Computing Laws (All)


Data Protection Act - 1998

  • Define what companies can do with data that can identify a living person.
  • 8 parts - make it harder for companies to use data for the wrong purpose.
  • Covers collection, holding and use of data.
  • Companies that hold data must adhere to the act or they are breaking the law.
  • Must sign up to the Information Commissioners Office

The Eight Parts

Data must be kept secure:

  • Main aim. 
  • Ensures user safety.
  • Companies must protect data.
  • Take precautions
  • If data is stolen, the person from the company responsible for data protection will be arrested and taken to court.

Data Stored Must be Relevent and not Excessive:

  • Only hold relevent data to company porpuse.
  • Cannot hold inappropriate data - variation between companies.

Data stored must be Kept no Longer than Necessary:

  • only need to hold data for certain amounts of time - variation between companies.
  • Not neccessary for data to be kept for years after someone has stopped using the service.

Data must be Accurate and Up to Date:

  • Must be up to date e.g. new address when move house.
  • Postal or online serveys.
  • Down to the client to ensure data is udated whenn change occurs.

Data must be Obtained and Processed Lawfully:

  • Ensure data is not collected illegally.
  • Puts restraints on how data can be collected and processed.
  • If data is attempted to be obtained illegally - company will be prosecuted.

Data must be Obtained and Specified for Lawful Purposes:

  • When data is collected it must be clear what it is for.
  • Individual can refuse.
  • Company must be specific

Data must be


No comments have yet been made