1.5 Flashcards
(6 cards)
1.5.1
1. Summarise what the Data Protection Act 2018 is
2. Summarise what the computer misuse act 1990 is
3. Summarise what the Copyright, Designs and Patents Act (1988) is
- The Data Protection Act is designed to protect personal data and focuses on the data holder.
- The Computer Misuse Act is legislation aimed at criminalising unauthorised access to a computer system. (1). Gaining unauthorised access with intent to commit a crime is a more severe offence under the act (1).
- Any individual or organisation that produces media has their ownership of that media protected by the Copyright, Designs and Patents Act. This means other parties are not allowed to reproduce or redistribute it without permission.
How do you answer a long answer question about the laws?
First, you need to demonstrate your knowledge and understanding, by stating the definitions of the laws. Then, you show the application of the laws, linking each law to each question. Finally evaluate, giving a summary of the answer. For example, if the question said to discuss the extent that the laws are intended to address the issues, so explain that here.
1.5.1
1. Explain what RIPA is
2. What are the benefits of RIPA?
3. What are the drawbacks of RIPA?
1.RIPA allows organisations such as the police and security services the power to monitor private communications, such as text messages, phone calls, emails and internet history. Necessary grounds are in the interest of: national security; economic wellbeing; and the prevention or detection of a serious crime. It also allows surveillance and access to encrypted data.
2. The benefits include stopping crimes before they occur, for example intercepted communications can prevent terrorist attacks or disrupt organised crime. This aids in increasing safety as more criminal activities take place online.
3. Drawbacks include criticism for being used in minor cases, such as checking school application fraud. This has led to too many organisations having access to private information when they shouldn’t. Another issue is that many communication tools, such as WhatsApp, now use end to end encryption, and companies providing the services cannot access the messages, so it is more difficult for RIPA to function as intended.
What are the 7 principles of the Data Protection Act 2018?
S: Storage limitation – personal data must be kept for no longer than is necessary (eg. so that customers can leave an organisation)
L: Lawful, fair and transparent – processing must be lawful, fair and transparent (so that customer’s rights are not flouted); for example, a speeding ticket – not unfair. Asking for consent to use photographs is lawful.
A: Accuracy – personal data must be accurate and kept up to date (Customer has the right to see the data and to ask for it to be corrected if wrong so that they are not responsible for incorrect data. eg. so that customers are not held responsible for goods they have not bought).
P: Purpose limitation – purposes of processing must be specified, explicit and legitimate (so that junk mail is not encouraged)
M: Minimisation of data – personal data must be adequate, relevant and not excessive (so that irrelevant data is not stored. Data can only be accessed by/changed by authorised people so that malicious alterations are not made.)
I: Integrity and confidentiality – personal data must be processed in a secure manner and protected by adequate security measures (so that people with malicious intent cannot gain access)
A: Accountability – the controller shall be responsible for, and be able to demonstrate compliance (Authorised people must be notified to the DPR so that they are accountable . eg. Data should not be transferred out of the EU to countries without similar legislation so that data remains subject to DPA).
1.5.1
1. What are the offences of the Computer Misuse Act (1990)?
2. Explain some examples of scenarios that break the computer misuse act
- Three stages:
Unauthorised access to a computer system
Unauthorised access with intent to commit further offences
Unauthorised modification of computer material
Punishable by up to twelve months in prison and an unlimited fine. - An example that potentially breaks all three laws under the Computer Misuse Act is changing a social media post on a friend’s mobile phone. Investigation of systems can break the Act without intent, such as breaking into a computer system to learn how the system works. Systems are offered to users with strict conditions attached and investigation is not a legitimate excuse for breaking the law.Users must be aware of the Act in order to be responsible. Grey and black hat hackers will break the Computer Misuse act.
People who don’t break the law as they have authorisation include: ethical/ white hackers; computer users who investigate how systems work; investigating systems that you own yourself or have authorisation to use.
Explain how the Copyright, Design and Patents Act (1988) works
Copyright is assigned to owners of the works automatically upon creation. The law makes it illegal to copy and distribute works as your own without permission. The copyright holder has the right to ask for their work to be removed from a platform (both digital and physical, such as an e-commerce store or a real life bookshop). Membership, licences and purchases can allow the authorised viewing and sharing of content, depending on the contract (eg. a school only distributing digital textbooks to other students within the school). Which may restrict their use (e.g. to whom it is shown or geographical location from which it is accessed).
