Why was the DPA created?
The DPA was created to protect user’s rights and safety online.
What does personal data mean in relation to the DPA?
Facts, opinions about an individual
What does data mean in relation to the DPA?
DoB, name, NI# etc.
What does processing mean in relation to the DPA?
Collection and storage of personal data (search history, sorting data, comparing records)
What does data subject mean in relation to the DPA?
The person that data is being collected about
What does data controller mean in relation to the DPA?
The person in charge of the organisation which is collecting and storing data.
What does data processor mean in relation to the DPA?
Data is usually processed by third parties who aren’t part of the data controller’s organisation
What does recipient mean in relation to the DPA?
Anyone employed to access, use or process personal data as part of their job
What does information commissioner mean in relation to the DPA?
The person with overall responsibility for enforcing the DPA across the UK
Name 4 of the 8 principles of the DPA (challenge - name all 8)
Personal data should be obtained and processed fairly and lawfully.
Personal data shall only be obtained for specified and lawful processes.
Personal data should be adequate, relevant and not excessive (i.e only collect the necessary data) for the required purpose.
Personal data should be accurate and kept up-to-date.
Personal data should not be kept for longer than is necessary.
Data must be processed in accordance with the DPA.
Data must be stored securely to prevent unauthorised access.
Data cannot be transferred outside the EU unless the country has a similar legislation to the DPA.
Why was the computer misuse act created?
To prevent unethical use of computers i.e hacking, to reduce internet crime and to make unauthorised access to, the modification and deletion of, data a legal offense.
What four offenses is the CMA comprised of?
Unauthorised access to data.
Unauthorised access to data with malicious intent.
Unauthorised modification of data.
Creating, distributing and obtaining anything which may be used (e.g. viruses, trojans) to violate the computer misuse act.
What is the difference between having unauthorised access to data and having unauthorised access to data with malicious intent?
The difference between the first two offenses is that the first one usually involves accessing data through a method other than hacking (e.g. someone leaving their computer logged in, you guessing their password etc.) and the offender only views files, whereas the second one usually involves accessing data through a malicious method (e.g. spyware, keylogging) with the intent of stealing bank information (for example).
What does RIPA stand for?
Regulation of Investigatory Powers Act
What was RIPA designed to do?
This act was designed to make it an offense for anyone who is not authorised (by the act) to carry out the monitoring and surveillance of communications.
What is the purpose of RIPA?
To prevent or detect crimes and public disorder.
To ensure national security and the safety of the general public.
To investigate or detect any abnormal use of telecommunication systems
What does CDPA stand for?
Copyright Design and Patents Act
Why was the CDPA created?
This act was created to protect the investment of time, money and effort by people who create original work. This covers writers of books, musicians, game developers etc.
What is the purpose of the CDPA?
To ensure people are rewarded for their work, and to protect the copyright holder if someone attempts to plagiarise their work.
What are software licenses, and how are they relevant to the CDPA?
Software licenses allow users to use software if they possess the license, for example a word editor may require a license to use, however this does not mean you own the software.