Presentation is loading. Please wait.

Presentation is loading. Please wait.

Legal Aspects of Computer System Security “Security - Protecting Our Resources”

Published byWendy Randall Modified over 9 years ago

Similar presentations

Presentation on theme: "Legal Aspects of Computer System Security “Security - Protecting Our Resources”"— Presentation transcript:

1 Legal Aspects of Computer System Security “Security - Protecting Our Resources”

2 Legal Aspects of Computer System Security Presentation Contents Introduction Current Legislation –Overview –Data Protection Act 1998 –Criminal Damage Act 1991 –Criminal Evidence Act 1992 Sources, References and Disclaimer

3 Legal Aspects of Computer System Security Introduction IT rapidly integrating into society International context - US and EU influences IT law invades on “traditional” turf Lack of clear definition - good or bad? Specific and Regular crime

4 Legal Aspects of Computer System Security Current Legislation - Overview Data Protection Act 1998 –control personal information –regulate data processing Criminal Damage Act 1991 –actual or threatened damage to property –unauthorised access to computers –possession with intent to damage property Criminal Evidence Act 1992 –regulate admissibility of computerised records into evidence

5 Legal Aspects of Computer System Security Data Protection Act 1998 Background and Origin Definitions and Provisions Data Protection Crimes The Data Protection Commissioner

6 Legal Aspects of Computer System Security DPA - Origins “designed to provide adequate safeguards to individuals against any abuse of their privacy arising from the automatic processing of personal data concerning them” Based on principles of Strasbourg Convention

7 Legal Aspects of Computer System Security DPA - Definitions Personal Data: data relating to a living individual who can be identified either from the data or from the data in conjunction with other information in the possession of the data controller. Data subject: person who is the subject of personal data. Data Controller: person who controls contents and use of personal data. Data Processing: automatic logical operations on data including extraction of constituent data. Data: information in a form which can be processed.

8 Legal Aspects of Computer System Security DPA - Provisions Computerised files only Personal Data only Exceptions –security of the State –must be available by law/court order –kept by individual for family affairs/recreational purposes –required urgently to prevent injury or serious loss/damage –held or processed outside the State

9 Legal Aspects of Computer System Security DPA - Provisions II Requirements of a Data Controller Information obtained and processed fairly/lawfully Information is accurate and current Kept for only 1 or more specified purposes Not used or disclosed except for specified purpose Relevant and limited to purpose Not kept longer than required Security against unauthorised access

10 Legal Aspects of Computer System Security DPA - Provisions III Rights of a Data Subject Establish the existence of data Access to data Correct and/or erase data

11 Legal Aspects of Computer System Security DPA - Crimes Data processor knowingly disclosing personal information without consent of data controller. Any person disclosing personal data to a third party without consent of the data controller. “a data subject whose data has been attacked or copied by a hacker [may] take a civil action against the data controller. There is clearly a premium, therefore, on each data controller taking all reasonable care in relation to personal data (s)he holds.”

12 Legal Aspects of Computer System Security Data Protection Commissioner Enforcement Notice Information Notice Prohibition Notice Prosecution Prepare Codes of Practice Produce Annual Report International Assistance Maintain Data Protection Register

13 Legal Aspects of Computer System Security Criminal Damage Act 1991 General Points Offences under the Act Interesting Provisions Proof and Defences

14 Legal Aspects of Computer System Security CDA - General Points Defining criminal activity is difficult Evidence is hard to produce Legal counsel is invaluable Legal notion of “property” extended to include data No definition of “computer” Computer areas are untested Damage of data: add to, alter, corrupt, erase or move or any act that contributes to the above.

15 Legal Aspects of Computer System Security CDA - Offences Damage to Property “a person who without lawful excuse damages any property…shall be guilty of an offence” Accidental/coincidental damage Recklessness Damage must be intentional Specifically outlaws –damage to property which endangers life –damage to property with intent to defraud Data damaged within the State by persons outside

16 Legal Aspects of Computer System Security CDA - Offences II Threatening to Damage to Property “a person who without lawful excuse make to another a threat intending that that other would fear it would be committed” Inability to carry-out threat is not a defence

17 Legal Aspects of Computer System Security CDA - Offences III Possession of Anything with intent to Damage Property “a person who has anything is his custody or under his control intending without lawful excuse to use it…to damage property” Intentionally broad Intent to damage

18 Legal Aspects of Computer System Security CDA - Offences III Unauthorised Access to Data Computer specific “any person who without lawful excuse operates a computer…with intent to access data…whether or not he access any data…shall be guilty of an offence” Is all activity criminal?

19 Legal Aspects of Computer System Security CDA - Interesting Provisions Wide-ranging powers of arrest Signs of lack Garda know-how Compensation Order

20 Legal Aspects of Computer System Security Criminal Evidence Act 1992 Hearsay or Real Evidence Record generated in the normal course of business, without intervention of humans provided machine is reliable. Assumed to be working correctly - Good or bad?

21 Legal Aspects of Computer System Security Sources and Reference “Information Technology Law in Ireland” Denis Kelleher & Karen Murray. Butterworth Ireland, 1997. http://www.ncirl.ie/itlaw/ Government Publications Sales Office The Irish Times http://www.ireland.com/ The Journal of Information, Law and Technology (JILT) http://elj.warwick.ac.uk/jilt/ CERT http://www.cert.org/

22 Legal Aspects of Computer System Security Inevitable Disclaimer I am not a lawyer! Although I believe this to be accurate don’t base a life or death decision on it! This does not necessarily represent UCD’s views.

Download ppt "Legal Aspects of Computer System Security “Security - Protecting Our Resources”"

Similar presentations

Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.

Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.
Confidentiality and HIPAA

Confidentiality and HIPAA
The Problem Solvers TM www.singleton.com Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.

The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.

Legal Implications of ICT. In this section will look at: Legal Implications of ICT: ☼ Data Protection Act 1998 ◦ The 8 Principles, ◦ The Data Subject.
Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,

Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,
Legal Issues Computer Forensics COEN 252 Drama in Soviet Court. Post-Stalin (1955). Painted by Solodovnikov. Oil on Canvas, 110 x 130 cm.

Legal Issues Computer Forensics COEN 252 Drama in Soviet Court. Post-Stalin (1955). Painted by Solodovnikov. Oil on Canvas, 110 x 130 cm.
Legislation in ICT.

Legislation in ICT.
Data Protection and Records Management

Data Protection and Records Management
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.

Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.
Health and Safety Legislation

Health and Safety Legislation
Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.

Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.
Data Protection Act 1998. Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.

Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.
Audiences NI Data Protection Workshop

Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview

Data Protection Overview
An overview of the Data Protection Act 1998. Legal framework The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection.

An overview of the Data Protection Act Legal framework The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection.
The Data Protection Act

The Data Protection Act
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.

Similar presentations

Ads by Google