The legislation that protects individuals and groups from the misuse of ICT

Authors Avatar

Unit 3E; the legislation that protects individuals and groups from the misuse of ICT

Introduction;

I am going to investigate different legislations that affect the use of ICT, and look at how they affect in particular the people that I have studied in unit 3, I will consider what they have to do to abide by the law, how the piece of legislation protects them and how and what impact it has upon them.

Since the introduction of the new technologies, new problems have been created, to tackle these problems certain legislation has been introduced, to allow protection for companies and individuals and to give authorities the power to combat the problems and misuses and where applicable make arrests.

Data Protection Act of 1998

As the amount of information about people and their lifestyles held on computers increased, a need became apparent to control the way in that it was collected and stored, the previous ability to access large databases of information led to the introduction of the Data protection act.

The data protection act is made up of eight different principles, these are the different points of the law that state what can and can’t be done with regards to data, the eight principles are;

  • Data must not be acquired and processed unless there is a lawful reason to do so.
  • Data must be processed within the rights of the person supplying the data.
  • Data must only be used for specific lawful purposes.
  • Personal data must be accurate and up-to-date.
  • Provision must be made for the correction of data held.
  • Suitable measure should be taken to ensure the safety of personal data.
  • Data held should be the minimum required for the purpose and should not be kept longer than is reasonable.
  • Data is not to be transferred to countries outside the European Economic Area.

The above principles are in place to protect the British Public, the government passed the law with the interest of the public at heart, after rising concern when there was an increase in the amount of data that was stored about people.

This particular legislation is most applicable and relevant to Mr. Clements, the person I studied in Unit 3B, because he is responsible for a vast amount of data stored about clients, this data includes a range of things from home address to telephone number and from occupation to bank account details. What ever it may be Mr. Clements has access to a lot of data, because of this situation there is a need for both the data and Mr. Clements to be protected.

For Mr. Clements to stay within and abide by the data protection act, he must consider certain things when handling data, Askews solicitors has a strict policy in place to protect both themselves and their clients, clients sign a disclaimer which sets out the rights that they as customers have and what the solicitors must do. It creates more paperwork, and takes longer to process information but in the long run it means to an extent that customer will have no unnecessary information stored about them, and it also means that what is stored about them is protected. All files that contain customer information and details are encrypted which means that no unauthorised person can access it, also all information is reviewed after one year after the clients case has been resolved, anything unnecessary will be deleted. There is only Derek who can access his client’s information which means that in the event of a breach of the act he would be held responsible. Clients are given the right to access all information that is stored about them and it can be changed if there are any mistakes.

The data protection act gives a statutory responsibility to Mr. Clements for the storing of clients information, this means that the clients should have the assurance that their information is kept secure, the law means that any breach if the law would either result in hefty fines or imprisonment, however the extent that individuals or holders of information are protect is often limited, even with the law in place it is often difficult for somebody to prove that a breach has occurred, an example of this would be selling data to a 3rd party without the owners consent, yes the company has broken the law, but is often hard for the person who has had their information sold to realise this has happened, and it is also difficult to prove that the company has sold the information, investigations of this nature often take years to result in prosecutions whilst the evidence is gathered, this says to me that the Data Protection act does not give full protection to individuals or groups.

Join now!

To improve the overall impact and effect of the Data protection act there is a need for tighter protocols to be introduced and for easier ways of tracking that criminal offences have been committed. A way that the impact could be improved is through a means of logging data movement, for example a computer file could be tracked to see if it is being sold or transported to another country or organisation, this would mean that it would be easier to prove that crimes have been committed leading to an increase in the levels of prosecution. Without any changes ...

This is a preview of the whole essay