1.5.1 - Computed Related Legislation Flashcards
some exam qs in there too
What are the 4 computing related legislation laws?
The Data Protection Act
The Computer Misuse Act
The Copyright, Design and Patents Act
The Regulation of Investigatory Powers Act
What is Personal Data?
Any data which can be used to identify a living person or data which can be used in combination with other data to identify a living person
Which Act covers the use of Personal Data?
The Data Protection Act
There is 8 specific ways that The Data Protection Act protects data subjects, name 4.
- Personal data shall be processed fairly and lawfully
- Personal data shall be obtained only for one or more specified and lawful
purpose - Personal data shall be adequate, relevant and not excessive for its
purpose(s) - Personal data shall be accurate and where necessary kept up to date
- Personal data shall not be kept for longer than is necessary for its purpose(s)
- Personal data shall be processed in accordance with the rights of data
subjects under this Act - Appropriate technical and organisational measures shall be taken against
unauthorised or unlawful processing of personal data and against accidental
loss or destruction of, or damage to, personal data - Personal data shall not be transferred to a country or territory outside the
European Economic Area, unless that country or territory ensures an
adequate level of data protection
The Data Protection Act gives its subjects certain rights ,name 1 of them
The right to request a copy of the data held about them
The right to correct the data held about them
The right to prevent marketing using contact details provided by the data subject
Name the act that concerns malicious use of computers and was originally designed to be used against hackers
The Computer Misuse Act
What are the 3 main offences within The Computer Misuse Act
Unauthorized access to computer material
Unauthorized access with the intent to commit further offences
Unauthorized changes to computer material.
What law was introduced to protect intellectual property?
Copyright, Designs and Patents Act
How does the Copyright, Designs and Patents Act protect online property?
Copyright is automatically applied to the original work and it ensures the creators have exclusive right to control their use and distribution
What law covers Investigation and Surveillance by Public Bodies
Regulation of Investigatory Powers Act
What can the government and public authorities do under the Regulation of Investigatory Powers Act
Intercept communications and access electronic data to prevent crime and protect national security.
Enforces internet service providers and mobile phone companies to give up information upon request from an authorised authority
Must decrypt any data that you have encrypted when asked to do so by these authorities
Craig ‘n’ Dave LTD is a company which provides teaching resources for GCSE and A’Level computer science.
State four legal responsibilities that Craig ‘n’ Dave have to comply with in regards to the data they hold on their employees. [4]
Make sure only relevant data is held (1)
Data is kept up to date (1)
Data is accurate (1)
Data is not held for longer than needed (1)
Employees must be given access to their data (1)
Data must be kept in a secure fashion (1)
Data must not be passed onto any third parties without permission of the employees (1)
Data must not be passed to any organisation outside of the EU (1)
Craig ‘n’ Dave employ many free-lance workers. Each worker must clock in and out at the start and end of each day. This information is then used to produce the company payroll.
A concern has been raised by some of the freelancers in regards to the amount of information which is being stored on them.
Explain what sort of information might be stored for the payroll system [3]
Employees bank details/information (1)
Personal information e.g. home address / mobile number etc (1)
Medical information (1)
National insurance number (1)
Tax code (1)
Holiday information (1)
Time off from work / sickness record (1)
Outline some of the legitimate fears that the freelancer might have and also explain what Craig ‘n’ Dave could do to alleviate those fears. [6]
Fears the freelancer might have:
Personal information could be passed onto third parties (1)
Concerned about identity theft (1)
May be pestered by cold callers (1)
Potential of someone knowing the freelancers working habits / when they are at home / at work (1)
Measures that company could take:
Password protection important information (1)
Encrypt freelancers information (1)
Install / updated company firewalls (1)
User IDs and tracking / audit trails of which staff have access to personnel information (1)
Education to staff to let them know measures taken (1)
Any form of physical security mentioned e.g. locked access sever rooms (1)
