Computing-related legislation Flashcards
Legal, moral, cultural and ethical issues
What is the purpose of the Data Protection Act 1998
Sets out the requirements for the collection, processing and storage of data about individuals
What are the eight printables covered in the Data Protection Act 1998
- Data should be processed fairly and lawfully
- data should be only used for the purpose specified (should not be disclosed to other parties)
- Data should be relevant and not excessive
- Data should be accurate and kept up to date
- Data should only be kept for as long as necessary
-people have the right to access data kept about them - Security must be set in place to prevent unauthorised access
- Data must not transferred out of the EU
What are the exceptions of the Data Protection Act 1998
- National security and crime
- Taxation: data used to assist with the collection of taxes
- Domestic purposes: any data used solely for the individual, family or household
Outline the GDPR (general data protection regulation) updates to the DPA, 2018
- lawfullness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Security
- Accountability
Describe lawfullness, fairness and transparency (DPA,2018)
- Valid reasons for collecting personal data
- Data not used to break other laws
- Personal data used fairly
- The person/ organisation collecting the data must be open and honest
Describe purpose limitation (DPA,2018)
- The purpose for collecting data must be clear from the start
- Purpose must be specified and documented
- Data must not used for a new purpose (if so additional consent must be obtained)
Describe data minimisation (DPA,2018)
- Data being processed must be adequate, relevant and limited to what is necessary
Describe accuracy (DPA,2018)
- Data must not be incorrect or misleading
- Data must be kept up to date
- Incorrect/misleading data must be corrected or erased
Describe storage limitations (DPA,2018)
- Data must not be kept for longer than necessary
- How long data is kept must be specified in a statement
- There must be a periodic review of data held, no longer required data is erased
- Individuals have the right to have data erased
- Data can be kept for longer if it is only kept for public interest archives(i.e. historical research)
Describe security (DPA, 2018)
There must be adequate security measures to protect data held
Describe accountability (DPA,2018)
The data controller, and all staff within the organisation, must take responsibility for how the data is used and for compliance with the other principles
What is The Computer Misuse Act 1990
This makes unauthorised access to computer systems illegal
how does the computer misuse act provide protection to users
Under the provision of the Act the following are criminal offences
- unauthorised access to computer materials (hacking)
- unauthorised access with intent to commit or facilitate further offences (stealing money)
- unauthorised access with intent to harm or break a computer system (distributing viruses)
Describe the different types of hackers
Black hat hackers - Intent on causing damage (criminal activity/illegal)
White hat hackers - ethical hackers often employed by service holders to seek vulnerabilities so they can be fixed (legal)
Grey hat hackers - seek out vulnerabilities in a system in order to report them to the system owner for a fee. non-payment may lead them to exploit the vulnerability (illegal)
What are the five features used to minimise the threat of hackers
- Digital signatures
- Secure Sockets Layer (SSL)
- User IDs, passwords and access rights
- Anti-malware software
- Firewalls
What is a digital signature
A digital code that is attached to an electronically transmitted document to verify the its contents and the sender’s identity
What is a Secure Sockets Layer
A security technology for establishing an encrypted link between a serve and a client.
What is a firewall
Software application or hardware that sit between the system and external networks to prevent certain types of data and users accessing the system.
- They can also be a set to simply deny access to all external users
What is Denial of Service (DoS)
An attack meant to shut down a machine or network by overwhelming it with requests, making it inaccessible to its intended users
- Firewalls are the principal defence against this
What is the Copyright, Design and patents Act 1988
Protects the intellectual property of an individual or organisation
What is outlined under the Copyright, Design and Patents Act 1988
- Copyright refers to the automatic protection given to different types of intellectual property
- Under the Act it is illegal to copy, modify or distribute any copyright
material, without the relevant permission. - The Act also covers patents, which is the intellectual property associated
with new inventions/ products - Unlike copyright, patents have to be applied for and are not automatic.
what is peer-to-peer streaming
Allows data to be shared directly between lots of different users/clients rather than downloading from a central server
What is proprietary software
The owner of the copyright material retains intellectual property rights
- The source code of the software is kept secret and is protected by copyright law
What is open source software
The original source code is made freely available and may be redistributed and modified
- Developed under open standards
Outline the features of open source software
- Access to the source code
- May be free of charge or very cheap
- Users can modify the software
- Can be installed on as many computer as necessary
- No one is responsible for any problems with the software
- Usually only community support
- Often very high quality because of the community of highly skilled developers
Outline the features of proprietary software
- No access to source code
- Almost always some cost involved
- Copyright law means users cannot modify the software
- Extra licences must normally be obtained before installing on additional computers
- Full support from the software developer - fully tested before release, regular updates to fix bugs and improve features, faulty software replaced
- Commercial and community support available
- High- quality software because a lot of money is spent developing it
What are creative commons licences
An organisation that are less restrictive than proprietary licences. For example:
- public domain : which has no restrictions on use for any purpose
- attribution : where the work can be freely reproduced but the original creator must be credited
- attribution non-commercial : where the work can only be used for non-commercial purposes
Examples of the powers the certain public bodies have
- Demand internet service providers provide access to a customer’s communications
- Allows mass surveillance of communications
- demand ISPs fit equipment to facilitate surveillance
- demand access be granted to protected info
- allow monitoring of an individual’s internet activities