminating in the House of Lords ruling — that demonstrated the inadequacy of existing statutes and directly informed the drafting of the Computer Misuse Act 1990, legislation that continues to govern computer crime in the United Kingdom.