E-Commerce Laws and Legislation - The Data Protection Act
Data Protection Act
The Data Protection Act was implemented to protect the privacy of living individuals who could be identified from the data, or from a combination of data held by the data controller. This also includes any opinions expressed about the individual.
When Collecting data, the data controller must ensure they tell the individual who they are, what the information is going to be used for and ensure that they do not collect more information than is necessary.
The data must be kept securely and not kept for longer than it’s needed. It must also be kept up to date and accurate. Individuals have the right to access their data at any time. Companies may charge a fee for this but they must respond within a set timeframe set out by their particular contract.
The act contains eight “Data Protection Principles”. These specify that personal data must be:
1. Processed fairly and lawfully.
2. Obtained for specified and lawful purposes.
3. Adequate, relevant and not excessive.
4. Accurate and up to date.
5. Not kept any longer than necessary.
6. Processed in accordance with the “data subject’s” (the individual’s) rights.
7. Securely kept.
8. Not transferred to any other country without adequate protection in situ.
This has an impact on businesses because they must ensure anyone involved in collecting or accessing personal data is fully aware of the laws and legislations and they must be monitored to ensure the Act is being followed. If the Data Protection Act is breached in any way the Information Commissioner’s Office has the power to issue fines of up to £500,000 to small businesses. For many start-up companies this would be devastating.
There are certain circumstances where the Data Protection Act does not apply:
A business is only holding information which pertains to the internal workings of the company. Such as payroll, advertising, marketing and other PR related activities.
This is a preview of the whole essay
The organisation is not for profit.
The data is only processed for the purpose of personal, family or household affairs
The data is only used to maintain a public register.
No computers are used to process the data
Copyright Designs and Patents Act
Copyright is an automatic right and comes in to play as soon as works are created.
Protects work such as:
- Programming code
Once they are in a tangible form. For example the idea behind a website would not be subject to copyright and other individuals could produce a website using the same idea as somebody else – but they could not directly copy the content or design of said website.
To protect an idea, a patent must be applied for and granted. To get a patent the idea must be new and involve at least one non-obvious innovative step. The idea must also be useful in some way. Drafting a patent application can be a very complicated process and the laws vary from country to country.
Piracy is illegally copying, distributing or using programs, movies, music, etc you have not paid for.
Piracy has a huge impact on businesses, if potential customers choose to illegally obtain their product rather than purchase it the business is losing money. Piracy has become a huge issue since the internet became available to the public; even more so since broadband became widespread.
Businesses – especially ones involved in a creative industry – must be vigilant about their copyrighted work. Taking individuals or other companies to court over copyright disputes can be a long and costly process. Bigger companies may choose to hire their own legal team but smaller companies can’t always afford to do this – which means if something does get stolen they will have to pay to outsource a lawyer.
The impact piracy has had on society is that it’s become so widespread a lot of people think it is acceptable to copy or download programs, movies, music etc. illegally. ISP’s and law enforcement are cracking down on this behaviour and individuals are being hit with huge fines or having their internet connection limited or even cut off completely if they are repeat offenders.
The data protection act was implemented to protect the data stored on computers, but there was nothing in place to prosecute people who hacked into systems or damaged systems with viruses; this is where the Computer Misuse act comes in.
Hacking – bypassing security systems to access data without permission, regardless of intent
Unauthorised modification of data or programs – Such as through viruses
Computer misuse is an illegal act involving a computer; computer abuse is a legal but unethical use involving a computer.
For example: Computer Misuse
Bypassing the security system for a company’s payroll information and copying the data onto a flash drive
For example: Computer Abuse
Reading the text messages on a friends phone without permission
This affects businesses because they have to ensure that their systems are secure. This requires hiring or outsourcing somebody with specialist skills which can cost a considerable amount of money. If security systems are breached this can have disastrous consequences. If personal details from customers get leaked the company will lose a lot of business due to their reputation being destroyed. Customers will not buy from somebody they do not trust - people need to know that their information is secure.
Customers financial details being leaked can destroy their credit ratings if unscrupulous individuals get their hands on it.
Consumer Credit Act
The Consumer Credit Act protects both customers and businesses. Payments made by credit card up to £25,000 are protected, this is to protect against fraud and to reimburse the customer in cases where the product or service is not received - or is not as described. It also protects businesses because if a customer does not pay they will still receive money from the bank. The bank will then have to chase the customer for the payment instead of the business.
The consumer credit act also guarantees customers a cooling off period in case they change their mind about a product. For mail order this has to be at least 14 days - however companies may set their own terms and conditions for the cooling off period. For example they may require the product to be returned unopened in its original packaging. This does not apply if the product is faulty or not as described - which relates to Trading Standards.
This affects businesses because it costs the company valuable time and money to process returned items. They can also have problems with unscrupulous customers attempting to get a refund or compensation for an item that has nothing wrong with it; or attempting to get a refund when an item has gone past the cooling off period. Many hours can be wasted on problem customers which affects overall productivity.
Freedom of information act
The freedom of information act came into effect in 2005. The act gives the public the right to knowledge and access to any information held about them. Whether this be medical records or a credit history consumers have the right to request any information about themselves from any public entity. Companies are obligated to provide this information on request within a reasonable time frame and are permitted to charge a fee to do this. The fees vary between different companies. The only time information may not be released is when the details held can be used to identify a different person to the one making the request because this would be in breach of the data protection act.
Businesses and government entities must ensure they have appropriate policies in place to deal with requests from the public regarding release of their information. This needs to include how the customer would make such a request - either through the post or via email - technically requests can be made verbally but it is preferable to make the requests in a tangible form should any disputes arise. They also need to make sure their fee's for providing the information are made clear, as well as give a time frame.
This affects business because providing data on request can take up valuable time and resources. If the customer is not happy with the data the company holds on them it can also lead to legal battles and expenditure to hire lawyers.
Here's what a teacher thought of this essay
A very well written piece of work. The writer has clearly done some research and consolidated their findings into succinct sections. There is a lot of information in here that the student can use to revise from and prepare for an exam. the quality of written communication is good, there are a few minor errors. It is a strong four stars. To push it to five stars the writer needs to include the scope of the acts geographically, refer to the dates that they came into being (as they have for the final one) and give some facts and figures to improve the level of detail with some examples.