How EE responds to the Legislation and Ethical Issues
P a g e 1 | 19
Content
Legislations Data Protection Act 1998 Freedom of Information Act 2000 Computer Misuse Act 1990 Human Right Act 1998 Privacy Act 1974
page 3 – 4 page 5 – 6 page 7 – 8 page 9 – 10 page 11 – 12
Ethical Issues Use of email Internet Whistle-blowing Organisational Policies Information Ownership
page 13 page 14 page 14 page 15 page 15
Operational issues Security of Information Back Up Copies Health and Safety Issues Business continuance plan Cost/ increasing sophistication
page 16 page 16 page 17 page 17 page 18
P a g e 2 | 19
Legislations P a g e 3 | 19
Data Protection Act 1998 at EE According to https://www.gov.uk/data-protection/the-data-protection-act , “The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone responsible for using data has to follow strict rules called ‘data protection principles’. They must make sure the information is: •
used fairly and lawfully
•
used for limited, specifically stated purposes
•
used in a way that is adequate, relevant and not excessive
•
accurate
•
kept for no longer than is absolutely necessary
•
handled according to people’s data protection rights
•
kept safe and secure
•
not transferred outside the UK without adequate protection There is stronger legal protection for more sensitive information, such as:
•
ethnic background
•
political opinions
•
religious beliefs
•
health
•
sexual health
•
criminal records The Data Protection Act gives you the right to find out what information the government and other organisations stores about you.”
The EE Company has all of the information about every customers they have. They can assure their customers that their personal information, will remain private. As every customer, to make a contract with EE, they have to tell them some of their personal details. EE will need to know for example, their address, their full name, their mobile number, their gender, their email address (if they have one) and their bank account. EE simply need this information to make sure that the customers will pay their contract. As a trustable company and according to “Data Protection Act 1998”, EE can assure their customers that none of the customer’s information will be given to other people or will be made public. If Everything Everywhere will make the customers information public, they can be sued for that. EE will be legally required to give the customers a copy of the information they hold about them if the customer’s request it. However, EE is allowed to withhold information, only if the information’s about: • the prevention, detection or investigation of a crime • national security • the assessment or collection of tax • judicial or ministerial appointments
P a g e 4 | 19
P a g e 5 | 19
Freedom of Information Act 2000 at EE According to https://www.gov.uk/make-a-freedom-of-information-request/the-freedom-of-informationact , Freedom of Information Act is “The Freedom of Information Act (FOIA) gives you the right to access recorded information held by public sector organisations. Anyone can request information – there are no restrictions on your age, nationality or where you live. Your request will be handled under different regulations depending on the kind of information you ask for, e.g. the: •
Data Protection Act if you ask for information an organisation holds about you
•
Environmental Information Regulations (EIRs) if you ask for environmental information An organisation could refuse your request if the information is sensitive or the costs are too high. You might not need to make a Freedom of Information (FOI) request to get the information you need. An organisation might be able to give you information straight away, e.g. over the phone. You can also check published responses to FOIrequests. You can request information from some public sector organisations, e.g.:
•
government departments, and other public bodies and committees
•
local councils
•
schools, colleges and universities
•
health trusts, hospitals and doctors’ surgeries
•
publicly owned companies
•
publicly funded museums
•
the police View the full list of public sector organisations covered by the Freedom of Information Act (FOIA).”
EE has every information about their customers. EE is obligated by the “Freedom of Information Act 2000” to give their customers every information they need about them. If a customer will ask for any of the information EE has about them, they are obligated to give them the information. This could cost around £10 for printing and for the services.
P a g e 6 | 19
P a g e 7 | 19
Computer Misuse Act 1990
According to “ http://www.legislation.gov.uk/ukpga/1990/18 ”, “An Act to make provision for securing computer material against unauthorised access or modification; and for connected purposes. [29th June 1990] Be it enacted by the Queen’s most Excellent Majesty, by and with the advice and consent of the Lords Spiritual and Temporal, and Commons, in this present Parliament assembled, and by the authority of the same, as follows:— Computer misuse offences 1 Unauthorised access to computer material. (1)A person is guilty of an offence if— (a) He causes a computer to perform any function with intent to secure access to any program or data held in any computer [F1, or to enable any such access to be secured]F1 ; (b) The access he intends to secure [F2, or to enable to be secured,]F2 is unauthorised; and (c) He knows at the time when he causes the computer to perform the function that that is the case. (2) The intent a person has to have to commit an offence under this section need not be directed at— (a) Any particular program or data; (b) A program or data of any particular kind; or (c) A program or data held in any particular computer. “
EEs’ customers are obligated by law, not to copy anything from the computer they are working at. They are not authorised to: access a computer’s data (hacking), including the illegal copying of programs, access to a computer’s data for blackmail purposes, access to a computer’s data with the intention altering or deleting it, including the planting of viruses and copy programs illegally (software piracy). EE is guaranteeing you that your information will be safe with them, and anyone who will try to break the law, will be sued and sacked from the workplace.
