1.5.1 Computing related legislation Flashcards
What is the overall purpose of the Data Protection Act?
Regulates how personal data is stored. Designed to protect personal data and focuses on the data holder.
What is overall purpose of the Computer Misuse Act?
Computer Misuse Act Prosecutes those gaining unauthorised access to computer systems which may deter attempts to gain unauthorised access to data.
What is the overall purpose of the Copyright Designs and Patents Act?
Regulates intellectual property. Makes it illegal to copy/distribute copyrighted materials.
What is the overall purpose of the Regulation of Investigatory Powers Act?
Sets out to limit the extent to which public bodies can use technological surveillance.
What powers are granted by the Regulation of Investigatory Powers Act?
- Allows for mass surveillance of communications
- Allows the monitoring of an individual’s internet activities/history
- Allows covert surveillance to be carried out
- Can demand access to protected data
- Can demand that ISPs/businesses give access to customer communications/history
- Can demand that ISPs/businesses install equipment that facilitate surveillance
- Can demand that encryption keys are handed over
- Can keep existence of searches and what found private in court
Who can be given access rights using RIPA?
PUBLIC BODIES
Government
Councils
Environmental Agency
etc…
https://www.gov.uk/government/organisations
What are the main principles of the Data Protection Act?
- Data must be processed fairly/ lawfully
- Data must be relevant / not excessive
- Data must be accurate and up to date
- Data must not be retained for longer than necessary
- Data can only be used for the purpose for which it was collected
- Data must be kept secure
- Data must be processed in accordance with people’s rights
- Data must not be transferred to other countries who do not have equivalent data protection laws
What are the main categories of offence in the Computer Misuse Act?
These are in order of severity:
- Gaining unauthorised access to a computer system
- Gaining unauthorised access and modifying / deleting data
- Gaining unauthorized access with intent to commit a crime
Creating malware would also be prosecuted under this act.
