• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10
  11. 11
    11
  12. 12
    12
  13. 13
    13
  14. 14
    14
  • Level: GCSE
  • Subject: ICT
  • Word count: 4127

Data Protection Issues – Compliance Within Computing Organisations, The Causes, Effects and Consequences.

Extracts from this document...

Introduction

Project and Professional Studies Unit Data Protection Issues - Compliance Within Computing Organisations, The Causes, Effects and Consequences. Page 1. Introduction to the data protection bill 1998 2 1.1 The Eight Principles of The Data Protection Act 2 i. Fairly and lawfully processed 2 ii. Processed for one or more limited lawful purposes 2 iii. Adequate, relevant and not excessive 2 iv. Accurate and valid and where necessary kept up to date 3 v. Personal data processed for any purpose shall not be kept longer than deemed necessary 3 vi. Processed in accordance with the data subject's rights under this Act 3 vii. Securely protected by appropriate technical and organisational measures 3 viii. Personal data will not be transferred to Countries without adequate protection 3 2. Registration For Data Protection Act 4 3. Exclusions and Exceptions 4 4. Typical Example Of Active Data Protection Environments 5 Employer/Employee Relationships 5. Enforcement Of Data Protection 5 6. Implications For System Designers 6 Protection from potential dangers 7. Implications For Customers 8 The Fear Off Online Transactions 8. Summary 9 APPENDIX THE PROBLEMS WITH DATA PROTECTION AND NEW TECHNOLOGY EXAMPLE 1 - Marks and Spencers deny security threat. 10 EXAMPLE 2 - Halifax Net share dealing system breached. 10 EXAMPLE 3 - Egg admits security breach. 10 EXAMPLE 4 - Powergen's lax security condemned 10 EXAMPLE 5 - Barclays security breach forces online service to close. 11 EXAMPLE 6 - Crackers fell Cabinet Office Web site. 11 Bibliography 12 1. Introduction to the data protection bill 1998 We've probably all heard of it, but just what is it - 'The Data Protection Act'? The much maligned and often misquoted and even misunderstood. Well, naturally it's about data, and according to Websters Online Dictionary - data is: a collection of facts from which conclusions may be drawn, and so we are looking at the aspect of it's protection and it's associated issues. ...read more.

Middle

5. Enforcement Of Data Protection Data controller's in contravention of the Act are served an 'enforcement notice' by the Acts Commissioner or Registrar. This requires him or her to comply with the Principle or Principles in question, and to do either or both of the following- to refrain from processing any personal data, or any personal data of a description specified in the notice, or to refrain from processing them for a purpose so specified or in a manner so specified. At this point the Commissioner shall consider whether the contravention has caused or is likely to cause any person damage or distress. The Commissioner puts in place an agreed time span of data amendment, to be rectified by the controller, unless the severity grants an immediate response within a fixed seven-day period. It is believed that failure to comply will lead to severe financial punishments being levied through magistrates Court fines (up to £2,000 or greater via High Court) or even closure of business organisations by the de-registration notice issued. Research has revealed records of these events as follows: Cases tried under the Data Protection Act 1991/2 1992/3 1993/4 No. of charges under the PDA 27 68 36 For non-registration 26 63 28 Of which acquitted 0 3 0 (source: Bott.) At the same time it would appear that the number of business registrations is not meeting the expected number. The cost of employing full-time data protection officers per business is believed to be the reason behind the apathy shown towards this Act. It is considered by many to be also unworkable due to lack of localised Government funding, resulting in a catch-me-if-you-can scenario. 6. Implications For System Designers Protection from potential dangers The cost of implementing secure methods of protecting data must be taken into account long before the data is actually accumulated. Provisions should therefore be made and contingency plans laid out which stipulate business reactions to impending threats or changes to the storage environment. ...read more.

