Presentation is loading. Please wait.

Presentation is loading. Please wait.

1.9 The Legal Framework In this section you must be able to:

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1.9 The Legal Framework In this section you must be able to:"— Presentation transcript:

1 1.9 The Legal Framework In this section you must be able to:
Describe the provisions of the Computer Misuse Act. Describe the principles of software copyright and licensing agreements. Recall the nature, purpose and provisions of the current data protection legislation – rights, duties, exemptions, etc.

2 New Crimes Made Possible by ICT
New technology has created opportunities for crime: Software piracy (copying software illegally to sell) Hacking (unauthorised access to computer systems) Creation and distribution of viruses Distributing pornographic and other obscene material Fraudulent trading Credit card fraud Terrorist activity and blackmail

3 Abuse of ICT There are also opportunities for the abuse of ICT:
Sending unsolicited s (now an offence in some countries) Creating inappropriate or misleading web-sites Registering a domain that might appear to belong to someone else – “cyber-squatting” Inappropriate use of ICT is not necessarily illegal. It’s important to distinguish between: Unethical use of ICT – i.e. morally questionable Criminal activity – i.e. an offence under the various laws covering use of ICT

4 Where do Laws Come From? There are three sources of law:
Case law – i.e. judges’ rulings in court cases Acts of Parliament – e.g. Data Protection Act European laws & directives – e.g. VDU use Laws change for many reasons: Social and political pressure – e.g. dangerous dogs Reaction to specific cases – e.g. Gold & Shiffreen Combinations and clarifications of previous laws To close loopholes – e.g. “making off” and hacking

5 Laws Affecting ICT There are various laws covering use of ICT
Computer Misuse Act 1990 Data Protection Act 1984 & 1998 Copyright, Designs and Patents Act 1988 European VDU & health directive 1992 Plus, more general guidelines such as: Health and Safety legislation Offices, Shops and Railways Act 1963 Contract law – shink-wrap agreement controversy! Plus what about things such as professional advice given by a computer?

6 Computer Misuse Act In 1988 two teenagers “hacked” the Duke of Edinburgh’s account and changed a message They were taken to court, but hadn’t actually committed an offence (there was no theft and no fraud committed) People also started getting worried about viruses, which had started to appear in 1986 In response, the government introduced the Computer Misuse Act in 1990

7 Computer Misuse Act Under the CMA there are three offences:
Unauthorised access to computer programs or data Unauthorised access with further criminal intent Unauthorised modification of computer material (programs or data) However… Unauthorised access can be difficult to detect The first people to be prosecuted (in 1997) were caught when boasting about their crime!

8 Computer Misuse Act The CMA therefore protects us against: Hacking
Theft and Fraud “Logic Bombs” “Denial of Service” attacks Viruses could commit offences at different levels depending on the payload: Some display harmless messages Some are deliberately malicious Some are unintentionally dangerous

9 Other Measures to Prevent Misuse
Other steps can be taken to prevent misuse. JavaScript, for example, was created with computer misuse in mind and was designed to prevent it being used to create viruses: JavaScript cannot write directly to discs (other than cookies) and so cannot delete or change any files There is no direct access to memory or to other hardware

10 Copyright and Patent Patents cover the ideas and concepts on which products or services operate: You can only patent software that performs a technical function – e.g. an encryption algorithm You can’t patent software that performs a human function, such as translating English to French Copyright covers the implementation of the idea – the actual words, images and sounds that you use

11 Copyright, Designs and Patents Act
Under this act it is illegal to: Copy software Run pirated software Transmit software over a telecommunications link (thereby copying it) The act is enforced by FAST – the Federation Against Software Theft (also FACT for general copyright) The enforcement is complicated by: The confusion between copyright and patent Whether you can copyright a “look and feel” Contracts such as licensing and acceptable use agreements

12 Using Computers to Combat Crime
Computers can also be used to solve crimes: The Police National Computer (PNC) now allows forces across the country to share information Number-plate recognition can be used to identify people committing motoring offences Mobile phone records can be used to locate criminals and victims of crime Audit logs and records of s and network traffic could be used as evidence

