National and international law apply to activities carried out using computers and networks. The UK has a number of laws which apply particularly to computers and networks:
- Computer Misuse Act 1990 - creates offences of unauthorised access and interference with computers and data
- Communications Act 2003 - creates offences of improper use of a public communications service (s.127) and dishonestly obtaining electronic communications services (s.125)
- Regulation of Investigatory Powers Act 2000 - controls the interception of traffic on networks, and was introduced to ensure the UK could comply with the Human Rights Act 1998 rules on privacy of communications. It also creates powers for the police and other investigating authorities to require networks to provide information about their users and their use of networks.
- Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 - covers interception for business purposes, for example the enforcement of acceptable use policies
- Data Protection Act 19981 - establishes requirements on anyone holding personal data on a computer or any other organised filing system
- Privacy and Electronic Communications (EC Directive) Regulations 2003 - contains detailed restrictions on the use of personal data in electronic communications (for example sending unsolicited e-mails), amended by the Privacy and Electronic Communications (EC Directive)(Amendment) Regulations 2011
- Data Retention and Investigatory Powers Act 2014 and Data Retention (EC Directive) Regulations 2009 - create a requirement for public network providers to retain data about use of their networks and services by their users (these will not normally apply to the Janet network or our customers' networks)
- Police and Justice Act 2006, section 37 - created new offences relating to the making, supplying and obtaining of tools used in the existing Computer Misuse Act 1990 offences. Organisations and individuals involved in research or development of security tools, or in training others to use them, should be aware of the Crown Prosecution Service's Guidance to Prosecutors to ensure that their activities are not caught by these provisions.
- 1 Information about this act is available from the Information Commissioner https://ico.org.uk