P a g e 8 | 19
P a g e 9 | 19
Human Right Act 1998 – Common Law Duty of Confidence
According to http://www.legislation.gov.uk/ukpga/1998/42/contents , Human Right Act 1998 is: “An Act to give further effect to rights and freedoms guaranteed under the European Convention on Human Rights; to make provision with respect to holders of certain judicial offices who become judges of the European Court of Human Rights; and for connected purposes. [9th November 1998]”
Everything Everywhere is responding well to Human Rights Act 1998. The employers from Everything Everywhere are making sure that the customers and the employees are treated right after the Human Rights Act.
P a g e 10 | 19
P a g e 11 | 19
Privacy Act 1974
According to http://www.legislation.gov.uk/ukpga/1974/7/introduction , Privacy Act 1974 is “An Act to make further provision, in relation to England and Wales, with respect to the payment of grants to local authorities, rating and valuation, borrowing and lending by local authorities and the classification of highways; to extend the powers of the Countryside Commission to give financial assistance; to provide for the establishment of Commissions for the investigation of administrative action taken by or on behalf of local and other authorities; to restrict certain grants under the Transport Act 1968; to provide for the removal or relaxation of certain statutory controls affecting local government activities; to make provision in relation to the collection of sums by local authorities on behalf of water authorities; to amend section 259(3) of the Local Government Act 1972 and to make certain minor amendments of or consequential on that Act; and for connected purposes. [8th February 1974]”
EE is obligated by law to protect every personal information about their customers. They are not allowed to give personal details about a customer unless the customer itself comes with a proof of identification to get their details. Giving personal details about a customer to an unidentified person, EE may get prosecuted for that.
P a g e 12 | 19
Ethical Issues Use of Email at EE Most of the phone companies, like EE, are using the Email system to send offers or information about the bills to their customers and they can receive Emails from customers, complaining or needing help. The employees are not allowed to use the company’s email to send other emails that do not relate with the company.
P a g e 13 | 19
Internet Mostly everything in today’s world, is done with the help of internet. EE uses the internet to reach to their customers by advertising, sending emails and helping other customers. EE itself offers internet on special offers they give the customers.
Whistle-Blowing Whistleblowing is when a worker reports suspected wrongdoing at work. Officially this is called ‘making a disclosure in the public interest’. A worker can report things that aren’t right, are illegal or if anyone at work is neglecting their duties, including: • • • • •
someone’s health and safety is in danger damage to the environment a criminal offence the company isn’t obeying the law (like not having the right insurance) covering up wrongdoing
P a g e 14 | 19
Organisational Policies Every employee that works for EE, has an EE uniform, to represent the company they are working at. The EE uniform is a t-shirt that has the company’s logo and company’s colours. According to EE’s official website, they have 3 policies. 1. Addressing barriers to efficient connectivity 2. Allowing competition to drive customer value 3. Supporting UK leadership and innovation.
Information Ownership I think every customer of every company would like to know something about the owners of the companies they are buying their products from or receiving a service. EE’s Chief Executive Officer is Olaf Swantee. According to EE’s official website “Olaf is the chief executive officer of EE, responsible for running the UK’s leading Communications Company. Prior to this, Olaf was a member of the Orange executive board, heading the Group’s Europe division, which covered a mobile & fixed, €12.6B telecommunications business in Spain, Belgium, Switzerland, Eastern Europe, and the Dominican Republic. In addition, he ran the company’s purchasing and supply chain function worldwide. Before joining Orange, Olaf had 17 years' experience in the IT industry in Europe and the United States, latterly serving as Hewlett-Packard's EMEA SVP for enterprise sales and software. He also held senior leadership, sales and marketing positions with Compaq and Digital Equipment Corporation in Europe and the United States. He has worked at country, European and global levels.”
P a g e 15 | 19
Security of Information Information security management deals with maintaining the integrity and availability of organisational information and knowledge. Much information security management focuses upon digital data; however, the subject also covers records and knowledge management. As explained at the “Privacy Act 1974” ( page 12) , EE will secure the customers information from other people. They will delete every information they have about a specific customer, if the customer, for example, will not have a contract with them anymore.
Back up and Copies Large businesses like EE have developed business continuity programmes to try to minimise the risk of losing vital business information stored on IT servers. This involves producing backups of information stored on the servers – EE can create a backup every hour, or every day.
P a g e 16 | 19
Health and Safety Issues Even though the computer equipment are unlikely to be dangerous in itself, it can be used in ways that can be dangerous for the health of staff. Many employees at EE are required to spend a substantial portion of their working day sat at their desk, working on a computer. Bad posture, incorrect positioning of equipment and susceptibility to repetitive strain injury are health and safety risks that employers are legally required to take seriously.
Business continuance plan Those are the steps that EE puts into place to make sure it is capable of surviving a worst-case scenario. One step in the continuance programme might be to make sure that EE is producing regular backups of its information.
Costs Every business has its costs. Same goes to EE. EE needs to think about additional resources if needed and cost of development. If they will need to train more staff, they will need to spend money as well buying the stock.
P a g e 17 | 19
P a g e 18 | 19