7c ICT Laws *** Flashcards
The company has installed CCTV cameras in its offices. Many employees have expressed concern over the installation of the cameras.
Discuss the legal and ethical implications of the installation of CCTV cameras in the offices (11 marks June 10)
Impacts and consequences may include:
Loss of privacy for the individual, they are being recorded all the time, concern as to who can see the footage and where it ends up – tv programmes, implication that they are doing something wrong, lack of trust between employees and employer. Legal issues – Data Protection Act and access to the footage, people requesting to see footage with employee and others in it, problem of knowing what has been recorded and able to make sensible access request.
Less likelihood of crime in the workplace as monitoring takes place, feeling of security for employees, use of CCTV to back up employee statement of what happened. RIPA and monitoring
Discuss the impacts and consequences of the Regulation of Investigatory Powers Act (2000) on the employees of the company (11 marks Jan 10)
Loss of privacy for the individual, they have no legal recourse to being monitored and this brings about an environment of distrust between the management and employees. More care taken by the employee over emails and telephone calls as they know they might be monitored. More work gained from the employees as they will be monitored and cannot use the system for personal use without being caught. Greater satisfaction from the company that its industrial secrets are safe and not being passed on. Increased work from the employees as always on task. Increase in storage capacity and manpower to implement monitoring.
1 mark in any band for a reasoned conclusion.
The data stored on the committee’s computer has been stolen.
(a) The Computer Misuse Act (1990) (CMA) can be used to prosecute the thief.
Identify three provisions of the CMA and for each, give an example of an action that could be prosecuted under that provision.(6 marks June 11)
Two marks per aspect, 2 marks each, 1st for identification, 2nd for
example of crime:
Unauthorised access to computer material (1) hacking into a computer
(1) awarded marks. Unauthorised access to a computer system with intent to commit or
facilitate the commission of further offences (1) hacking into a computer and finding information to blackmail the owner (1)
Unauthorised acts with intent to impair operation of a computer (1) Denial of service attacks (1)
Allow paraphrasing – important element is that it is related to a computer and it is unauthorised. Not just hacking/stealing/misusing
Making, supplying or obtaining articles for use in computer misuse [6] offences (1) making a virus (1)
The example needs to be related to the provision. Provision must be given first – if no provision then example cannot be
10 A company stores information about Mr Jones. For each of the following crimes, identify which Act has been broken.
Storing Mr Jones’ old address after he has moved (1 mark Jan 12)
Mr Jones’ secretary accesses Mr Jones’s account with the company without permission(1 mark)
A company employee gives information about Mr Jones’ purchases to his neighbour (1 mark)
1 mark each:
Storing Mr Jones’s old address after he has moved: DPA (1998)
(1)
Mr Jones’ secretary accessing his account without permission:
CMA (1990) (1)
Giving information about Mr Jones’ purchases to his neighbour: DPA (1998) (1)
The Data Protection Act (1998) (DPA) was created to protect data about the individual.
Identify two rights the user has under the DPA(2 marks)
Explain problems an individual could encounter when trying to enforce their rights under the DPA (6 marks)
Find out what information is held about you by an organisation (1)
Correct information that is held by the organisation (1)
Prevent processing of information if it causes substantial unwarranted
damage or distress (1)
Prevent unsolicited marketing/An organisation is required not to process
information about you for direct marketing purposes if you ask them not to.
(1)
Prevent automated decision making (1)
Claim compensation for damage, and in some cases distress, caused by any breach of the Act (1)
Points may include:
Difficult to know which companies have information on you - have to request the information and send money but they might not have anything
Damage and distress is difficult to prove - must be linked to the use of the information and caused significant distress
Lists can be sold to other organisations -may ask one company not to direct market but others may already have the details.(6)
(c) Describe how the Copyright, Designs and Patents Act (1988) can be used to protect the use of the images on the website (4 marks Jan 09)
Any 4 from:
Allows creator of images to control rights to use/can give permission to others to use (1)
Gives creator right to prosecute people (1) who use images without consent (1)
Only applies once the image has been taken/used (1) May charge for use (1)
Cannot stop the images being taken (1)
Establishes ownership (1)
he airline needs to comply with the Data Protection Act (DPA) (1998).(June 09 exam)
(a) Explain the purpose of the DPA (3 marks)
(b) Explain the implications of the DPA for the airline.(3 marks)
A) 3 from, allow expansions.
To protect the individual from the company (1)
Allow UK citizens to access data held on them in other EU countries (1)
Meet EU regulations (1)
To allow the individual to access data held about them by the company (1)
To place regulations on the use of personal data (1)
To allow prosecution of companies that break the DPA (1)
3 from, allow expansions, eg:
Need a filing system for personal data (1) so that it can be given to the customer if requested within 40 days (1)
Need to appoint a data controller (1) to ensure principles are in place (1)
Need to protect personal data (1) and train staff in use (1)
