Issuu on Google+


P5&P6 I will be discussing the legal and ethical issues in relation to the use of nationwide. The legal issues I will talk about are the computer misuse act 1990,the freedom of information act 2000 and data protection act 1998. The ethical issues I will talk about are the use of email, whistleblowing and use of the internet. The legal issues: The Computer Misuse Act 1990 : is an Act of the Parliament of the United Kingdom, introduced partly in response to the decision in R v Gold & Schifrin (1988) 1 AC 1063 (see below). Critics of the bill complained that it was introduced hastily and was poorly thought out Intention, they said, was often difficult to prove, and that the bill inadequately differentiated "joyriding" hackers like Gold and Schifrin from serious computer criminals. The Act has nonetheless become a model from which several other countries, including Canada and the Republic of Ireland, have drawn inspiration when subsequently drafting their own information security laws, as it is seen "as a robust and flexible piece of legislation in terms of dealing with cybercrime. There was a serious case of customer misuse at nationwide when the insurance computers were hacked. The attack occurred on Oct. 3. Nationwide said it took steps at the time to secure its network and has been working with law enforcement to investigate. It also has hired experts to analyse the data and the computer network. More than 1million people were affected.

The Freedom of Information Act 2000 (c.36) is an Act of Parliament of the Parliament of the United Kingdom that creates a public "right of access" to information held by public authorities. It is the implementation of freedom of information legislation in the United Kingdom on a national level. The Act implements a manifesto commitment of the Labour Party in the 1997 general election, developed by Dr David Clark as a 1997 White Paper. The


final version of the Act is believed [by whom?] to have been diluted from that proposed while Labour was in opposition. The full provisions of the act came into force on 1 January 2005. There was an example of this act taken into consideration for nationwide as they changed an number of fees on mortgages and this caused there to be a rise in interest for customers. One customer wrote to nationwide and requested: Copies of all documents they hold (including letters, emails and minutes) which record communication with Nationwide on the issue of these changes to their mortgage charges; and Any internal authorization or discussion papers on the issue of these changes to Nationwide's mortgage charges. The customer then had to pay a fee just to have this information sent to him.

The Data Protection Act controls how your personal information is used by organizations, businesses or the government. Everyone who is responsible for using data has to follow strict rules called ‘data protection principles’. They must make sure the information is: • used fairly and lawfully • used for limited, specifically stated purposes • used in a way that is adequate, relevant and not excessive • accurate • kept for no longer than is absolutely necessary • handled according to people’s data protection rights • kept safe and secure • not transferred outside the UK without adequate protection There is stronger legal protection for more sensitive information, such as: • ethnic background • political opinions • religious beliefs • health • sexual health • criminal records nationwide had breached the data protection act in 2007 along with many other banks. They disregarded their customers information which was to be kept confidential. These files then got out and customers privacy had been taken away from them . this is all due to the fact that an employee took a laptop home where it was later stolen. Nationwide then refused to give names as to who’s accounts and information had been looked at. This


caused a lot of outrage and customers wanted to use the data protection act to find out what they needed to know about their personal details and if they had been accessed by somebody else. However customers were told that they couldn’t use the data protection act as a way to find out what happened. Assistant Commissioner Phil Jones said : ‘The obligation is to tell you what information they hold, "but you and I don't have rights to

require someone to tell us what data is held in what particular kit in what particular place. nationwide doesn’t have their data protection act on their website so customers are not able to see it. However they do keep a lot of personal information because they are a building society. They use the dat protection when it comes to dealing with customers and accounts, this includes it being kept safe and secure.

Ethical issues: Nationwide doesn’t sponsor any fair trade or a charity. Ethical issues regarding emails means that the emails sent in and out of the company have to be appropriate and adhere to the business. Many companies have a code of practice on the correct use of email. The employees will not be able to use email to do things such as distribute committee papers, for confidential use or as a substitute for face to face communication with colleague’s. When it comes to use of email nationwide have the same thing they have with the use of internet, they have technicians monitoring it and if anything unusual comes up the technicians then flag it to the managers, however there are some other precautions like the private email that is set up between employees and customers so it is highly confidential.


Whistle blowing: Whistle blowing in a business is when an employee will have a concern about what the business is practicing. They will raise this concern to either management or an outside organisation such as the newspapers. This can have anything to do with fraud, crime or anything that could impact on customers, colleagues, shareholders or the organisations reputation. They can receive legal protection which is known as the public interest disclosure act.

Use of the internet: Companies also have policies on the use of internet and what employees can and cannot use it for. There are even codes of practice which run selling on the internet which businesses will adhere to. Nationwide has a block on their internet which prevents employees looking at inappropriate or things unrelated to the organisation. When you go into the bank and you get served at the cashier desk the computers there are monitored so employees are not giving out information on networking sites.


Health and safety: The Health and Safety at Work etc. Act 1974 is an Act of the Parliament of the United Kingdom that as of 2011 defines the fundamental structure and authority for the encouragement, regulation and enforcement of workplace health, safety and welfare within the United Kingdom. The health and

safety of staff is very important in a bank the reason for this is because they can serve customers who might get angry when refused a loan etc. many office based jobs need employers to spend a substantial amount of time sat at their desk. This can cause things such as bad posture, back aches etc. this is why nationwide provide their staff with comfortable chairs and breaks every hour.

Organisational policies: Organisational policies that relate to the use of business information can help make sure decisions affecting staff are: -understandable -meet legal requirements -take full account of their impact These policies are set in place to make sure that the staff has guidance and complies with the legislation. For example the data protection act.


Bibliography: http://www.themortgageworks.co.uk/includes/pdf/DB1_v2.pdf

http://www.programbusiness.com/News/More-than-One-Million-Exposed-in-ComputerHacking-of-Nationwide https://www.gov.uk/data-protection

https://www.whatdotheyknow.com/request/correspondence_on_changes_to_nat http://en.wikipedia.org/wiki/Freedom_of_Information_Act_2000 http://news.bbc.co.uk/1/hi/programmes/moneybox/6371089.stm http://en.wikipedia.org/wiki/Computer_Misuse_Act_1990


P5&p6 completed