OCR AS ICT- Acts Leading to Data Security

These cards are based around the OCR AS Level Syllabus. They fit into area 3.1.7 The Role and Impact of ICT.


Acts Leading to Data Security- Data Protection

The Data Protection Act 1984 (Updated 1998)

There are 8 principles:

  • Data must be fairly and lawfully processed
  • Must be processed for limited purposes
  • Must be adequate, relative and not excessive
  • Must be accurate and up to date
  • Must not be kept for longer than is necessary
  • Must be processed in line with the public's rights
  • Must be kept in a secure environment
  • Must not be transferred to other countries without adequate protection

The public have the right to see any information held about themselves (subject access request) and ask that any information that is incorrect is made correct.

It does not apply to payroll, pensions and accounts data or data held for recreational use. Also exemptions include where data is stored in connection with national security, for prevention of crime and collection of tax or duty.

1 of 4

Acts Leading to Data Security- Electronic Communic

The Electronic Communications Act (2000)

There are two main parts:

  • Cryptography service provided: This allows the government to set up a register of approved cryptography services.
  • Facilitation of electronic commerce data storage: this recognises digital signatures which are now admissable in law.

Benefits are that contracts signed over the internet have the same legality as those signed by hand.

Problems are that it will take a long time for some bodies to accept the signatures, for example when buying or selling a house or making a will.

2 of 4

Acts Leading to Data Security- Freedom of Informat

The Freedom of Information Act (2000)

This means that the public have the right to request information from any public authority by writing to them and the public authority has 20 working days to comply.

The benefits are that information that was not available to the public before the act now is, therefore increasing accountability. The government cannot hide public decisions.

The problems with the act are that requesting information doesn't necessarily mean you will get it: some information may be withheld.

3 of 4

Acts Leading to Data Security- Other Acts

These are:

  • The Computer Misuse Act (1990)
  • The Copyright, Designs and Patents Act (1988)
  • The Regulation of Investigatory Powers Act (2000)
4 of 4


Mr A Gibson


Use this as a handy guide to ICT acts which relate to the specification - ideally on your mobile device. Complete the three remaining acts (on the last card) in the same way as a revision exercise.

Suitable for any specification requiring coverage of legislative acts relating to ICT.

Similar ICT resources:

See all ICT resources »See all Policies, Security and Legislation resources »