Please enable JavaScript.
Coggle requires JavaScript to display documents.
Safety & Security of data (Data protection act (8 principles of data…
Safety & Security of data
Computer misuse act
It was introduced to cover a host of computer crimes that are not covered in the existing laws
Level 1.Unauthorised access to computer material
Lowest level of ofence, this offence is something that many people do in their lives;it could occur at shool or worl
Examples
Someone guessing another user's password and going through their files,changing details or deleting information
Downloading software illegaly
Level 2.Unauthorised access with intent to commit or facilitiate a crime
Very similar to the first offence, this is when someone purposely hacks into someone's account to view information and get data
Example
Fraud
Blackmail
Risk
Maximum 5 years in jail plus a fine
Level 3 . Unauthorised changing or deleting files
This is when someone goes into someone else's account and deletes files in order to cause damage to an indiviual or a company
Example
Intentionally introducing a virus
Risk
5 years in jail plus a fine
Problem with the act
It came into force before the full introduction of the internet and theredfore does not cover all the problems that are now associated with the internet
Data protection act
What is it
An act that allows individuals to have access to information which is held about them on a computer and where approrpriate to have it corrected or deleted
The rights of data subjects
The right to compensation for unauthorised disclosure of data
The right to compensation for innacurate data
The right to compensation for unauthorised access, loss or destruction of data
The right to access the data held about them and to have it rectified or deleted, if inaccurate
When can personal data be processed
The data subject has given their consent
It is legal obligation
It is necessary to protect an individual's vital interest
It is necessary for the administration of justice
Who are the data controllers?
They are those who control the contents and use of a collection of a personal data and lialise with the data subjects
Add data controllers have to register
Their name and address
A descriptio of the data subjects and why data about them is being held
The data being held and how they intend to use it
A description of sources from which the data is obtained
A description of the person whom it is intended to disclose data
Any overseas countries to which data may be transferred to
8 principles of data protection act
4.Data shall be accurate and where necessary up to date
5.Data should not be kept longer than necessary for the registered purpose
6.Data shall be processed in accordance with the rights of the data subject
7.Data shall be held securely
8.Data shall not be transferred to a country or territory outisde of the EU unless there is a adequate data protection legislation in operation
3.Data shall be adequate,relevant and not excessive in relation to the purpose
2.Data shall be obtained only for one of more specific purposes and must not be processed in any other way
1.Data shall be processed fairly and lawfully
Problems with holding data
Everyone has the right to see the data held about them,they can do this by visiting the place,giving proof of identity of writing to the place where the data is held or telephoning and asking to see the data
This could carry an administration fee
If the data is incorecct they can get it changed or claim compensation if the error caused a loss or distress
Data could affect a criminal investifation or the outcome of a court case or even identify another person who has not given consent
Threats to an ICT system
Different type of threats which can be suffered by the ICT system
Paedophiles
Hackers and crackers
VIruses
Blackmailing and stalking
Natural disasters
Internal threats
Hardware failure
Faulty procedures
Poorly trained staff
Use of laptops
Dishonest employees
Protecting from these threats
Biometric methods
FIngerprint recognition
Voice recognition
Face recognition
Iris recognition
Infra-red scans to examine pattern of blood vesels
Backup
Training staff
Installing virus checkers
What is a comptuer crime?
An illegal act commited using a computer
Example
stealing money by hacking into someone's internet banking account
Stealing goods by using stolen credit cards to order goods on the internet
What is malpractice?
Breaking the rules set out by the organisation whose computer you are using - intentionally or accidentally
Examples
An employee who cannot remember their password so they write it on a post-it-note and stick it on their screen so that other employees can see
Sharing a USB stick with another colleague who is allowed to bring it home;they could carry a virus from their home
Copyright,design and patents act
Law deisgned to stop the use of software or hardware without permission of the owner,or without the relevant licence