LEGISLATION
DATA PROTECTION ACT (1998) The aim of this act give people the right to know what information is held about them. It also sets out rules to ensure that info is handled properly. The Act covers both paper based and electronic info.
EIGHT PRINCIPLES 1.Obtain and process info fairly and lawfully 2.Register the purpose for which the info is held 3.Not disclose info in a way that is different for the purpose held
4.Only hold info that is adequate, relevant and not excessive for the purpose stated 5.Hold only accurate and up-to-date info 6.Do not hold info for longer than required 7.Allow individuals access to info held about themselves if requested 8.Keep all information safe
There is an Data Protection Registrar. This is the person that firms need to register their purpose for holding info. Individuals can complain to the Registrar if they feel info held about them breaches one of the 8 principles.
FREEDOM OF INFORMATION ACT (2002) This is the right to request info that is held by PUBLIC AUTHORITIES. Individuals must be told if a public authority holds info. The public authority have 20 days to make the information available after the request has been made.
COMPUTER MISUSE ACT (1990) Deals with problems with hacking into computer systems. Three offences: Unauthorised access to computer material Unauthorised access with the intent to commit further crime Unauthorised modification of computer materials