Information and Communication Technology

ICT Legal Issues

Legal issues relating to the use and misuse of ICT

The use of ICT has become a common part of everyday life for most people.

It is likely that there are digital files containing information about you. School or employment records, shopping preferences, credit history, medical details, and much more.

With the spread of ICT has come attempts to control its use. Governments pass laws, organisations try to establish codes of behaviour, society imposes views on moral or immoral on-line conduct.

This page looks at some of these issues and how they vary around the world.

Legal, moral, or ethical?

The law, morals, and ethics depend on where you live and the society that you live in.

This may perhaps be best illustrated by a non-ICT example, a person wanting to purchase a bottle of wine.

Thus different countries and different groups within countries have different ideas about what is acceptable in terms of buying a bottle of wine. Some of the restrictions are to do with the laws of the country, others are to do with moral or ethical decisions of certain groups of people.

The same holds true with ICT, with the added complication that many uses of ICT involve international transactions using the Internet. That can mean that someone involved in a web-based activity in one country may not raise any legal issues there, but may be regarded as being a criminal in a different country.

Who's laws, ethics and morals to choose?

And what happens when laws, ethics and morals conflict?

As explained above, there is no single set of rules to learn for this topic. In fact it would be quite hard to find any law governing the use of ICT in one country that was not contradicted in the laws of another country. And that's without considering the moral and ethical viewpoints that different groups of people have.

There is also the problem of international laws, trade agreements, bilateral treaties, etc. some of which may take precedence over national laws in some circumstances.

Legal aspects of ICT are probably easier to discuss than the ethical and moral aspects. For examination purposes, if you are an international student, it is usually best to work with UK and / or E.U. laws. They may not be the same as the ones where you live, but for the sort of questions that will be asked at this level they are fairly straightforward.

Typically, examination questions will look at copyright, fraud, hacking, and data protection.

Examination questions that touch on ethical and moral issues are usually kept pretty simple and markers will be looking for reasons and justifications for actions, not specific answers.

Your ethics and morals are individual to you and will probably have been formed by your school, your family, your friends, and similar factors. There is no reason why you should not discuss and promote your ethical and moral viewpoint in an examination question, but be careful not to be too one-sided in your answers.

Look for the keyword in the question. If it says discuss, and it usually will, you will need to give both sides of a moral or ethical argument if you want to get full marks.

Examination questions will still deal with copyright, fraud, hacking, and data protection, but may also include broader ideas such as the digital divide, fair usage, or responsible use of the Internet.


And plagiarism

Copyright is a legal means of protecting the interests of an author by giving them control over the copying and distribution of their work for a fixed period of time.

There is an international copyright law known as the Berne Convention, which has been signed up to by the great majority of countries. Under the Berne convention, copyright is for the author's life plus 50 years,

Most countries also have their own copyright laws. These vary considerably and may give longer or shorter lengths of copyright than the Berne Convention. National laws may also give exemptions from copyright e.g. in many countries, extracts from a copyrighted work may be used for what are known as Fair Use purposes. These might include education, research, reviews, or quoting extracts in another work.

Plagiarism is when someone tries to pass of another persons work as their own. This will often involve a breach of copyright as well. Even if the copied work is not copyright, or it is being copied under a Fair Use exemption, there may be an ethical or moral obligation for the source to be acknowledged.

Computer Fraud

Computer fraud covers a wide range of activities. A few examples are:

Internet scams, where people are fooled into sending money or giving bank account or credit card details to fraudsters. One of the best known of these is the advance fee scam, often referred to as a 419er, after section 419 of the Nigerian Criminal Code.

An advance fee scam asks victims to pay money in advance of getting some form of benefit. These scams may of course originate anywhere in the world, not just Nigeria.

Identity theft, where fraudsters gather peoples' personal and financial information and use it to obtain credit or to make purchases which are billed to the victim. Personal information may often be obtained from peoples' social networking sites, while financial information may be obtained by phishing or the use of keylogging trojans.

Extortion, where a victim may be forced to pay money to a fraudster to prevent a real or perceived threat. A common example of this is fake security software. In this form of fraud, the victim's computer is infected with some malware which then takes over the computer and displays fake warnings about virus infections. Such malware frequently shuts down the victim's own anti-virus system and will not allow normal operation of the computer until the victim purchases and installs a specific security programme. This programme is of course sold by the people who produced the original malware.


and ethical hacking

Hacking in this context means the act of breaking into a computer system. This may be for the purpose of financial gain, beating a technical challenge, or just due to wanting to know if it can be done. Breaking into a system is regarded as a criminal activity in most countries, even if no damage is done and no information is stolen.

The term hacking can also refer to non-criminal activities such as modifying computer programmes or testing security systems.

Ethical hacker is one name given to people who are employed or encouraged by an organization to attempt to penetrate networks or computer systems. They are also known as white hat hackers.

A good example of ethical hacking is the annual Pwn2Own competition.

Data Protection

There are two main legal aspects of data protection, laws saying what data must be protected and how well, and criminal activity aimed at getting around that protection.

Laws. In the UK, data protection is overseen by The Information Commissioner's Office.

UK data protection must also comply with European Union directives from the European Data Protection Supervisor.

The EU has quite strict data protection policies. Other countries may have less restrictive laws, or no law at all. e.g. In the USA, there is limited protection under the terms of The Constitution, although some of the individual states have passed State Laws to cover data protection.

The mismatch of degree of protection in different countries can cause problems. Many data protection laws include something to the effect that protected data may not be sent to a country that has weaker protection.

Organisations that have to pass data to and fro, e.g. airlines sending passenger details, often have to make specific arrangements for the protection of the data being sent.

Criminal activity. This is largely the fraud, hacking and other activities described above, but also includes phishing and identity theft.

Contact Privacy Forum ICT index Learning Objectives Home
Home Learning Objectives ICT index Donate Privacy Contact