Louise Halil Legal and ethical issues in relation to the use of business information in my chosen organization. By Louise Halil
Louise Halil Introduction: In this assignment I will be explaining the legal and ethical issues in relation to the use of business information in my chosen organisation. Data Protection Act 1998: Topshop as well as other businesses store and use information about people. The Data protection act protects the information held about people from being misused. Information that Topshop store on databases must be
Obtained fairly and lawfully Accurate and up to date Processed in line with your rights Not kept for longer than necessary Used only for the purpose stated during collection
Under English law it is vital that all businesses that process personal data are registered with the Information Commissioner and comply with the Data Protection Act. If they fail to do so, then the Information Commissioner does have the power and authority to impose fines of up to £500,000 for serious breaches of the DPA. An example of Data protection act breached by topshop was topshop losing a high court battle against the pop star Rihanna in a ruling that cost the chain millions. The American singer, acting under her real name Robyn Rihanna Fenty, sued Topshop's parent company Arcadia for $5m (£3.3m) over the use of her image on a T-shirt last year. Another example in April 2011 Sony has been hit with a £250k fine after the Information Commissioners Office found the Japanese giant guilty of allowing a ‘serious breach’ of the Data Protection Act for failing to use up to date security software on its PlayStation Network. This allowed hackers to break into its online store, exposing a raft of personal information such as names, addresses, dates of birth and credit card information to criminals. http://www.thedrum.com/news/2013/01/24/sony-fined-250k-overserious-data-protection-act-breach Computer Misuse Act: The Computer Misuse Act 1990 (CMA) is an act of the UK Parliament passed in 1990 designed to frame legislation and controls over computer crime and Internet fraud.
unauthorised access to computer material, punishable by 6 months' imprisonment or a fine unauthorised access with intent to commit or facilitate commission of further offences, punishable by 6 months/maximum fine
unauthorised modification of computer material, subject to the same sentences as section 2
An example of a computer misuse act being breached: James Marks and James McCormick breached the UK's Computer Misuse Act when they hacked into Sony Music's servers and stole unreleased music recorded by Michael Jackson. Marks, 27, hacked into Sony's servers from his home computer in Daventry, whilst McCormick, 26, hacked into the company's systems from his home in Blackpool. The men pled guilty to "two counts of unauthorised access to computer material", according to the Crown Prosecution Service. Leicester Crown Court sentenced the men to six months imprisonment, suspended for one year, and ordered them to undertake 100 hours of unpaid work in the community, the Serious Organised Crime Agency (SOCA) said : ‘Under the Computer Misuse Act it is an offence for a person to knowingly cause "a computer to perform any function with intent to secure access to any program or data held in any computer, or to enable any such access to be secured" without authorisation. http://www.out-law.com/en/articles/2013/january/sony-music-hackers-given-suspended-prisonsentence/ Freedom of Information Act 2000 The Freedom of Information Act 2000 is an act of defining the ways in which the public may obtain access to government-held information. The intent is to allow private individuals and corporations reasonable access to information while minimizing the risk of harm to any entity.
The Freedom of Information Act 2000 (FOIA) gives a general right of public access to all types of 'recorded' information held by public authorities, sets out exemptions from that general right, and places a number of obligations on public authorities.
The Ministry of Defence (MoD) has broken freedom of information law by delaying a response on the safety of nuclear weapons, according to a new ruling from the UK information tsar. The Ministry of defence has been abused by the Information Commissioner, Christopher Graham, for taking more than five months to reply to a request for six reports on nuclear weapons safety. Graham has ruled that even in complex cases responses should always be made with 40 working days. The MoD, he said, had breached section 17(3) of the Freedom of Information Act 2000 “by failing to provide the complainant with its public interest determination within such time as is reasonable”.
Louise Halil http://www.robedwards.com/2010/02/mod-in-breach-of-information-law-on-nuclear-weapons.html Ethical issues Ethnical issues are code of practice which exists in organizations to maintain business ethics. A few examples of ethical issues are:
Whistle blowing- this is when a person from an organisation raises a concern about any lies or illegal activity (fraud, theft) that is going on within the organisation they are working in for e.g. The recent case involving Edward Snowden who realized classified material on top-secret NSA programs including PRISM surveillance program. Internet-Organisations supplies the internet and expects it to be used effectively and only for work use, on the other hand in some cases employees fail to do that. e.g. in the BBC case when an employee used the internet for unnecessary use, he was caught on camera and immediately fired. Use of email- The use of email shows a typical example of a company’s code of practice. There are certain regulations that each employee must adhere too. Email in a work place should be used for work purposes only and not personal use such as social network sites. Also email should not be used to communicate through large documents which are sent on to large numbers of people.
Organisational policies and code of practice Organisational policies are rules that are made by the head of the organisation and should be followed and understood by all the employees that are part of the organisation, additionally a code of practice is a set of guidelines and regulations to be followed by each person who plays a role in a specific organisation. When Topshop are in the process of hiring staff, whether it’s one member or ten it is critical that the employee explains topshops policies and code of conduct. Once the employees have understood the terms of topshops policies and code of practice and agree to understanding these terms, the soon to be employees sign a documentation to show that they agree and understand. Topshop supply the internet for members of staff to communicate by email for members of staff to communicate concerning shifts and general employee queries, the employees can also use the internet to search which items are in stock quickly giving better customer service. When any of the above terms and conditions are breached within Topshop for example whistle blowing, use of email or the internet being misused the key employers, for instance chief executives and managers within Topshop will immediately take action and investigate into the matter. Employees who are seen as responsible for the incident could be suspended from work or at the harshest circumstance
Louise Halil fired from Topshop. The Topshop website shows that only certain information of the customers is shared with others, for example credit card processing, shipping name and address verification. Topshop states â€˜ However, we will not pass your information on to any other Arcadia Group companies or other third parties for marketing purposes unless you have agreed for us to do so.â€™ This reinforces the data protection act. Lastly in this assignment I have come to the conclusion that in any organisation as well as Topshop, legal acts, ethical issues and codes of practice are very vital and take a big role in an organisation for e.g. they can keep the organization from deteriorating, furthermore every organisation needs to follow these legal acts, ethical issues and the code of practice procedures as if they donâ€™t then it could cost them their organisation and the safety of others in a workplace.