1.5.1 Computing Related Legislation Flashcards
What are the 4 main laws of computer technology?
- The Data Protection Act (1998 & 2018)
- The Computer Misuse Act 1990
- The Copyright Design and Patents Act 1998
- The Regulation of Investigatory Powers Act 2000
What is the Data Protection Act?
- Designed to protect personal data and focusses on the data holder.
- Controls how personal info is used by companies and government.
What are the different roles covered in the 1998 Data Protection Act?
- Data Subject - Data stored about them, out of their control.
- Data Controller - Determines what data an organisation collects and how it is collected, processed/stored.
- Data Commissioner - Has power to enforce DPA - independent public body and reports directly to parliament and appointed by the crown.
What are the 2 main categories of the Data Protection Act?
- Personal Data - Name, Address, DOB
- Sensitive Data - Nationality, Ethnicity, Political beliefs
What are the 8 main principles of the Data Protection Act?
- Data collected and used fairly and inside the law
- Only held for specific reasons
- Only used for registered purpose
- Adequate, relevant and not excessive
- Kept accurate and up to date
- Not kept longer than necessary
- Kept safe and secure
- No transfer outside EEA unless country has data protection
What are the 8 main principles of the Data Protection Act?
- Data collected and used fairly and inside the law
- Only held for specific reasons
- Only used for registered purpose
- Adequate, relevant and not excessive
- Kept accurate and up to date
- Not kept longer than necessary
- Kept safe and secure
- No transfer outside EEA unless country has data protection
What are the rights held by people regarding the Data Protection Act?
- Right of subject access
- Right of correction
- Right to prevent direct marketing
- Right to prevent automatic decision making
What is the purpose of the 2018 Data Protection Act?
- In 2015, the EU began working on the General Data Protection Act
- The aim was to strengthen and standardise data protection regulations across Europe
Would the hacker be in breach of the DPA, if the hacker was able to access personal data. Who would be breaching DPA?
- DPA focusses on personal data - Hacker not in breach
- However, if hacker accessed employee data, the company would be in trouble
What is the Computers Misuse Act 1990?
- Gaining unauthorised access to the system
- Unauthorised access with intent to commit a crime
What actions does the Computers Misuse Act make illegal?
- Unauthorised access to a computer system
- Unauthorised access to digital materials with the intent to commit further crime
- Unauthorised modification of data
- Making, supplying or obtaining tools to commit computer misuse offence
What are some of the consequences of breaking the Computer Misuse Act?
- Fine
- Imprisoned
How would the hacker be breaking the Computer Misuse Act?
- As the hacker is gaining unauthorised access, they are breaking the law
- As they are accessing it with the intent of committing a further crime - committing 2nd most serious offence
- If they amend data - committing even more serious offence
What is the Copyrights Designs and Patents Act 1998?
- Individual/ organisations that produce media has their ownership - other parties can’t redistribute without permission
What does the Copyright Designs and Patents Act prevent people stealing and copying?
- Brand names
- Inventions
- Product Designs
- Original works
What are the 2 strongest protections of Intellectual Property?
- Copyright - Legal term used to describe the rights a creator has over their own work
- Patents - Exclusive right granted for an invention - provide owner with the right to decide how their invention is used by others
What is Intellectual Property?
- Refers to anything you create using your mind such as stories, inventions and symbols
What does the Copyright Designs and Patents act allow people to do?
- Gives creators to control how their work is used and distributed
- Any original product is automatically protected
- Makes it illegal to copy other’s work without permission
What would the hacker have to do to break the Copyright Designs and Patents Act?
- Posting the material on the internet would break this act
What does RIPA stand for?
- Regulation of Investigatory Powers Act 2000
What does RIPA do?
- Provides certain bodies the right to monitor communications and internet activities
- Has come about due to evolving threats posed by criminals and terrorists
Criminals use technology to communicate and co-ordinate their actions what type of public bodies does RIPA grant rights to combat this to and who not?
- Grants rights to: The police, Security services
- Doesn’t grant rights to: Environment Protection Agency, Office of Fair Trading, Serious fraud office
What are some of the key features that RIPA does?
- Demands that ISPs provide access to customer communications
- Allows mass surveillance of communications
- Allows monitoring of an individual’s internet activities
- Demands that access be granted to protected information
- Demands that ISPs install equipment that facilitates surveillance
- Implement a hardware and software solution that facilitates the storage of digital communications
Which groups of people are subject to RIPA?
- Internet Service Providers
- Online Businesses
What are some of the concerns of RIPA?
- Invasion of privacy
- Improper use of the RIPA
- Unnecessary censorship
- Freedom of speech
Exam Question: Describe the purpose of the Regulation of Investigatory Powers Act (3)
- Sets out to empower/ limit the extent
- To which public bodies
- Can use technological surveillance
- This can include monitoring internet activity
- Electronic communications
- And forcing users to hand over encryption keys
