Please enable JavaScript.
Coggle requires JavaScript to display documents.
Legal - Coggle Diagram
Legal
-
Data protection Act 1998
Principles
Covers the use of personal data.
Everyone responsible for developing systems that store personal data as well as those using and maintaining those systems have to follow strict rules called ‘data protection principles’. Information is:
- used fairly, lawfully, and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant, and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction, or damage
There is stronger legal protection for more sensitive information, such as:
- race
- ethnic background
- political opinions
- religious beliefs
- trade union membership
- genetics
- biometrics (where used for identification)
- health
- sexual orientation
Your rights
You have the right to find out what information the government and other organisations store about you. These include the right to:
- access personal data
- be informed about how your data is being used
- have incorrect data amended
- have data erased
- stop or restrict the processing of your data
- restrict the portability of data, or sharing with third parties
- object to how your data is processed in certain circumstances
You also have rights when an organisation is using your personal data for:
- profiling, for example to predict your behaviour or interests
- automated decision-making processes
Access to data
Personal data is any data which can be used to identify a living person or which can be used in combination with other data to identify a living person.
If you want to see the data that an organisation holds on you, you need to make a written request. If it is a public organisation, write to their data protection officer (DPO). Details should be on the organisation’s privacy notice. If the organisation has no DPO, or you do not know who to write to, address your letter to the company secretary.
Organisation must give you a copy of data they hold about you asap, and within one month at most.
In certain circumstances, organisation can take a further two months to provide data. They must tell you:
- within one month of your request
- why there’s a delay
There are some situations when organisations are allowed to withhold information: if the information is about:
- the prevention, detection, or investigation of a crime
- national security or the armed forces
- the assessment or collection of tax
- judicial or ministerial appointments
An organisation does not have to say why they’re withholding information. Requests for information are usually free. Organisations can charge an administrative cost in some circumstances. For example if:
- you’re asking for a large amount of information
- your request will take a lot of time and effort to process
-
-
Computer Misuse Act 1990
Concerns maliccious use of computers.
The Computer Misuse Act (CMA) became law in the UK in 1990.
Amendments to the Act have strengthened the legislation in an attempt to keep up with cybercriminals. 2015, maximum penalty was raised from 10 years to 14 years for hacking causing serious damage, and to life imprisonment in cases where human welfare or national security is affected.Attempts to break into a computer system are illegal, and the penalty goes up if hacking is accompanied by other offences: fraud/extortion.
Virus writing is illegal.Offences:
- Unauthorised acces to computer materials.
- Unauthorised access with intent to commit further offences.
- Unauthorised modification of computer material.