The Legislation that protects individuals and groups from the misuse of ICT

If St. Richard’s Hospital or Dr. Kumar fails to comply with any of the policies mentioned in the Data Protection Act, the data subjects can ask the Data Commissioner to intervene or they can sue the hospital.

Computer Misuse Act (1990)

The Computer Misuse Act is a law which was introduced in 1990, to prevent unauthorised access to individuals’ personal computers and to network in an organization.

There are three main offenses in the act:

• getting unauthorized access to computer material
• accessing the computer material with intent to commit or facilitate committing another offence
• modifying the computer data without permission

The Computer Misuse Act was introduced as a follow-up for a case called “R vs. Gold” in 1988, where two men called Robert Schifreen and Stephen Gold gained unauthorised access to BT’s service information in 1984 and in early 1985, even gaining access to Price Phillip’s personal message box. A computer technician set some traps on the system, and Schifreen and Gold were soon caught and arrested.

Because of hacking incidents such as the one above, security measures had to be brought in to protect the individuals and organizations that use the internet.

Firewall

Firewall is a software or hardware that permits or denies access to another network or a personal computer. Firewall first emerged in the 1980’s when the internet was fairly new and there were many cases of security breaches, even in NASA.

Firewall protects the individuals or businesses as it filters the data coming and going to the computer. If the data that is trying to enter is suspicious, the firewall blocks it and asks the user if they want to allow that data to enter.

As well as people getting access to personal data by brute-force hacking, there are many different ways to get access to other’s data.

Malware

Virus

A computer virus is a program that can copy itself and infect a computer without the prior knowledge of the user. A virus can only spread when it is sent to another host (e.g. when the file with the virus is sent to another computer, especially when it is transferred on a removable storage device). The tern “virus” comes from the biology as a computer virus reproduces by making copies of itself in the computer's memory, storage, or over a network, like a biological virus.

Unlike biological viruses, computer viruses did not evolve by themselves. They are created deliberately by programmers and they can only do what the programmers have programmed them to do. There are many reasons for creating and spreading viruses. Viruses have been created for research projects, pranks, vandalism, to distribute political messages, and for financial gain from identity theft. For most viruses, their main objective is to damage programs, destroy documents or reformate hard drive.

Worm

A computer worm is self-replicating program that sends copies itself via network without the users’ permission. Some worms are dangerous and can delete files, encrypt files, send e-mails and make backdoors to allow hackers to enter through.

Trojan horse

Unlike a virus, Trojan horse is a program that actually contains or installs a malicious program, while disguising itself of being something else (e.g. a program claiming to a screensaver would create a backdoor to allow remote access to the user’s computer remotely when run). Most Trojan horse programs would:

• Erase data
• Encrypt files
• Upload or download files
• Spread other malware such as viruses or worms
• Log keystrokes to steal information such as credit card details

Antivirus software

Antivirus software is a programme that attempts to identify, prevent and eliminate malware that tries to infect a computer.

This does by two methods:

• Scanning files to find malware that match the virus library
• Identifying suspicious behaviour from any programmes which might indicate a possible infection.

If a piece of code that matches any definitions in the virus library, the software can one of these following actions after informing the user:

• Try to repair the file by removing the malware
• Quarantine the file so the virus cannot spread
• Delete the infected file

In Report 3D, I talked about the impact of ICT in my local community. There, I explored how Internet cafes help and fulfil some needs of my area. As well as the internet cafes bringing in so many advantages to the local community, there are also some downsides to it. There are many different was to break the Computer Misuse Act of 1990. The owner(s) or the administrator(s) of the cyber cafes can install silent programmes such as keyloggers to store the keys that were pressed by the users of the cafe, so they can gain access to bank accounts, paypal accounts, e-mail, etc to transfer money to their own bank accounts without permission. People who are hackers would use the internet cafes’ facilities to hack other’s e-mail account, bank accounts, organizations’ servers, etc. They can also release viruses, worms, and other malware into the internet, but they will not be detected and tracked down as they computers in the cyber cafes are used my many different people. Even if the authorities track down the cyber cafe as the source of the virus, hack, etc., the individual who did it would not be found out, especially if they only came one to the cyber cafe to release the virus, attempt the hack, etc. As for the hackers who hack from their homes, they are always one step ahead of the authorities and internet security software, so they are extremely difficult to find.

