The Law

Go back to before 1984 and there were no laws relating to the use of ICT. Existing laws were thought to cover most things. However, over time a number of laws relating to ICT have been brought in. Many of these have had to be revised with new developments in ICT.
There are 3 laws that you need be aware of. They are:

1. Data Protection Act 1998 (DPA)
2. Computer Misuse Act 1990
3. Copyright Act

Data Protection Act

The first version of this act was created in 1984. It has been revised over the years, the last being in 1998.

Why do we need it? Well, before the act, people could hold data about anyone. It did not matter if the data was wrong, passed to other companies or even sold.

So the act was born. It initially covered just computer records but later, paper records were also added. It was created to project data subjects (ie us).

Everyone (well almost everyone) that stores data about people must be registered. They also need to state what is being stored, why its being stored and how it is used (WHAT, WHY and HOW!). There are some exceptions to this; organisations related to national security, crime (ie the police) and taxation (ie the tax office). Individuals that store records about their own family are of course excempt.

Those that are required to register have 8 rules (or principles) to follow. They can be seen on the poster on the right. If they fail to do any of these, they can now be fined up to 500,000.

Have a read of some theory from teachICT. There are also some quizzes and games on teachICT for Data Protection

Computer Misuse Act

Click to view enlarged version


What would happen to you if you were caught hacking into a computer system? Many years ago the answer would be nothing. For this very reason, the Computer Misue Act was created. There are 3 different catagories of effense. See the poster on the left for these and make some notes.

Every few weeks we see the act being used to prosecute individuals (real examples) which also appear on the news:

This law has some 'teeth'. If you commit any level of offence and admit it penalties are limited to 12 months in prison and/or a fine of up to£5000. However, if you are found guilty by a jury then the following are the maximum penalties:

Level 1 offence: 2 years in prison and/or £5000 fine

Level 2 offence: 5 years in prison and/or unlimited fine

Level 3 offence: 10 years in prison and/or unlimited fine

Added to this is that if a level 3 offence shows some form of fraud, the max prison term would be 15 years instead of 10 years. Ouch!

Saying that, in reality it is difficult to prove as companies try to hide the fact that a hacker has been in their systems. Afterall, would bank customers stay with a bank if their accounts are being hacked?

Have a read of some theory from teachICT. There are also some quizzes and games on teachICT for Computer Misuse Act
You do not need to know the following, its just interesting: During a tradeshow, a member of the audience watched an employee of BT Prestel enter his username and password into the computer and was able to remember it. Then he got home, he used this username and password to log into to BT Prestel and access the private message box of Prince Philip. Somehow, they noticed this and trapped him along with another. They were charged with fraud and forgery but appealed and got away with it. The computer misuse act was born.


Copyright, Designs and Patents Act 1998

The concept started in 1709 and then became law in 1911. The latest version of the act was updated in 1998. The act covers songs, computer programs, leaflets, plays, music (plus sheet music), photographs, paintings, architecture, maps, logos, magazines and films (plus general broadcasts).

Basically, the act prevents you from copying, renting, lending, performing, broadcasting or adapting items listed above.

More details can be found from this fact sheet; its worth a read!

Here are some quizzes based on the act. Oh and some some useful theory!