Computer science Unit 09 - Ethical, moral and cultural issue

Computing related legislation

The data protection act 1998

Overview

The regulation law in the EU is known as the General Data Protection Regulation act, this law is helping to ensure the protection of data and privacy for citizens. In the UK this law currently works concurrently with the Data Protection Act. However due to the UK’s exit from the EU there could be changes to the law.

Enforcement

The UK has an Information Commissioner, they are an independent authority which upholds the information rights in public interest.

If you think your information is being mistreated then contact the company or the Information commissioner. The Information Commissioner is also available for council providing advice.

British airways was found to have been contravening the law in 2019, in this case the data of customers was found to be held without the adequate security, resulting in a £183 million fine. The lack of security was brought to light by an external hack, where a third party managed to gain access to the customers data.

To prevent the hushing up of hacking exploits the ICO requires that if a data breach that compromises personal data occurs then they should be notified.

Principles

When designing a system that will be handling the data of any users it has to be in accordance with the data protection act. To do this the system must handle information in a way so that it is:

• used fairly, lawfully and transparently
• used only for the purposes specified
• kept for no longer than necessary
• kept up to date and accurate
• handled is a way that ensures appropriate security which includes protection against unlawful or unauthorised processing, access, loss, destruction, or damage

More sensitive data had stronger legal protection. However separate safeguards are used for personal data that relates to criminal convictions and offences

Access to data

The information that an organization holds about you if free for you to see at any time. To see the data you have to send in a written request to their data protection officer, if they don’t have one send it to the secretary. The organization has to get back to you within one month with either the data you requested or a notice that their is a delay and the reason for it. If a request for information is especially complex or large, a delay in supplying it is allowed otherwise the organization must supply the information within one month.

Information requests can be denied if the information is about:

• the prevention, detection or investigation of a crime
• national security or the armed forces
• the assessment or collection of tax
• judicial or ministerial appointments
• \

When withholding information an organization does not have to state why they are . Requests for information are free unless you are asking for a large amount of information or if the request will take a long time to complete

The Computer Misuse Act 1990

Overview

This was put in place to prevent people from using a computer device to change personal or program data without the proper permission.

The Computer Misuse Act has undergone many revisions in attempts to keep up with new cybercriminals. such as in 2015 the maximum penalty for an offence was increased from 10 to 14 years for causing serious damage, and anything that affected national security or human welfare was increases to life.

Common Offences

1. Unauthorised access to a computer
2. Unauthorised access to a computer to facilitate another offence
3. Unauthorised acts that impair or could impair the operation of a computer
4. Making or supplying tools that can be used in computer misuse
5. Unauthorised acts causing, or creating a risk, of serious damage

Enforcement

For each offence there are varying punishments, for the most common ones these are.

1. Two-year prison sentence and a £5000 fine
2. Ten-year prison sentence and an unlimited fine
3. Ten-year prison sentence and an unlimited fine
4. Two-year prison sentence (unless another section is breached)
5. Fourteen-year prison sentence, unless national security is breached then life.

Even if you fail to break into a computer it is still illegal to try, as well as making viruses, even if you are not the one who releases it the act of making it is illegal.

The Copyright, Designs and Patents Act 1988

Overview

The Copyright, Designs and Patents Act gives a creator the ability to control their own work. This applies to items in the digital space, such as music, movies or art. This act protects a work for 70 years after the death of the creator, however items such as a broadcast or computer-generated work are only protected for 50 years.

Patents

Unlike copyright, which protects the original work, a patent will protect the idea behind a work, within reason. Patents also don’t have a time limit and will only expire once the owner stops renewing their registration or if the product falls out of active use.

Software licences

When a pieces of software is bought or downloaded, you don’t ever own the software. Instead the you have access to the software in accordance to its software licence. Software that doesn’t place any restrictions on its users are known as free software. Open-source software allows users similar freedoms that free ware does, however it removes some, for example a piece of open-source software may prevent a user from re-distributing it.

If a software is not free is known as being Proprietary. This licence will often not allow a users to look at its source-code let alone make modifications. Other restrictions are:

• Limiting the number of computers that can used on with one purchase
• Specifying types of usage. E.g. Commercial, educational or non-profit.
• Not allowing users to study the source code.

An important distinction is that free software is not software that has no fee to download. To avoid confusion, software that has no fee is known as Freeware.

Creative commons

Due to the connectivity provided by the internet. It has become easier than ever to accidently copy someone else's work without realising there is a licence. This has lead to a very large misconception that all images on the internet are free for people to use. This is not the case.