Health and Safety at Work Act

Health and Safety at Work Act gives the employers have a duty to look after the health and safety of their employees the responsibility to assess the risks of their employees getting injured or ill due to their working conditions and to avoid it happening.

Most of the problems in organizations with computer users are caused by the fact that people are sitting in the same position doing repetitive tasks.

• Sitting at the wrong height and in the same position for long periods of time is the most common cause of back pain.

• Using the keyboard and fingers and repeatedly making the same small movement over and over again can cause carpal tunnel syndrome and other forms of RSI – repetitive strain injury.

• Glare or reflections from windows or lights and a dirty screen are the most common cause of eyestrain and headaches.

The employers have an obligation to look at: the workstation as a whole, including equipment, furniture, and the working environment; the job being done; any special needs of individual staff.  They have to assess the risks and do as much as they can to reduce them. They must also tell the employees to have regular breaks and regular eye checks as well as giving them appropriate training to minimize the risk of injury.

In report 3C, I explored how a disabled person, Dr Annalu Waller, who is a teacher at Brunel University. The Health and Safety at Work Act relates to her very much as she needs special health and safety attention. The employer(s) have an obligation to look after the health and safety of their employees, and give special notice to people like Dr. Waller. This would affect

Dr. Waller very much as she uses ICT often for her professional and personal needs. Her supervisor has to make sure that Dr. Annalu takes regular breaks if she is using her computer constantly; repair or replace any faulty equipments and furniture; and tell Dr. Annalu to regular eye checks from an approved optician, mainly as her eyesight is already poor. If these conditions aren’t met by the university and Dr. Annalu suffers any health damage, she can sue the university.

Copyright, Designs and Patents Act 1988/1989

Copyright is a set of rules that regulates the use of a particular idea or information. This can include for wide range of works such as poems, movies, software, audio recordings, or paintings. These rights give the owner of the work:

• to make copies of the work and sell those copies
• to import or export the work
• to create works that adapts the original work
• to perform or display their work publicly
• to sell or assign these rights to others
• to transmit or display the work by digital audio transmission

In Report 3A, I explored what and how I use ICT technology meets my needs and how they meet them. In the report, I mentioned that I download MP3s from the internet to store and play back later. If I download the MP3s from and illegal website which allows me to download the files without paying for them, I can be prosecuted under the Copyrights, Designs and Patents Act. I can also be sued if I distribute the downloaded content to others saying that it is my own work. Even if copy someone’s homework or coursework (especially from the internet) and not acknowledging the source, I could face serious consequences by my teachers and legal actions, if I am caught. If I download pirated software from “warez” sites, and install them with the help from serial numbers available on the internet, I would be breaching the Computer Misuse Act.

The result of downloading illegal copies of computer software is that many people would download the software and then distribute them. This means that the company which made the software would suffer major financial losses and they would have to increase the prices of their goods, ensuing in the people who actually buy the programme paying more. This would mean that they would rather download the software illegally than buying it. This consequence in fewer customers, so the company would have to raise the prices even more. As with the Computer Misuse Act, it is very difficult to actually catch someone who is breaking the act, but when they are caught the punishments are very harsh. Undoubtedly, everyone who uses ICT for their normal and needs have knowingly or not have broken the Copyright, Designs and Patents Act. This varies from copying and pasting some images from a website to distributing pirated content (e.g. films, software, games).

To reduce the risk of breaking the act, I must purchase media contents, software and games legally – either from a retail shop, or from verified websites. If I have to copy some content from another website (e.g. history of the washing machine), I have to include some acknowledgements to the source.