13 Data Protection We all have a right to privacy
There might be a variety of reasons why you’d want to keep something private: It might be possible to using the information for fraudulent purposes The information might be of a sensitive nature, such as medical records You might just not want people to know! The Data Protection Act is to protect privacy

14 Data Protection Act The Data Protection Act…
Was introduced in 1984 and updated in 1998 to create a standard for data protection across Europe Originally covered personal data that are automatically processed but now covers some manual records as well Defines the terms data subject (the person about whom data is held) and data controller (called data user in the 1984 version) Requires that all data controllers (and the nature of the processing they do) must be recorded on the public register of data controllers Is overseen by the Information Commissioner

15 Data Protection Act – Eight Principles
Under the Data Protection Act, data must be… fairly and lawfully processed; processed for limited purposes and not in any manner incompatible with those purposes; adequate, relevant and not excessive; accurate; not kept for longer than is necessary; processed in line with the data subject's rights; secure; not transferred to countries without adequate protection.

16 Processing Personal Data
Personal data covers both facts and opinions about the individual. It also includes information regarding the intentions of the data controller towards the individual. Processing can only be carried out where: the individual has given his or her consent; the processing is necessary for the performance of a contract with the individual; the processing is required under a legal obligation; the processing is necessary to protect the vital interests of the individual; the processing is necessary to carry out public functions; the processing is necessary in order to pursue the legitimate interests of the data controller or third parties

17 Data Protection Act – What Else?
It covers any information recorded as part of a “relevant filing system” – i.e. information that is “readily accessible” Data controllers must take security measures to safeguard personal data – i.e. to prevent unlawful processing or disclosure There are certain exemptions from the DPA Data subjects have rights that are defined in the act

18 DPA – The Rights of Individuals
If data are held about you, you are entitled to be… given a description of the data told for what purposes the data are processed told the recipients or the classes of recipients to whom the data may have been disclosed given a copy of the information with any unintelligible terms explained given any information available to the controller about the source of the data given an explanation as to how any automated decisions taken about you have been made

19 DPA – The Rights of Individuals
Further rights include: The right to access the data held – within 40 days and at a cost of no more than £10 for computer records and £50 for paper records The right to rectify, block, erase or destroy details that are inaccurate, or opinions based on inaccurate data The right not to have your details used for direct marketing The right to compensation for damage caused if the Data Protection Act is breached

20 Exemptions from the DPA
The Act does not apply to: Payroll, pensions and accounts data Names and addresses held for distribution purposes Personal, family, household of recreational use Data can be disclosed to an agent of the subject, or in response to a medical emergency Use of data in cases dealing with national security, the prevention of crime, or the collection of taxes & duty

21 Criminal Offences under the DPA
Notification offences – where the data controller fails to notify the commissioner of processing or changes to processing Procuring and selling offences – disclosing, selling or obtaining data without authorisation Enforced access offences – e.g. you can’t make someone make an access request as a condition of employment Other – such as failure to respond to a request or to breach an enforcement notice

22 Freedom of Information Act
Covers all types of 'recorded' information held by public authorities Covers personal and non-personal data Public authorities include: Government Departments local authorities NHS bodies schools, colleges and universities the Police Parliament The Post Office The National Gallery The Parole Board Plus lots, lots more!

Download ppt "1.9 The Legal Framework In this section you must be able to:"

Similar presentations

Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.

Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.
Data Protection Information Management / Jody McKenzie.

Data Protection Information Management / Jody McKenzie.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.

Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.
Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,

Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,
The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.

The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.
Legislation in ICT.

Legislation in ICT.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Legislation Who governs e-commerce?. E-commerce is regulated by laws and guidelines. These aim to ensure that sites operate effectively and that online.

Legislation Who governs e-commerce?. E-commerce is regulated by laws and guidelines. These aim to ensure that sites operate effectively and that online.
Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.

Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.
Data Protection Act.

Data Protection Act.
Data Protection Act 1998. Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.

Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
The Data Protection Act

The Data Protection Act
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.
The Legal Framework Can you work out which slide each bullet point should go on?!

The Legal Framework Can you work out which slide each bullet point should go on?!
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.
General Purpose Packages

General Purpose Packages
Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.

Similar presentations

Ads by Google