Page 1

P5 & P6 Maria

Mohamud Ali


Data Protection Act

Freedom of Information Act

Computer Misuse Act

Contents 1

Introduction and Activities


Computer Misuse Act


Freedom of Information Act

4 5

Data Protection Act

Legal issues

Ethical issues

Fair Trade/Charity Ethical Issues


Healthy and Safety


Organisational Policy


Backups and Costs



Introduction In this booklet, I will be discussing the Computer Misuse Act, Freedom of Information Act and Data Protection Act. Also, I will look at ethical issues such as email, whistleblowing and the use of internet while discussing the laws within EE, how they use them and how they use the ethical issues. Within EE, I will look at their security and how they protect various customers data and if they have broken any laws.

Match the law with the correct date – Computer Misuse Act


Freedom of Information Act

1998 1990

Data Protection Act

Word search


E Y B H E P D Q J I G R S N O C V W

T B M H G O W G Q P Y E Y E T H W I S S S S T B D L N U X U S V W H I W ALegal A B R issues S Z C S I W R K P F T V E T I C B G U W W S F A U T A J L O C G QEthical Z M W P issues L N W I O E I U R H F I R I I J J S S RFair T E Trade/Charity S K R O W T E N E H C S V S N S T I N K K Y U N K Z T H U E T V C E P D V G D Z D Y C F I L J X Y X U F L H K T E Q W Q K V H X J N K B I M P U T E R M I S U S E I R B O C K X U A Z M Q D M Z T O S A F E T Y V D O V X O X G O H B Y D






Main Computer Misuse Act 1990 – (Law Definition) The Computer Misuse Act 1990 is an Act of the Parliament of the United Kingdom, introduced partly in response to the decision in R v Gold & Schifreen (1988) 1 AC 1063. Critics of the bill complained that it was introduced hastily and was poorly thought out Intention, they said, was often difficult to prove, and that the bill inadequately differentiated "joyriding" hackers like Gold and Schifreen from serious computer criminals. The Act has nonetheless become a model from which several other countries, including Canada and the Republic of Ireland, have drawn inspiration when subsequently drafting their own information security laws, as it is seen "as a robust and flexible piece of legislation in terms of dealing with cybercrime”. The Computer Misuse Act was introduced in order to stop hackers and computer criminals from committing unlawful acts such as accessing other people’s computer or page without their permission and modifying someone’s computer or page. The rules are as followed* 1. Unauthorised access to computer material, punishable by 6 months' imprisonment or a fine "not exceeding level 5 on the standard scale" (currently £5000); 2. Unauthorised access with intent to commit or facilitate commission of further offences, punishable by 6 months/maximum fine on summary conviction or 5 years/fine on indictment; 3. Unauthorised modification of computer material, subject to the same sentences as section 2 offences. Within EE, the act is followed and abided by so that EE will not access other companies’ computers and pages without permission and will not able to modify pages while protecting themselves as other companies will not be able to do all of this to EE. The company has also included ways in which people will commit a crime through the Computer Misuse Act Law while on their website through their terms and conditions.

*Rules are official and so cannot be altered or worded differently.

Freedom of Information Act 2000 (Law Definition) The Freedom of Information Act 2000 is an Act of Parliament of the Parliament of the United Kingdom that creates a public "right of access" to information held by public authorities. The act creates a general right of access, on request, to information held by public authorities. On receipt of a freedom of information claim a public authority has two corresponding duties. First, a duty to inform a member of the public whether or not it holds the information requested, and second if it does hold that information, to communicate it to the person making that request. The Freedom of Information Act was introduced in order to allow the public the right to access the information held by the public authorities. This will therefore give the right for the public to know what information is being held and kept by public authorities and so the public authorities must inform when asked if they do hold certain information and if they do, it must be shared with the person asking for the information. EE must collect information and store it with the permission of the customers as it will be illegal if information was kept without the consent of the customers. The only times EE don’t have to give out the information is if the information is kept as a security matter or if it is involved with the law enforcements. This will then give EE the right to keep it as it is maybe used for crime related activities and so shouldn’t be shared with the requester.

Information EE collects -

What EE does with your information -

Data Protection Act 1998 – (Law Definition) The Data Protection Act 1998 is a Kingdom Act of Parliament which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK. The Act covers any data about a living and identifiable individual. Anonymised or aggregated data is not regulated by the Act, providing the anonymisation or aggregation has not been done in a reversible way. Individuals can be identified by various means including their name and address, telephone number or email address. The Data Protection Act was introduced in order to protect individuals’ personal data such as first name, surname, address and email address. In order to protect individuals’ personal data, the person receiving the data must not share it or pass it on unless given. The Data Protection Act creates rights for those who have their data stored, and responsibilities for those who store, process or transmit such data. Rules of the Law* The person who has their data processed has the right to: 1. View the data an organisation holds on them. A 'subject access request' can be obtained for a nominal fee. 2. Request that incorrect information be corrected. If the company ignores the request, a court can order the data to be corrected or destroyed, and in some cases compensation can be awarded. 3. Require that data is not used in any way that may potentially cause damage or distress. 4. Require that their data is not used for direct marketing.

EE’s security and protection-of your personal data -

*Rules are official and so cannot be altered or worded differently.

