Notes

Legal issues and key legislation

OCR J277 Paper 1 frequently sets 4–6 mark questions asking students to identify the relevant Act for a given scenario and explain its key provisions.

Governs how organisations collect, store and use personal data about identifiable individuals.

Key principles (UK GDPR — DPA 2018 implements them):

Used fairly, lawfully and transparently.
Collected for specified, explicit purposes.
Adequate, relevant and limited to what is necessary.
Accurate and kept up to date.
Not kept longer than necessary.
Stored securely (appropriate technical and organisational measures).
The data subject has rights — to access, correct, erase ("right to be forgotten") and object.

The Information Commissioner's Office (ICO) enforces the Act.

Targets unauthorised access and damage. Three main offences:

Unauthorised access to computer material (e.g. logging in to an account that is not yours).
Unauthorised access with intent to commit a further offence (e.g. hacking to steal money or commit fraud).
Unauthorised modification of computer material (e.g. deleting files, planting malware).

Penalties range from fines to imprisonment (up to life for major attacks under the 2015 amendment).

Protects intellectual property — software, music, films, books, images, designs.

It is illegal to copy, distribute or modify a copyrighted work without permission (a licence) from the rights holder.
Applies automatically when a work is created — no registration required.
Lasts the lifetime of the author + 70 years for most works.
Software and source code are explicitly covered.

A licence is permission to use software under stated terms. Categories:

Type	Definition
Proprietary / commercial	Pay to use; source code closed; cannot redistribute. (Microsoft Office, Adobe Photoshop.)
Freeware	Free to use; source code closed; cannot modify or redistribute commercially. (Adobe Acrobat Reader.)
Open source	Source code published; users may study, modify and redistribute under licence terms (GPL, MIT, Apache). (Linux, Firefox, LibreOffice.)
Shareware	Free trial then pay or stop using. Often feature-limited or time-limited.

Mixing up Computer Misuse Act (about access) and Data Protection Act (about personal data).
Saying "open source means free" — open source means source-available under a licence; some open-source software is paid for. Most are also free of charge.
Forgetting the Copyright Act covers software code, not just music and books.
Forgetting penetration testing is legal only if authorised — otherwise it breaches the Computer Misuse Act.

AI-generated · claude-opus-4-7 · v3-ocr-computer-science-leaves

Try each before peeking at the worked solution.

Question 16 marks
Identify the legislation
For each scenario, name the most relevant piece of legislation and briefly justify your choice:
(a) An employee guesses a colleague's password and reads their personal email. [2]
(b) A company stores customer data on an unencrypted laptop, which is then stolen. [2]
(c) A student uploads a film they bought to a public website. [2]
Ask AI about this
AI-generated · claude-opus-4-7 · v3-ocr-computer-science-leaves
Question 24 marks
Software licences
Compare proprietary software and open-source software, giving one advantage of each from the user's point of view. [4 marks]
Ask AI about this
AI-generated · claude-opus-4-7 · v3-ocr-computer-science-leaves
Question 36 marks
Computer Misuse Act in depth
Describe the three main offences under the Computer Misuse Act 1990 and give an example of each. [6 marks]
Ask AI about this
AI-generated · claude-opus-4-7 · v3-ocr-computer-science-leaves

1.6.2 — Legal issues: Data Protection Act 2018, Computer Misuse Act 1990, Copyright Designs and Patents Act 1988, software licences

7-card SR deck for OCR Computer Science (J277) — leaves batch 1 topic 1.6.2

7 cards · spaced repetition (SM-2)