Computer Related Legislation

avatar
Created by
ben latham

Cards (8)

  • Data Protection Act:
    • Controls how data is used by companies or the government
    • Person data - Name, address, date of birth
    • Sensitive data - Nationality, ethnicity, biometrics, politics
    • sensitive data is subject to additional legal protections
  • Principles of the Data Protection Act:
    • Data must be collected and used fairly inside the law
    • Only used for purpose is was intended
    • Kept accurate and up to date
    • Kept safe and secure
    • No transfer outside the EFA
    Data Subject Rights:
    • Right of subject access
    • Right of correction
    • Right to prevent direct marketing
    • Right of complaint
    • Right to prevent automatic decisions
    • Right to compensation
  • GDPR (General Data Protection Regulation) - Law introduced into the European Union in 2016
    Requires that data is collected for specified, explicit, and legitimate reasons
  • Computer Misuse Act:
    Makes following acts illegal:
    • Unauthorised access to a computer system (hacking)
    Up to £5000 fine and 6 months in prison
    • Unauthorised to digital materials with intent to commit further crime
    Unlimited fine and up to 5 years in prison
    • Unauthorised modification of data
    Unlimited fine and up to 5 years in prison
    • Making, supplying, or obtaining tools used to commit computer misuse offences
    Unlimited fine, up to 10 years in prison
  • Copyright, design, and patents act:
    Act prevents stealing:
    • Inventions
    • Original works
    • Designs
    Protected in law by copyright, patents, licensing, trademarks
    • Copyright - the right a creator has over their work
    • Patent - exclusive right granted for an invention, provide owner with right to decide if and how the invention is used
  • Regulation of Investigatory Power Act:
    • Provides certain bodies with the right to monitor communication and internet activities
    • Allows mass surveillance of communication
    • Allows monitoring of individual‘s internet activities
    • Demand access be granted to protected information
    • Demand ISPs provide access to customer communications
  • RIPA dictates businesses must:
    • Provide access to digital communications or data when asked
    • Implement a hardware and software solution that facilitates the storage of digital communications
  • Public bodies given rights under RIPA:
    • Police
    • Security Services
    • Environmental protection agency
    • Office of fair trading
    • Serious fraud office
    RIPA has been misused in the past, mostly people being monitoring to make sure they live in the catchment area for the school they were sending their children too