Ethical Issues – There are 3 ethical issues; email, whistleblowing and the use of internet. Email is used by EE in order to send and use emails to customers and their own staff. Through email, EE can share your personal information through emails if you agree to allow them too. Normally, after you agree a purchase or agreement with them over a contract, they’ll ask you to tick a box allowing them to pass on your personal information to third parties. EE will be breaking the law if they didn’t ask for your consent and also, they follow the Data Protection Act, so any customer will be able to find out what personal information EE holds off them. Whistleblowing is when an employee reports suspected wrong doing within a work place. Whistleblowing has not occurred within EE, but has occurred in other countries around the world, which have then been made public. For example, Julian Assange and Edward Snowden have been involved in high profile whistleblowing involving US intelligence and other US authorities. Julian Assange is the founder of WikiLeaks, a website which leaks government and other negative information in order to show the public the truth about certain governments. Edward Snowden is a whistleblower currently living in Asylum in Russia after escaping the US because he released confidential information about the National Security Agency. These two are high profile examples of whistleblowing. If whistleblowing was to occur within a company and so reported to that company, then it wouldn’t be a problem and a crime as you’re disclosing information about the company to the company. The internet is used for many things. Surfing, communicating and sharing. When it comes to everything you do on the internet, there is always a way to keep yourself safe and secure online. When sharing data, you will always have a right to know what the person/company has of you. When communicating, any sort of abuse you may suffer can be dealt with and you are always entitled to opt out of any communication and interaction you come across within the internet.

Health and Safety – EE will always make sure that their workplace and offices are always safe. In order to make sure that this is the case, EE follow the Health and Safety at Work Act so that their company provides and offers the safest working environment and shopping environment for all employees and customers. (Law Definition) The Health and Safety at Work Act is an Act to make further provision for securing the health, safety and welfare of persons at work, for protecting others against risks to health or safety in connection with the activities of persons at work, for controlling the keeping and use and preventing the unlawful acquisition, possession and use of dangerous substances. Safety at Work – There are many ways to keep safe at work. But the most important way is how you sit and use ICT equipment as most EE workers do the job in this fashion.

Sitting at the computer correctly will enable to work properly and more efficiently. Using the computer incorrectly and not sitting up straight can cause eye strain, muscle pains and a huge lack of focus. The law is there so everyone can work efficiently and so there aren’t any injuries during work. EE use these methods in order for employees to be comfortable, healthy and safe during work and so they won’t receive any complaints or issues from their own workers.

Organisational Policy EE have an organisational policy in place in order to outline its mission to manage the environmental effects of its people, activities, and operations and helps to put its environmental commitments into practice. EE policy includes what they do personal data, contracts, complaints and also in work issues such as rules, conducts and policies which everyone will have to follow. The policy is important and a necessity to follow as they’re in place so employees have something to follow and abide by. Without this, there will be chaos and no sense of direction.

EE have many terms and conditions and policies for various things such as agreeing contracts, mobile broadband and promotional offers towards customers. The policies and conditions are there in order to let customers know exactly what they’re agreeing to and what their rights are.

Policies are also there for EE to reach long-term goals. Long-term goals can be achieved if in-work policies and conditions are followed fully by staff and also abide by all rules in order to work to the best of their abilities.

Backups – In order to save key information and data, EE create backups in order to do just that. EE create physical backups such as print outs in order to keep record off what they have and need. This comes in handy as if a piece of information is lost, they have another version. EE also create backups on computers, in order to save and not lose data and information. All emails received and sent are stored by EE, in order to use for a later time or if it may be used for legal reasons in order to assist law enforcements. Losing information can be down to many reasons. It may be deleted by accident by an employee or accessed illegally by a virus or hacker. In order to keep safe, EE normally make sure all computer systems are protected by anti-virus and firewall and are password kept so only employees can access them.

Costs – EE does spend money on plenty of things. But the most important are to protect their company and everything inside it. In order to protect their company while online, they can purchase and keep their anti-virus and firewall up to date, they can secure all computer systems within the company with secure passwords or a program which locks everything. Sometimes EE don’t spend money on just their company. If EE was to break a law to do with the customer, then they may have to pay compensation to a customer for misuse of their data or privacy. They may also have to pay a fine.

Conclusion – In conclusion, EE has proven to be a safe and secure mobile networking company who so far have abided by laws and regulations. They have put in place all terms and conditions everywhere and do always advise you to read them. They also include their policies with everything so customers know what they’re getting into. EE have installed necessary securities and blocks inside their business so information and data is kept safe. They also always ask customers if they’re allowed to share some or all personal data which was given to them. EE back up all their data just in case and they will always allow you to know what data they’re holding off you and for them to send you a copy of it, which they’re able to provide due to backups. EE follow all necessary laws, including the Computer Misuse Act, Freedom of Information Act and Data Protection Act. EE follow the Computer Misuse Act by not accessing other companies’ computers and pages without permission and don’t modify pages which aren’t theirs. EE follow the Freedom of Information Act by not sharing and giving out personal data of customers without their permission. Also EE have to show customers what personal data they keep of them. EE follow the Data Protection Act by protecting customers’ personal data such as first name, surname, address and email address. The company, when receiving the data, must not share it or pass it on unless given permission.

P5 & P6 Maria  
P5 & P6 Maria