Legislation in Computer Science (AQA GCSE Computer Science)

Revision Note

Test yourself
Robert Hampton

Written by: Robert Hampton

Reviewed by: James Woodhouse

The Data Protection Act (2018)

What is the Data Protection Act?

  • The Data Protection Act (DPA) is a law that protects personal data from being misused

  • Examples of personal data would include

    • Name

    • Address

    • Date of Birth

    • Race

    • Religion

  • Most people that store personal data has to follow the Data Protection Principles although there are a few exemptions:

    • Domestic purposes – if you only use personal data for such things as writing to friends and family or taking pictures for your own enjoyment, you are not subject to the DPA

    • Law enforcement – the Police investigating a crime is not subject to the DPA. E.g. if someone has been suspected of a crime they can't request to see the evidence about them

    • Intelligence services processing – personal data processed by the intelligence services (eg MI5) is not covered by the DPA

The data protection principles 

Principle

How does it affect a company?

Example

1. Personal data must be fairly and lawfully processed

A company has to be clear about what personal data they wish to collect and what they want to use it for. 

A school can request personal data to be able to call guardians in an emergency.

2. Personal data must be collected for specified and lawful purposes

A company cannot use personal data for any purpose other than what they stated originally. They also cannot pass this data on without permission.

A company asks for a phone number to call regarding delivery but then uses it to market new products. 

3. Personal data must be adequate, relevant and not excessive

A company cannot request personal data that they do not need right away.

A bank cannot ask for their customer's previous trips when opening an account.

4. Personal data must be kept accurate and up to date

If a company holds personal data that is wrong or out of date then you have a right to have it corrected or deleted. 

If a bank has a customer's old address then they will not be able to send up to date statements.

5. Personal data will not be kept for longer than is necessary

A company must delete personal data once they no longer have a need for it. 

If a customer closes their account the company must delete their data. 

6. Personal data must be processed in line with people's rights

If requested a company must provide a customer with all the personal data they hold on them. 

A hospital has to give a patient’s full records if requested by the patient. 

Computer Misuse Act (1990)

What is the Computer Misuse Act?

  • The Computer Misuse Act (CMA) concerns the malicious use of computers. The act was originally created to make sure that computer hacking was covered within the law

  • It has been updated regularly to ensure it remains relevant

  • Firewalls can be used to prevent external people accessing the system. They are key in preventing DoS or DDos attacks

Primary offences under the CMA

The Computer Misuse Act has 3 primary offences:

  1. Unauthorised access to computer materials
    E.g. If a student finds out a teacher's password and then accesses their computer and opens their files

  2. Unauthorised access with intent to commit further offences
    E.g. If the student finds out a teacher's password and then accesses their computer with the intent to increase their marks on their last test result

  3. Unauthorised modification of computer files
    E.g. If the student finds out a teacher's password and then accesses their computer and increases their mark on their last test result

The consequences of each offence are worse depending on whether it's offence 1, 2 or 3 with each offence being punishable with time in prison

  • This protects the intellectual property of an individual or a company

  • It makes it illegal to copy, modify or distribute software or other intellectual property without the relevant permission

  • If original work is original, copyright will be automatically applied and will not expire until 25 - 70 years from the death of the creator depending on the type of work

  • If an individual believes that their work has been copied it is their responsibility to take action under the Copyright Designs and Patents Act

  • Many sites online offer free downloads of copyrighted software/videos which prevents the intellectual copyright holder from earning their income on the work they have created

    • E.g. If someone downloaded videos from Netflix and shared them with others, they would be breaching the act

  • The act covers videos and audio where peer-to-peer streaming prevents a copyright owner from receiving an income

Primary breaches:

  • Copying an original work

  • Issuing the copy of the original work to the public

  • Renting/lending the copy of the original work to the public

  • Performing, showing or playing the original work in public

  • Making an adaptation of the original work

Secondary breaches:

  • Importing a copy of original work

  • Possessing or dealing with a copy of the original work

  • Providing means to make copies of the original work

  • Permitting the use of premises for making copies of the original work

  • Provision of props/equipment for a performance of a copy of the original work

Software Licences (Open Source & Proprietary)

What is a software licence?

  • A software licence is a legal agreement that lays out rules for how software can and can't be used

  • There are two main types of software licence, each with very different rules on usage, distribution and support, they are, open source & proprietary

Features of open source & proprietary software

Software Licence

Features

Open source

  • Access to source code to edit/change

  • Usually free

  • May be able to edit and distribute

Proprietary 

  • Costs money

  • Produced by 'professional' companies

  • More regular official updates/support/upgrades/fixes

Advantages & disadvantages of open source & proprietary software

Software Licence

Advantages

Disadvantages

Open source

  • Allows collaboration with other people who may want the same modifications

  • Less buggy versions of the software may appear faster

  • Usually free, good for companies with limited budgets

  • Generally strong social support

  • Relies on support of other users

  • To edit the code, you need expert knowledge

  • May not receive regular updates

  • Could be more open to exploitation through users adding malicious code

Proprietary 

  • Generally free customer support

  • Created to professional standards

  • Always someone to go back to with any problems

  • Cost can be significant

  • Limited expansion, only what is available

  • Relies on one company

  • May not fully meet the need of the user/customer

Worked Example

Highlight one box on each row to identify the legislation that would cover each of the given events [5]

A table with two columns: "Event" and three laws (Data Protection Act 2018, Computer Misuse Act 1990, Copyright Act 1988). Rows list different cybersecurity incidents.

Answer

Table matching events to laws, including The Data Protection Act 2018, Computer Misuse Act 1990, and Copyright, Designs and Patents Act 1988; with green cells indicating relevance.

Last updated:

You've read 0 of your 10 free revision notes

Unlock more, it's free!

Join the 100,000+ Students that ❤️ Save My Exams

the (exam) results speak for themselves:

Did this page help you?

Robert Hampton

Author: Robert Hampton

Expertise: Computer Science Content Creator

Rob has over 16 years' experience teaching Computer Science and ICT at KS3 & GCSE levels. Rob has demonstrated strong leadership as Head of Department since 2012 and previously supported teacher development as a Specialist Leader of Education, empowering departments to excel in Computer Science. Beyond his tech expertise, Robert embraces the virtual world as an avid gamer, conquering digital battlefields when he's not coding.

James Woodhouse

Author: James Woodhouse

Expertise: Computer Science

James graduated from the University of Sunderland with a degree in ICT and Computing education. He has over 14 years of experience both teaching and leading in Computer Science, specialising in teaching GCSE and A-level. James has held various leadership roles, including Head of Computer Science and coordinator positions for Key Stage 3 and Key Stage 4. James has a keen interest in networking security and technologies aimed at preventing security breaches.