Programming Techniques

LEGISLATION

A Level Computer Science

Computer Misuse Act

CMA

The computer misuse act came into effect in 1990. It was designed to restrict unauthorised and malicious use of computer systems. The act makes it illegal to carry out any of the following:

  1. Unauthorised access to computer material
  2. Unauthorised access with intent to commit or facilitate a crime
  3. Unauthorised modification of computer material
  4. Making, supplying or obtaining anything which can be used in computer misuse offences

The act works in tiers, so each act has more severe consequences than the last. For example,
unauthorised modification of material has worse consequences than basic unauthorised access to data.
Before 1990, there was no protection against data theft or modification, meaning there was nothing that could be done
to punish cyber criminals. This act helped to fight it by giving the means to prosecute those who comitted such acts.

Click the image above to learn more.

Data Protection Act

The data protection act was established in 1998. The eight principles are as follows:

  • Personal data should be obtained and processed fairly amnd lawfully
  • Personal data can be held only for specified and lawful purposes
  • Personal data should be adequate, relevant and not excessive for the required purpose
  • Personal data should be accurate and kept up-to-date
  • Personal data should not be kept for longer than is necessary
  • Data must be processed in accordance with the rights of the data subject
  • Appropriate security measures must be taken against unauthorised access
  • Personal data cannot be transferred to countries outside the E. U. unless the country has similar legislation to the D.P.A.
The data protection act is designed to do as it states, ensure the safety of personal data. Each principle aims to keep secure data deemed personal.
This includes racial or ethnic origin, political opinions and religious beliefs, among the obvious such as name and address. In some cases, collection
of such material may be required, for example, a Catholic school who only employs Catholics, might wish to know the religious beliefs of new teachers, while
The police force will need to know if new recruits have any previous criminal convictions.

RIPA

The Regulation of Investigatory Powers Act was passed in 2000.

The main purpose of this act is to provide restraints for security services and the police when investigating and surveying digital data and communications of individuals. The act also makes it a crime for anyone unauthorised by the act to carry out surveilance and monitoring of communicatons. The European Court of Human Rights stated that UK surveillance laws were unclear and that there was nothing in place to prevent abuses of power by organisations regarding the interception of electronic communications. It was decided that UK surveillance laws and practice must be tighter in order to protect the individual's rights to privacy. As a result, the act was passed.

The idea behind allowing these organisations to intercept and monitor comunications is to achieve the following:

  • Prevent or detect crimes
  • Prevent public disorder from occurring
  • To ensure national security and the safety of the general public
  • To investigate or detect any abnormal or illegal use of telecommunication systems.

James McNicholas 2017