Computing related legislation - Computer Science - H046 - Cambridge OCR AS Level

Welcome to the World of Tech Law!

In this chapter, we are going to dive into the rules of the digital road. Just like we have laws to keep people safe on the streets, we have specific laws to keep people, data, and hard work safe in the world of computing.

As a Computer Science student, understanding these laws isn't just about passing an exam; it's about understanding the balance between power (what we can do with computers) and responsibility (what we should do). Don't worry if legal talk sounds boring—we're going to break it down into simple, real-world scenarios that actually make sense!

1. The Data Protection Act 1998 (DPA)

The Data Protection Act was created to protect personal data. Personal data is any information that can identify a living person, like your name, address, or even your exam results.

Think of the DPA as a set of "promises" that any organization (like your school or a bank) must keep when they store your information. There are 8 Principles you need to know:

1. Fairly and Lawfully Processed: Organizations must be honest about why they are collecting your data. They can't trick you into giving it up.
2. Specified Purpose: They can only use the data for the reason they told you. If a pizza shop takes your number for delivery, they shouldn't sell it to a gym for advertising!
3. Adequate, Relevant, and Not Excessive: They should only collect what they actually need. A gaming app doesn't need to know your blood type.
4. Accurate and Up-to-date: If your data is wrong, the organization must fix it. Imagine a bank having the wrong balance for your account!
5. Not Kept Longer Than Necessary: Once they don't need the data for the original purpose, they must delete it.
6. Processed in Accordance with the Individual's Rights: You have the right to see what data they have on you and ask them to stop using it if it causes you distress.
7. Kept Secure: Organizations must use passwords, encryption, and physical locks to keep your data safe from hackers.
8. Not Transferred Outside the European Economic Area (EEA): They shouldn't send your data to countries that don't have strong data protection laws (unless you agree to it).

Quick Review Box: The DPA is all about protecting the individual from the misuse of their personal information by organizations.

Memory Aid: Try the "S-S-A-A-F-L-E-T" mnemonic (or make your own!) to remember the key concepts: Secure, Specified, Accurate, Adequate, Fair, Length of time, Excessive (not), Transfer.

2. The Computer Misuse Act 1990 (CMA)

While the DPA targets organizations, the Computer Misuse Act targets the "bad guys" (hackers). Before this law existed, it was actually quite difficult to prosecute people for simply looking at data they weren't supposed to see!

The CMA defines three specific levels of offenses:

Level 1: Unauthorized access to computer material
This is simply logging into someone else’s account or accessing a file you don't have permission to see. Even if you don't change anything, just being there is illegal. Example: Guessing your friend's password to read their private messages.

Level 2: Unauthorized access with intent to commit or facilitate a crime
This is hacking into a system because you plan to do something even worse, like stealing money or blackmailing someone. Example: Hacking a bank's server because you intend to transfer money to your own account later.

Level 3: Unauthorized modification of computer material
This is when you actually change, delete, or damage data. This includes spreading viruses, deleting files, or changing a website's homepage. Example: Planting a "logic bomb" virus that deletes a company's database on Friday the 13th.

Don't worry if this seems tricky at first: Just remember the "levels" go from Looking -> Planning -> Breaking.

Key Takeaway: The Computer Misuse Act makes hacking and spreading malware illegal.

3. The Copyright, Designs and Patents Act 1988 (CDPA)

Imagine you spent three years writing a brilliant new piece of software, and the moment you released it, someone else copied it and started selling it as their own. That would be devastating! The CDPA exists to prevent this.

It protects Intellectual Property (IP). This includes books, music, videos, and—most importantly for us—software and algorithms.

Under this act, it is illegal to:
- Copy software without the owner's permission.
- Give away copies of software to your friends.
- Run "cracked" versions of software that bypass the license check.
- Use software on more computers than the license allows (e.g., buying one home license but installing it on 50 office PCs).

Did you know? Even the source code of a program is protected by copyright automatically as soon as it is written down or saved to a disk!

Common Mistake to Avoid: Students often think "Patents" and "Copyright" are the same. Copyright is usually for the expression (the code itself), while a Patent is for a new invention or method (like a new way of processing data).

4. The Regulation of Investigatory Powers Act 2000 (RIPA)

This is often called the "Snooper's Charter." It gives certain public bodies (like the Police or Secret Service) the legal power to monitor people's digital activities to prevent crime or protect national security.

What can authorities do under RIPA?
- They can demand that Internet Service Providers (ISPs) provide access to a customer's communications (like emails or web history).
- They can carry out mass surveillance of communications.
- They can demand the keys to encrypted data. If you have encrypted files and the police have a warrant, you must hand over the password or the key, or you could face prison time!
- They can intercept (listen in on) internet traffic.

The Controversy: This law is often debated because it's a "balancing act." It helps catch criminals and terrorists, but many people feel it invades the privacy of innocent citizens.

Analogy: Imagine the police having a master key that can open any digital envelope or any digital door, but they are only supposed to use it when they have a very good reason to believe a crime is happening inside.

Key Takeaway: RIPA is about government surveillance and the power to intercept digital communication.

Quick Summary Table

Use this table to quickly check which law applies to which situation:

Act: Data Protection Act (1998)
Focus: Organizations storing your personal data.
Key Word: Privacy

Act: Computer Misuse Act (1990)
Focus: Hacking and malware.
Key Word: Hacking

Act: Copyright, Designs and Patents Act (1988)
Focus: Protecting creative work and software from being stolen.
Key Word: Ownership

Act: Regulation of Investigatory Powers Act (2000)
Focus: Police and government surveillance.
Key Word: Surveillance

Study Tip: When answering exam questions, always identify which "party" is involved. If it's a company losing data, think DPA. If it's a hacker breaking in, think CMA. If it's someone copying a game, think CDPA!

* The content provided by thinka is generated by AI and may not always be accurate or up-to-date. Please use it as a supplementary resource and verify with official materials.