Computer related legislation Flashcards
What is the problem with RIPA?
- Critics claim terrorism, Internet crime and paedophillia were used to push act through and there was little debate in Commons.
- Examples of act being used for reasons other than monitoring crimes/terrorist activities including, monitoring cockle fisherman, fly tippers and a family to determine weather they were in the catchment area of a school
1) What is the computer misuse act (1990)?
2) Define hacking
1) Criminal offence to: Make any unauthorised access to computer material with intent to commit or facilitate commission of further offences (hacking) OR with intent to impair operation of a computer (virus distribution)
2) Those who exploit weakness in a system or who customise systems or who edit open source work
What features are used to minimise the threat of hackers and virus distribution?
- Digital signatures or certificates that use encrypted messages to confirm the ID of sender
- SSL (Secure socket layer) is a protocol that enables encrypted links between computers to ensure the security of transaction
- User ID’s, passwords and access rights are used for basic ID of users and their rights to access specific data
- Anti malware software used to ID and remove suspicious software
- Firewalls are apps that sit between the system and external access to prevent certain unauthorised data and users accessing the system. Defence against DDoS)
What is the data protection act?
- Sets out the requirements for the control of stored data about individuals
- Provisions state:
1) Data should be processed fairly and lawfully
2) Data should only be used for purpose specified to the data protection agency and should not be disclosed to other parties without permission
3) Data should be relevant and not excessive
4) Data should be accurate and up to date
5) Data should be retained only as long as necessary
6) Individuals have the right to access the data held about them and should be able to check and update the data if necessary
7) Security must be in place to prevent unauthorised access of data
8) Data must not be transferred outside the EU unless country has adequate data-protection legislation
What is the data controller?
The person responsible for implementing the provisions of the DPA within an organisation
What exemptions are there to the DPA?
- National security = data processed in relation to NS is exempt from the act
- Crime and taxation = any data used to detect/prevent crime or assist in collection of taxes is exempt
- Domestic purpose = any data used solely for individual family or household use is exempt
What is the communications act (2003)?
- Deals with communications that contain credible threats of violence such as trolling or stalking or communications that contain material grossly offensive to individuals or to cause home
- Has to tread a fine line between what is deemed freedom of speech and what is offensive.
- Illegal to:
1) Access an Internet connection with no intention to pay for the service
2) send offensive communications using any communications system including social media
What is the Copyright designs and patents act (1988)?
-Designed to protect intellectual property rights of the individual or an organisation
-Illegal to copy, modify or distribute software or other intellectual property without the relevant permission
-Many sites will offer free downloads of copyrighted material and individuals will often share such software over peer-peer networking sites. Prevents owner from earning income
-Protects video and audio where peer-peer streaming has had a huge impact on the income of copyright owners
-Licence agreements and/or licence keys come with most commercial
software specifying how the user can use the product or to prevent unauthorised copying and distribution
-Stop people stealing others work and claiming it for their own
What is the 2010 equality act?
- ID’s anyone with certain protected characteristics (eg: a blind person) and makes it illegal to discrim ate against anyone with those characteristics either directly or indirectly
- If someone requires a service you cannot discriminate against them by not providing the service
What features do companies/organisations/individuals use to make services un-discriminatory?
- Screen readers for the blind
- options for larger text or magnifier may be appropriate for people with poor sight
- choice of font as some fonts may be hard for disabled to read
- Tagging images with audio description for those of poor sight
- choosing contrasting colours for text and background to make them stand out for those who are partially or colour blind
- Deaf users should have access to subtitles or a transcript of a video
What is the regulatory investigative powers act? (RIPA 2000)
- Intended to allow suitable authorities access to communications to prevent criminal or terrorist activities
- powers include:
- Interception of communications (Wire taps and reading post)
- Use of communications data (info about comes but not the content)
- directed surveillance (following people)
- covert human intelligence sources (informers, undercover officers)
- intrusive surveillance (bugging)
- mass surveillance
- demand Access to protected info from ISP
- allowing monitoring of individual’s Internet activities
- Prevent existence of such interception activities being revealed in court
- All of above powers only available to specific authorities. Eg; interception of communications is only permitted to authorities such as GCHQ
