ICT: Unit 2: L.O.4 Flashcards
What is ‘Legislation’?
-Laws usually set by the parliament
(some enforced by the police and some by government agencies like regulators)
–>usually for information laws, punishment is in the form of fines
What is the ‘DPA’ (2018) ?
-Data Protection Act (works alongside the UK’s version of GDPR)
When does the ‘DPA’ (2018) apply?
-Applies if you are collecting information about people for an organisation.
-Does NOT apply if you are collecting information for you’re personal reasons
What is a ‘Data Controller’ and a ‘Data Subject’?
-Data Controller–> the organisation processing the information
-Data Subject–> the person who the information is about
Under the DPA, what do controllers need to do?
controllers need to:
–>Be clear about what personal information is being used for
–>Only keep information when it’s needed
–>Provide information security (including backups)
–>Keep the information accurate and up-to-date
Under the DPA, what are subjects allowed to do?
Subjects are allowed to:
–>See what personal data is being stored about them:
-(this is called Subject Access Request SAR)
-(The subject needs to inform the controller what information they want)
-(The controller asks for ID)
-(The controller needs to provide the information within a month or explain why they can’t)
–>Have Data changed or deleted
What is the ‘Computer Misuse Act’ (CMA) (1990)?
‘The Computer Misuse Act’ (1990) (CMA): punishes hacking and creating malware by making it illegal to:
–>Access computer systems without permission
–>…with the aim of committing other crimes (e.g. identity theft)
–>Impair the computer system (e.g. deleting important files)
The police enforce the CMA and it can lead to prison sentences
What is the ‘Regulation of Investigatory Powers Act’? (RIPA) (2000)?
RIPA (2000):
Applies to certain public authorities
–>Allows them to carry out surveillance ‘in the interests of national security’ (if a judge approves) e.g.:
-bugging a house if they suspect terrorism
-use of undercover police officers
-Internet Service Providers (ISPs) may also be told to hand over sensitive information
(e.g. browsing history)
What is the ‘Copyright, Designs, and Patents Act’ (1998)?
The Copyright, Designs, and Patents Act’ (1998):
–>Designed to protect ‘IP’ (Intellectual Property)
(IP–> creations of the mind)
e.g. books/digital art/software/photos
–>The law provides protection for creators if their work is stolen
–>In the case it is stolen, they can:
-request it be taken down
-request for payment for continued use
-prosecute if they don’t comply
What is ‘Copyright’?
-An automatic right to prevent someone else from copying
(–> expires after either 50/70 years)
(–> should request permission before using copyrighted work)
(–> ‘fair dealing’)
What is a ‘Trademark’?
-Used to recognise a particular brand (e.g. the name and logo)
What is a ‘Patent’?
-Needs to be applied for–> to provide strong protection for an invention.
What is the ‘Protections of Freedom Act’ (2012)?
PoF Act (2012):
(mostly relates to personal data)
–>For Biometric data:
-Delete biometric data for suspects who are released
-Delete biometric data for minor crimes after a period of time
-(For serious crimes, biometric data can be kept)
-Parents must consent.
–>Also requires criminal record checks for those working with vulnerable groups (e.g. a DBS check for teaching in a school or working as a doctor
–>Adds codes of practice for public cameras (e.g. CCTV and ANPR)
What is the ‘Equality Act’ (2010)?
Equality Act (2010):
–> Protects people from Discrimination (cannot mistreat people because of a ‘protected characteristic’)
(These Protected characteristics include:
-Age
-Gender reassignment
-Marital status
-Pregnancy
-Race
-Religion
-Gender
-Sexual Orientation
-Disability (–>need to make ‘reasonable adjustments’)
–> Claims of Discrimination can be made in court
–> Crimes based on these protected characteristics are ‘hate crimes’
What is the ‘Privacy and Electronics Communications Regulations’ (2003)?
PECR (2023):
–>Provides privacy rights for individuals
it means that:
-To receive direct marketing (e.g. offers from companies) you must have opted-in
-Organisations need to identify themselves when they contact you
-The purpose of cookies on web pages must be explained
What is the ‘FOI’ (2000)?
The Freedom of Information Act (2000):
–>Allows citizens to request information from public authorities (e.g. government agencies/military/NHS/Police)
(FOI does not cover personal data e.g. names of the patients in a specific year for the NHS)
–>To comply, public authorities need to:
-Confirm whether they actually hold the information requested
-Respond within 20 working days
-If they deny the request, explain why they cannot provide the information
(e.g. because it will take too long to get the information (>18 hours of work))
(e.g. because it is not in the public interest for national security (as an example))
What is the ‘ICO’?
The Information Commissioner’s Office:
–>The UK Information Regulator
(they enforce the DPA/FOI Act/PECR)
–>can issue fines
–>They have codes of practice that advise organisations how to follow legislation and suggest good practices
What is ‘Global Data Protection’?
–>Not every country has data protection laws and some are inadequate
–>Personal data shouldn’t be transferred to countries with inadequate legislation
What is the ‘UNCRPD’?
The United Nations Convention on the Rights of Persons with Disabilities:
–>Sets out that access to the internet and information is a human right, and those with disabilities should be able to use accessibility features
(e.g. Screen readers/Alt text on images/Text magnifier/Subtitles)
What is a ‘Carbon Footprint’ and what is it caused by?
-An organisation’s carbon footprint is the total amount of emissions they have caused.
–>This is caused by Direct and Indirect actions
(Direct–>e.g. burning old files and paperwork)
(indirect–>e.g. buying brand new computer systems which need to be shipped)
How can organisations reduce their ‘Carbon Footprint’?
-Recycle old devices
-Auto-power off devices (at night) so they don’t use electricity
-Use electronic copies instead of printing (saves money and the environment)
-Buy refurbished computer systems
Benefits:
–>Reduced energy costs
–>Improves brand image
–>Fewer unnecessary costs (e.g. paper/brand new devices)
–>The moral purpose (looking after our 1 planet)
