This involves the prevention of misuse of computer data by legal safeguards to prevent misuse of information stored on computers, particularly information about individual people. Data is protected by installation of safeguards for computer data and the adoption of administrative, technical, or physical deterrents to safeguard computer data. Another technique to protect confidential information is encryption. Computer users can scramble information to prevent unauthorized users from accessing it.
Authorized users can unscramble the information when needed by using a secret code called a key. Without the key the scrambled information would be impossible or very difficult to unscramble. A more complex form of encryption uses two keys, called the public key and the private key, and a system of double encryption. Each participant possesses a secret, private key and a public key that is known to potential recipients. Both keys are used to encrypt, and matching keys are used to decrypt the message.
However, the advantage over the single-key method lies with the private keys, which are never shared and so cannot be intercepted. The public key verifies that the sender is the one who transmitted it. The keys are modified periodically, further hampering unauthorized unscrambling and making the encrypted information more difficult to decipher. (Parker, Donn B; 2006) Passwords are confidential sequences of characters that allow approved persons to make use of specified computers, software, or information.
To be effective, passwords must be difficult to guess and should not be found in dictionaries. Effective passwords contain a variety of characters and symbols that are not part of the alphabet. To thwart imposters, computer systems usually limit the number of attempts and restrict the time it takes to enter the correct password. A more secure method is to require possession and use of tamper-resistant plastic cards with microprocessor chips, known as “smart cards,” which contain a stored password that automatically changes after each use.
When a user logs on, the computer reads the card's password, as well as another password entered by the user, and matches these two respectively to an identical card password generated by the computer and the user's password stored in the computer in encrypted form. Use of passwords and "smart cards" is beginning to be reinforced by biometrics, identification methods that use unique personal characteristics, such as fingerprints, retinal patterns, facial characteristics, or voice recordings. (Parker, Donn B; 2006) Analysis
Firstly, “Looking at this site you immediately notice that the subscribers are actively sharing mp3 and adult files, and engaging in rather interesting gossip about their old lecturers and colleagues” “It was also discovered that he (Mr X) had been selling details of the subscribers to the site on to other agencies without the knowledge of WWW” “Some subscribers have complained that they have been approached by other organizations who appear to have information about them which may have originated from TheStudentBar” Because Mr. X has been discovered, he had been selling details of the subscribers to the site on to other agencies without the knowledge of the company.
The company is under the risk for broken The section 13 Data Protection Act 1998 “13. - (1) an individual who suffers damage by reason of any contravention by a data controller of any of the requirements of this Act is entitled to compensation from the data controller for that damage. (2) An individual who suffers distress by reason of any contravention by a data controller of any of the requirements of this Act is entitled to compensation from the data controller for that distress if-
(a) The individual also suffers damage by reason of the contravention, or (b) The contravention relates to the processing of personal data for the special purposes. (3) In proceedings brought against a person by virtue of this section it is a defence to prove that he had taken such care as in all the circumstance was reasonably required to comply with the requirement concerned. ” Suggestions This is a big offence for selling unauthorized data to outside sources. The owners of this data have to be approached personally to forestall legal actions for violating data protection laws Conclusion
The company has to shut down its operations and seek a better and lawful business so as not to be put into further problems and face the wrath of the law. Mr X, with his wealth of experience should look for more legitimate ways of making money and leave the StudentBar. He can for another company with like minds to do legitimate business.
Parker, Donn B. "Computer Security. " Microsoft® Encarta® 2006 Schechter, Roger E. "Intellectual Property. " Microsoft® Encarta® 2006 All the Act and Statute from: http://www. opsi. gov. uk/acts. htm#acts Also some information from www. bailli. org www.lawbore.net