P5
Sheena Patel
1
Explain the legal and ethical issues in relation to the use of business information In this assignment l will be explaining the legal and ethical issues that relate to the use of business information. I will be using John Lewis throughout this assignment however I will be referring the social network service of Facebook as well. Many people get worried and anxious when it comes to putting their personal information on to social networking sites such as Facebook this mainly due to the possibility of computer ‘hackers’ getting into their account. Once the hackers have access the account they can then have access to the users personal information and photos as well as other peoples. On John Lewis’s website in order to make an order customers need to sign up using their email and password in order to shop. The 'Data Protection Act 1998’ protects the information held about people being misused. The act says that the data may only be used for the specific purposes for which it was collected. Information must be accurate and up to date. The data protection acts states that the information must be (https://www.gov.uk/data-protection): used
fairly and lawfully
used
for limited, specifically stated purposes
used
in a way that is adequate, relevant and not excessive
accurate kept
for no longer than is absolutely necessary
handled kept not
according to people’s data protection rights
safe and secure
transferred outside the UK without adequate protection
http://www.legislation.gov.uk/ukpga/1 998/29/introduction
Sheena Patel
2
http://www.johnlewis.com/custome r-services/information-about-ourterms-and-conditions#cq-privacy
Facebook has tried to follow the Data Protection Act 1998, but none the less computer hackers still find their way around getting into people accounts, studying people wall posts, looking at others profile and saving photos for their own use such as to make fake identity to get other people information. Facebook should have been able to stop those hackers invading privacy this could have been achieved by bringing in stronger passwords. John Lewis uses a protection of their website in order to keep the information safe and secure as customers will be putting their credit card numbers. Hence John Lewis has written on their website ‘This is in accordance with the Data Protection Act 1998 and other applicable laws’ to let their customers know that the website is safe to use and put personal information.
http://www.johnlewis.com/#loginoverlay_show
Sheena Patel
3
http://www.johnlewis.com/c ustomer-services/securityprivacy#cq-i-privacy
As well as Data Protection Act 1998 there is also the Freedom of Information Act 2000 which had come into effect in 2005 it includes the right of access to information held by public authorities. This is when a person request information to public authority, the authority has to be informed in writing by the public authority whether it holds information of the description specified in the request, and if that is the case, to have that information given back to them. With the amount of people on Facebook still putting their photos and wall post, to access the Facebook you still need to have a username and a password to access your own personal account.
http://www.legislation.gov. uk/ukpga/2000/36/part/I /crossheading/right-toinformation
Sheena Patel
4
http://www.itgovernance.co.uk/ dpa-penalties.aspx
If John Lewis is found to be in breach of the Data Protection Act they can incur in a possible loss of business and brand damage get a penalty from The UK Information Commissioner's Office (ICO). As well as that the ICO can prosecute and issue fines to them of up to £500,000 and undertake court proceedings that can lead to prison sentences. An example of where a company has breached the Data Protection Act is Toshiba Information Systems as they had breached the Data Protection Act (DPA) after the personal details of 20 competition entrants were compromised by a security flaw on their website in 2012 as said on ‘http://www.ico.org.uk/news/latest_news/2012/online-security-flawleads-to-data-breach-at-toshiba-17042012’ There is also The Computer Misuse Act 1990 it is a law that does not allow certain activities when using computers, this includes: hacking into other people's systems, misusing software or helping a person to gain access to protected files on someone's else's computer. In the news on the telegraph recently there has been an article about how easy it is for hackers to access people accounts, this is due to hackers hacking into people accounts and telling other hackers on how to do it and using the information to open a credit card, loan or even a new bank account. This information had been obtained from http://www.telegraph.co.uk/technology/facebook/10369934/Facebookhacked-how-criminals-can-exploit-your-data.html This can relate to John Lewis as if someone hacks into someone’s account they can gain information on their credit card and other personal information.
Sheena Patel
5
http://www.legislation.gov.uk/ukpga/ 1990/18/introduction
There are also ethical issues which is the behaviour the business complies with which are dealt with using organisational policies and codes of practise such as: use of email, internet and whistle blowing. Facebook has code of practise when people use their website, where every new members needs to read the Facebook code of practise, so they are fully aware of the dos and do not's of Facebook. One of the policies in their code of practise is that users are not allowed to post anything offensive that can offend or affect another user. Also if an image of a user is put on Facebook that you do not want anyone to see the user is allowed to report it and Facebook takes it off. In terms of email Facebook must not give out this information without the permission of the user. Another ethical issue is whistle blowing this is when an employee raises a concern about a business practise either to management within the company or to an outside organisation like the press. This also happens in Facebook when Facebook users commenting to Facebook head office about any possible dangers of crime, cyber bullying, and fraud or posting posts that offend other users. Facebook users usually have trouble trying to take down false posts that is posted to their walls or people posting images of them. For example if a photo which a Facebook user finds inappropriate they are able to flag it, so that Facebook to look in to it. The Facebook user can also untag him/her self from the photo or block the person who posted the photo. Facebook also tackles spam, which is where people hack into your account. In conclusion all organisations must comply with all the laws and legislations acts in order to maintain the organisation otherwise they could incur fine or even be shut down. They must also deal with the ethical issues that occur within the organisation. Sheena Patel
6
Bibliography: https://www.gov.uk/data-protection http://www.legislation.gov.uk/ukpga/1998/29/introduction http://www.johnlewis.com/customer-services/information-about-ourterms-and-conditions#cq-privacy http://www.johnlewis.com/#login-overlay_show http://www.johnlewis.com/customer-services/security-privacy#cq-iprivacy http://www.legislation.gov.uk/ukpga/2000/36/part/I/crossheading/ri ght-to-information http://www.itgovernance.co.uk/dpa-penalties.aspx http://www.telegraph.co.uk/technology/facebook/10369934/Faceboo k-hacked-how-criminals-can-exploit-your-data.html http://www.legislation.gov.uk/ukpga/1990/18/introduction http://www.ico.org.uk/news/latest_news/2012/online-security-flawleads-to-data-breach-at-toshiba-17042012’
Sheena Patel
7