Legislatio

n in
ICT
 Data Protection Act
(1998)
• What is the Data Protection Act
(1998) and why was it created?
• What are the eight principles of the
Data Protection Act?
• Data Protection Act: What rights do we
have?
• What is an Information Commissioner,
Data Controller and Data Subject?
• Are there any exemptions to the Data
Protection Act?
 Data Protection Act
(1998)
What is it and why was it created?
The Data Protection Act was developed to
give protection and lay down the rules
about how personal data can be used.
It was created to protect individuals
from misuse of this data. It governs the
collection and processing of data by
organisations and the individual rights to
access the data if they wish.
 Data Protection Act
(1998)
What are the eight principles of it?
1. Data must be kept secure;
2. Data stored must be relevant;
3. Data stored must be kept no longer than necessary;
4. Data stored must be kept accurate and up-to-date;

5. Data must be obtained and processed lawfully;

6. Data must be processed within the data subject rights;
7. Data must be obtained and specified for lawful
purposes;
8. Data must not be transferred to countries without
adequate data protection laws.
 Data Protection Act
What rights do(1998)
we have as data
subjects?
• To be supplied with the data held
about us;
• To change incorrect data;
• To prevent data being used about us if
it will cause distress;
• To stop data being used in attempts to
sell us something;
• To use the law to gain compensation.
 Data Protection Act
(1998)
What is an Information Commissioner, Data
Controller and Data Subject?

Information Commissioner: Person

who has the power to enforce the Act.

Data Controller: Person or Company

that collects and keeps data about
people.

Data Subject: Person who has data

about them stored outside their direct
 Data Protection Act
(1998)
Are there any exemptions to the Data Protection Act

• Any data held for National Security

reasons e.g. MI5
• Police can access personal information
in order to solve crimes.
• The taxman can access personal
information to ensure people pay their
tax!
• Any data held for domestic purposes
at home e.g. birthday lists, address
books.
 Computer Misuse Act
(1990)
• What is the Computer Misuse Act
(1990) and why was it created?
• What are the three principles of the
Computer Misuse Act?
 Computer Misuse Act
(1990)
What is it and why was it created?

The Computer Misuse Act (1990) was

developed to cope with the problems of
computer hackers and viruses.

Hacker: Virus: A virus is a

Unauthorised user program written to
who attempts to or cause mischief or
gains access to an damage to a
information system computer system.
 Computer Misuse Act
(1990)
What are the three principles of the Act?

• It is illegal to access unauthorised data

e.g. Hacking.
• It is illegal to access unauthorised data
and intend to do it again e.g. Blackmail
and fraud purposes.
• It is illegal to access unauthorised data
and amend it e.g. Planting Viruses and
deleting files.
 Copyright, Design and
Patents Act (1988)
• Introduced to protect people who have
created original pieces of work.
• Books, Music, Films, Games,
Applications.
• 2 main purposes of the Act:
• To ensure people are rewarded for
their endeavours.
• To give protection to the copyright
holder if someone tries to steal their
 Copyright, Design and
Patents Act (1988)
• The Act protects a wide range of work…
written and computer based.
• Includes:
• Copying Software;
• Copying or Downloading music;
• Copying images or photographs from
the Web;
• Copying text from web pages.