Conclusion

"There was a breach of IT procedure, caused by human error". The Egg spokeswoman also claimed that future system updates would be completed when the site is not live to protect customers. (Adapted from Wakefield, J) EXAMPLE 4 Powergen's lax security condemned More than 7,000 Powergen customers advised to cancel their credit cards following one of the biggest online security breaches in the UK so far, 7 July 2000. The breach revealed names, addresses and credit card information of customers who have used Powergen's Web site to pay their bills.. The Data Protection Registrar is concerned about the situation. "We would expect any data collector to provide adequate security," says compliance manger Lorraine Godkin. "This is a breach of a principle of the Data Protection act." (Adapted from Knight, W. and Wearden, G) EXAMPLE 5 Barclays security breach forces online service to close. UK bank Barclays was hit by an online security breach Monday morning 31 July 2000, which allowed at least four customers to access the bank details of other Barclays customers. The breach follows the introduction of new security infrastructure designed to strengthen the bank's defences Saturday evening and forced the company to close its online services. According to a Barclays spokeswoman the breach occurred whenever two users attempted to log in at precisely the same moment. Barclays says the glitch did not become apparent during initial testing and was only uncovered when thousands of users tried to use the service simultaneously. (Adapted from Knight, W.3) EXAMPLE 6 Crackers fell Cabinet Office Web site. The Cabinet Office's web site was brought to it's knees on 13 July 2000, as code hackers began defacing the site and forcing its hosting company to take it off line. The spokesman admits that, as a prominent government Internet destination, the Cabinet Office Web site is constantly being targeted by computer attackers. "There have been hacking attacks in the past but we've been able to fend them off," he says. "We obviously take security very seriously and it is constantly under review." (Adapted from Knight, W. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our GCSE Legislation & The Legal Framework section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related GCSE Legislation & The Legal Framework essays

  1. Peer reviewed

    The Main Features and Difficulties Regarding the Regulation of E-Commerce

    4 star(s)

    Thus the client must be assured that he can rely on this CA, and that in case of any fraud this CA will cover damages. Recently, digital signatures became one of the main areas of e-commerce. Therefore, legislation regulating the use of this technology has been enacted on a state by state basis.

  2. The social, legal, moral aspects of I.C.T. In this report, I am going to ...

    The use of television and cable is also used through satellite. Now internet can be accessed through phone and via text, images and videos can be sent in seconds. The legal aspect of ICT The increasing use of ICT and its effects many new laws have had to be made.

  1. The following report will compare differences between internal and external information sources relevant to ...

    The data gathered could be used to produce information/reports, which could then be used to forecast future material/labour requirements. The gathering of information within these organisations basically allows them to; * Record - evidence and details, in order to; * Monitor - with a view to improving performance e.g.

  2. 3E-The legislation that protects individuals and groups from the misuse of ICT

    This is significantly because the law keeps information secure, which precludes other people from gaining access to the data. Also, The Data Protection Act allows people of the Leyton community to take action upon any organisation that misuses the data.

  1. The Data Protection Act 1998 - questions and answers

    employees, what type of information is held, where you intend to get the information from and who you intend to disclose it to. How much does it cost? Registration under the 1984 Act costs £75 for three years. This may change under the 1998 Act as notification is likely to

  2. Privacy and Data Protection: IT Law

    2 c) It does not apply to the processing of personal data by a natural person in the course of a purely personal or household activity (Art. 3) or in the course of an activity falling outside the scope of Community law, such as operations concerning public security, defence or

  1. Data Protection Act

    and cover also transfer the data to other countries that can only be transferred outside the UK to countries which have similar protections for individuals. The Data Protection legislation is concerned with the privacy, accuracy and misuse of information held on outsiders and members of an organisation.

  2. Outline the Data Protection Act and give examples of breaches.

    For example, in a school, if they need to contact a parent in an emergency, but do not have the correct telephone number this could result in distress for both parent and child. 1. Not be kept longer than necessary - When any personal data has served its purpose, it must be disposed of appropriately.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work