5.3.2 Computers and the Law
Candidates are expected to:
There are 3 UK acts you need to know about for the
The Data Protection Act:
With the growth of Information and Communication Technology, large databases
are able to hold huge quantities of information and global networks are able to
share and distribute this information around the world in seconds. In order to
control this development and to protect people’s right to privacy, the Data
Protection Act was introduced. The first Act became law in 1984 but was replaced
by the 1998 Act that also incorporates the European Commission Directive.
The 8 basic principals of the Data Protection Act:
|...not be transferred to countries
that do not have suitable data protection laws
||...be processed fairly and
||...be kept secure against loss, damage and
unauthorised and unlawful processing
|...be processed within the rights of data subjects
||The Data Protection Act
||...be obtained for specified and lawful purposes
|...be adequate, relevant and not excessive for the
||...be accurate and up-to-date
||...not be kept longer than necessary
The Act protects personal data about us from being misused. Personal
data is data that can identify you and allow an opinion to be expressed about
you. Data such as your name and address is not considered personal data but your
date of birth and salary would be. Some personal data can be especially
sensitive such as:
- political and religious beliefs
- racial or ethnic origins
- membership of trade unions
- details of sexual life
- physical or mental health
You have the right to see personal information about you and have any errors corrected.
Any person, organisation, company or business that wants to hold personal
information about people must register with the
Office of the Data
There are certain exemptions to the Act and the rules governing the need to
register data. A summary of the main exemptions to the Act include data that is:
- related to national security or associated with crime
- related to salaries and taxation, involved in health, immigration, education and
- required by law and in connection with legal proceedings being disclosed
- held for domestic purposes such as household, personal and family data
Rights of data subjects:
One of the principals states - 'Data should be processed within the rights of data subjects'
In summary, individuals have the right to:
- be given a copy of the data held
- prevent processing of the data if it is likely to cause damage or distress
- prevent the data being used for direct marketing
- prevent automated decisions being made on the basis of data held
- receive compensation for any damage and distress caused by use of the data
- have data corrected, blocked and erased if it is inaccurate
- make a request to the Data Protection Commissioner if they feel the Act
has been contravened.
The Computer Misuse Act - 1990
The established English laws were not designed to deal with Unauthorised
Access To Data (hacking), computer
fraud and computer viruses so a law was introduced in 1990 called 'The Computer
Misuse Act'. This law recognised the importance of the personal data
and other confidential data such as military secrets, scientific and industrial
research, medical information and details of financial accounts that are stored
in computer systems.
Under this law, the following offences could be dealt with:
- Unauthorised access
to computer data - i.e. Hacking.
This covers any unauthorised access to any program or data held in a computer,
even if it is just to look at the information.
The penalty is a maximum fine of £2000 and a six month prison sentence.
- Unauthorised access
to computer systems for the purpose of carrying
out crimes - i.e. spying, blackmail, and fraud.
This covers cases where someone access the system with the
intention of using the information for a criminal purpose -
the penalty is an unlimited fine and a maximum
five-year prison sentence.
changing of computer data - i.e.
deleting or altering files.
This coves cases where the original information is altered in some way, either
by deleting it or altering it in some way.
- Spreading computer
viruses - i.e. unauthorised modification of the contents of a computer,
impairing the operation of any program or reliability of data.
The penalty is an
unlimited fine and a maximum five-year prison sentence.
The Copyright, Designs and Patents Act - 1989
Copying computer software is a criminal offence. The Act covers stealing
software, using illegally copied software and manuals, and running purchased
software on more machines than the license allows.
The legal penalties for breaking the copyright law include unlimited fines
and up to two years in prison.
All the software that you use should be fully licensed. When you purchase
software you usually are licensed to use it on just one computer. It is illegal
to make copies of the software to use on other computers, even if they are your
Click here for details of how software
companies try to prevent illegal copying of their disks.
A website with many of the issues concerned with copyright and the Internet (USA
based) can be found at: