• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10
  11. 11
    11
  12. 12
    12
  13. 13
    13
  14. 14
    14
  • Level: GCSE
  • Subject: ICT
  • Word count: 4127

Data Protection Issues – Compliance Within Computing Organisations, The Causes, Effects and Consequences.

Extracts from this document...

Introduction

Project and Professional Studies Unit Data Protection Issues - Compliance Within Computing Organisations, The Causes, Effects and Consequences. Page 1. Introduction to the data protection bill 1998 2 1.1 The Eight Principles of The Data Protection Act 2 i. Fairly and lawfully processed 2 ii. Processed for one or more limited lawful purposes 2 iii. Adequate, relevant and not excessive 2 iv. Accurate and valid and where necessary kept up to date 3 v. Personal data processed for any purpose shall not be kept longer than deemed necessary 3 vi. Processed in accordance with the data subject's rights under this Act 3 vii. Securely protected by appropriate technical and organisational measures 3 viii. Personal data will not be transferred to Countries without adequate protection 3 2. Registration For Data Protection Act 4 3. Exclusions and Exceptions 4 4. Typical Example Of Active Data Protection Environments 5 Employer/Employee Relationships 5. Enforcement Of Data Protection 5 6. Implications For System Designers 6 Protection from potential dangers 7. Implications For Customers 8 The Fear Off Online Transactions 8. Summary 9 APPENDIX THE PROBLEMS WITH DATA PROTECTION AND NEW TECHNOLOGY EXAMPLE 1 - Marks and Spencers deny security threat. 10 EXAMPLE 2 - Halifax Net share dealing system breached. 10 EXAMPLE 3 - Egg admits security breach. 10 EXAMPLE 4 - Powergen's lax security condemned 10 EXAMPLE 5 - Barclays security breach forces online service to close. 11 EXAMPLE 6 - Crackers fell Cabinet Office Web site. 11 Bibliography 12 1. Introduction to the data protection bill 1998 We've probably all heard of it, but just what is it - 'The Data Protection Act'? The much maligned and often misquoted and even misunderstood. Well, naturally it's about data, and according to Websters Online Dictionary - data is: a collection of facts from which conclusions may be drawn, and so we are looking at the aspect of it's protection and it's associated issues. ...read more.

Middle

5. Enforcement Of Data Protection Data controller's in contravention of the Act are served an 'enforcement notice' by the Acts Commissioner or Registrar. This requires him or her to comply with the Principle or Principles in question, and to do either or both of the following- to refrain from processing any personal data, or any personal data of a description specified in the notice, or to refrain from processing them for a purpose so specified or in a manner so specified. At this point the Commissioner shall consider whether the contravention has caused or is likely to cause any person damage or distress. The Commissioner puts in place an agreed time span of data amendment, to be rectified by the controller, unless the severity grants an immediate response within a fixed seven-day period. It is believed that failure to comply will lead to severe financial punishments being levied through magistrates Court fines (up to £2,000 or greater via High Court) or even closure of business organisations by the de-registration notice issued. Research has revealed records of these events as follows: Cases tried under the Data Protection Act 1991/2 1992/3 1993/4 No. of charges under the PDA 27 68 36 For non-registration 26 63 28 Of which acquitted 0 3 0 (source: Bott.) At the same time it would appear that the number of business registrations is not meeting the expected number. The cost of employing full-time data protection officers per business is believed to be the reason behind the apathy shown towards this Act. It is considered by many to be also unworkable due to lack of localised Government funding, resulting in a catch-me-if-you-can scenario. 6. Implications For System Designers Protection from potential dangers The cost of implementing secure methods of protecting data must be taken into account long before the data is actually accumulated. Provisions should therefore be made and contingency plans laid out which stipulate business reactions to impending threats or changes to the storage environment. ...read more.

Conclusion

"There was a breach of IT procedure, caused by human error". The Egg spokeswoman also claimed that future system updates would be completed when the site is not live to protect customers. (Adapted from Wakefield, J) EXAMPLE 4 Powergen's lax security condemned More than 7,000 Powergen customers advised to cancel their credit cards following one of the biggest online security breaches in the UK so far, 7 July 2000. The breach revealed names, addresses and credit card information of customers who have used Powergen's Web site to pay their bills.. The Data Protection Registrar is concerned about the situation. "We would expect any data collector to provide adequate security," says compliance manger Lorraine Godkin. "This is a breach of a principle of the Data Protection act." (Adapted from Knight, W. and Wearden, G) EXAMPLE 5 Barclays security breach forces online service to close. UK bank Barclays was hit by an online security breach Monday morning 31 July 2000, which allowed at least four customers to access the bank details of other Barclays customers. The breach follows the introduction of new security infrastructure designed to strengthen the bank's defences Saturday evening and forced the company to close its online services. According to a Barclays spokeswoman the breach occurred whenever two users attempted to log in at precisely the same moment. Barclays says the glitch did not become apparent during initial testing and was only uncovered when thousands of users tried to use the service simultaneously. (Adapted from Knight, W.3) EXAMPLE 6 Crackers fell Cabinet Office Web site. The Cabinet Office's web site was brought to it's knees on 13 July 2000, as code hackers began defacing the site and forcing its hosting company to take it off line. The spokesman admits that, as a prominent government Internet destination, the Cabinet Office Web site is constantly being targeted by computer attackers. "There have been hacking attacks in the past but we've been able to fend them off," he says. "We obviously take security very seriously and it is constantly under review." (Adapted from Knight, W. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. The social, legal, moral aspects of I.C.T. In this report, I am going to ...

    The use of television and cable is also used through satellite. Now internet can be accessed through phone and via text, images and videos can be sent in seconds. The legal aspect of ICT The increasing use of ICT and its effects many new laws have had to be made.

  2. The following report will compare differences between internal and external information sources relevant to ...

    The data gathered could be used to produce information/reports, which could then be used to forecast future material/labour requirements. The gathering of information within these organisations basically allows them to; * Record - evidence and details, in order to; * Monitor - with a view to improving performance e.g.

  1. 3E-The legislation that protects individuals and groups from the misuse of ICT

    the complete truth; false details should never be given as this creates flaws for organisation who wish to contact an individual or use an individuals information for future reference, also is an illegal act to pursue. The data protection act can be very advantageous to the people living in the Leyton community.

  2. The Data Protection Act 1998 - questions and answers

    Personal data must be accurate and where necessary kept up to date. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. Personal data must be processed in accordance with the rights of data subjects under the 1998 Act.

  1. Data Protection Act

    Schedule 2 of the Act provides conditions for the processing of any personal data relevant for the purposes of the First Principle, whilst Schedule 3 provides conditions for the processing of sensitive data relevant for the purposes of the First Principle over and above those set out in Schedule 2.

  2. Privacy and Data Protection: IT Law

    The Directive aims to harmonise member states' laws, providing for a consistent level of protections for citizens in order to ensure the free flow of personal data within the EU.15 It applies to personal information in electronic as well as in manual files (Art.

  1. Data Protection Act

    If the worker's eyes are damaged then they won't be working at optimum efficiency The data protection act protects my local community a lot. Shops like blockbuster have to collect large amounts of data from all their members. This means that they have to use and protect it properly.

  2. Outline the Data Protection Act and give examples of breaches.

    The longer they hold personal files, the longer they will need to ensure that they are accurate. Also, the longer that information is kept after its needed, the less it becomes relevant. There are no benefits of actually keeping the data for longer than necessary. Data Protection Act Breach 1.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work