Data security and legal issues

·      What is Data Protection Act?

The Data Protection Act controls how personal/customer information is used by organizations or by government bodies. The Data Protection Act has rules which require everyone who collects data to follow strict guidelines and data and privacy policies, whilst also keeping information safe. The Data Protection Act's rules are very thorough and cover rules around sharing of data, and data security.

·      Who is the information commissioner?

He is the man who has the authority to enforce that data protection act on the people of his respected country

·      Who is the data controller?

a person who determines the purposes for which and the manner in which any personal data are, or are to be, processed.

·      Who are the data subject?

Data subjects are the people who the data refers/ relates to them.

·      Who are the data users?

People who use the information

·      What is personal data?

Any information that is related to an individual who can be identified from this data, he can be identified by a number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

o  Find and list all eight points of the data protection act

1.   The data shall not be processed fairly and lawfully

2.   Personal Data shall be obtained for a lawful purpose and nothing else

3.   Personal data shall be equated, relevant and not excessive in relation to the purpose for which they are processed

4.   Personal data shall be accurate and where necessary kept it up to date

5.   Personal data processed for any purpose shall not be kept for longer than is necessary for that purpose

6.   Personal data shall be processed in accordance with the rights of data subject

7.   Appropriate technical and organizational measures shall be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

8.   Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

References:

 http://www.qas.co.uk/

http://ico.org.uk/

Online Services And Security And Privacy Of Data

Identify The Main Data Security Aspects In The Below Categories:

Need to protect confidentially of data

·    Encryption  - confidentiality is maintained through encryption of the data after it is processed.

Shop Security

·    Public Key Systems - It is used to ensure the protection of data for online payment and code services.

Online Banking -

The data is protected by three methods:

·    Transaction numbers (TANs) : it is defined as one-time passwords.

·    Entering parts of the passwords: The user is asked to fill in only parts of his/hers password.

·    Chip and Pin devices: It is a method to ensure that the data entered is correct.

Online Shopping

When you are using online shopping you have to make sure that the data entered is secured by using :

·    Secure Socket Layer (SSL) Protocol

·    Transport Layer Security (TLS) Protocol

Online Services

• Definition:

An online service refers to any information and services provided over the Internet. These services not only allow subscribers to communicate with each other, but they also provide unlimited access to information. Online services can range from simple to complex. A basic online service may help subscribers gain needed data through a search engine, while a complex one might be an online mortgage application from a bank. Online services may be free or paid.

• Effects of Online Services on the society:

Online services makes the life much easier and quicker, no need for the customer or the user to go to that specific area to book or buy etc. something, he simply can do this action online.

Sometime it is cheaper so less money is spent.

Users can go to any place on the world just by clicking few buttons.

Online Shopping

Online Shopping is an electronic commerce application that businesses can use with each other or they can offer services or goods directly to the customers.

Online Shopping has benefits to the shop and even to the customer. Customers can visit different stores by using their PC's or any ICT device that can be connected to the Web, and they can easily compare the prices of different stores and even they can reserve the products. No need for them to stand in a queue to reach to the cashier, and they can shop around without spending time or money by travelling around different stores.

The pressure on the employee is less, because customers can shop online instead of going to the shop and waste time. It makes the stock and money control easier, there is no need to pay staff to price goods or to order stock.

To shop online, you have to:

1.      Choose an online store

2.      Create an account

3.      Choose the product(s) you want to buy

4.      Checkout

5.      Choose the method of payment

6.      Choose the delivery options

7.      Confirm the order

8.      Log off

Customers should be aware from the site they are using, they have to make sure that it is safe in order to prevent been stolen or hacked. To prevent this from happening the personal details should be encrypted (encoded) when they are transferred over the internet, and the shop network server will decrypt (decode) the data using the encryption key.