Legislation

GDPR (General Data Protection Regulations)

Purpose: Controls the use of personal data

It includes 7 key principles such as:

SLAP MIA

Storage Limitation - personal data must be kept for no longer than necessary

Lawful fair and transparent - processing must be lawful, fair and transparent

Accuracy - personal data must be accurate and kept up to date

Purpose Limitation - purposes of processing must be specified and legitimate

Minimisation of data - personal data must be adequate, relevant and not excessive

Integrity and confidential - personal data must be processed in a secure manner

Accountability - the controller shall be responsible for and be able to demonstrate compliance

Computer Misuse Act 1990

Purpose: It is designed to prevent unauthorised access and cybercrimes

• Unauthorised access

• Unauthorised access with intent to commit further crime

• Unauthorised modification

Copyright, designs and patent act 1988

Purpose: To protect individuals intellectual property

You must have permission to copy or distribute someone else’s work

Copyright is automatic

RIPA (Regulation of investigatory powers)

Purpose: controls how the government and public authorities can conduct surveillance.

Powers given to authorities:

• Intercepts communications

• Using surveillance equipment

• Access communications data

Must have appropriate legal permission (warrant)

Employers can monitor emails and internet if employee give permission

Ethical Moral Issues

• AI

• Automated decision making

• Environmental effects

• Censorship and the internet

• Monitor behaviour

• Analyse personal information

• Piracy