StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Macrobox Computer System and Servers - Essay Example

Cite this document
Summary
The paper "The Macrobox Computer System and Servers" gives detailed information about a data processor Macro box. For the data breaches by Macrobox to attract a fine, the Information Commissioner would have to establish that the breach was serious…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.4% of users find it useful
The Macrobox Computer System and Servers
Read Text Preview

Extract of sample "The Macrobox Computer System and Servers"

?TASK ONE: In advising MacroBox regarding their legal position regarding the DNS attacks and attempted intrusions it is necessary to consider the provisions of the Computer Misuse Act 1990 and the Police and Justice Act 2006. The main legislative provisions dealing with computer misuse is the Computer Misuse Act 1990 (“the Act”), which was drafted without foresight of the practical implications of Internet growth. In its previous form, the Act covered two types of computer related offences; firstly the unauthorised access to computer material and unauthorised modification of computer material. However, the increasing difficulty of prosecuting under the Act and its failures to address the continuous developments in technology led to criticisms of its ability to address the increasing reality of cyber criminal activity (Lloyd, 2004). An attempt to address these problems in the Act was implemented in controversial amendments, which came into force in October 2008 through the Police and Criminal Justice Act 2006 . With regard to the unauthorised access and attempted intrusions this could constitute an offence under the Act of the conduct satisfies the requirements as follows: 1) Unauthorised access to computer material (Section 1 of the Act); 2) Access to computer material without authorisation with intent to commit or assist the commission of offences (Section 2 of the Act); and 3) Modification of computer data without authorisation (Section 3 of the Act). With regard to the current factual scenario, it is evident that there have been attempts to hack the Macrobox system without success so far. Accordingly, whilst there has clearly been an intention to commit the office, there does not appear to have been actual access to the computer system or computer material. However, the Police and Criminal Justice Act 2006 significantly widened the definition of misuse and Section 36(2) of the 2006 Act widens the ambit of Section 3 of the Act by providing that “unauthorised acts” within the Section 3 definition include intention to do the following: “a) Impair the operation of any computer; b) To prevent or hinder access to any program or data held in a computer; or c) To impair the operation of any such program or the reliability of any such data; or d) To enable any of the things mentioned in paragraphs (a) to (c) above to be done” (Section 36(2) Police and Criminal Justice Act 2006). Accordingly, if we apply this to the current scenario, whilst the access to Macrobox’s computer and servers were not successful, the attempt to hack will constitute a criminal offence under Section 3 of the Act. With regard to potential penalties, the Police and Criminal Justice Act 2006 provides for criminal liability on the following basis to be included in the Act for the Section 3 offence: 1. On summary conviction a prison sentence of up to 12 months and a fine not exceeding the statutory minimum; or 2. On conviction on indictment, imprisonment for a term not exceeding ten years or a fine or both (Section 36(6) of the Police and Criminal Justice Act 2006). Additionally, as the forum users have been trying to encourage others to hack Macrobox, this also potentially falls within incitement offences, which have now been removed from the Act and inserted into the inchoate offences section of the Serious Crime Act 2007. Furthermore, it is important to highlight that the encouragement on online forums to hack Macrobox’s computer systems could also constitute a potential offence under the Terrorism Act 2000. Section 2(e) of the Terrorism Act provides that an act of terrorism includes any act which is “designed seriously to interfere with or seriously disrupt an electronic system” if the act is undertaken with the objective of furthering a political, religious or ideological cause. In the current scenario, it is evident that the attempts to hack and interfere with Macrobox’s computer systems and servers were as a result of the disclosure on public forums that Macrobox is a major software supplier for Staffordshire Pets, who are involved with animal testing. With regard to the denial of server attacks, under the Act, the term “misuse” has been extended to criminalize computer security research and defence software tools, making it illegal to download, write, amend or modify anything which could be used to commit a computer hacking or denial of service attack. However, as highlighted above, Section 36 of the Police and Justice Act 2006 specifically extends the Act’s provisions regarding unauthorised modification of computer material and as a result provides that denial of server attacks constitute a criminal offence. Furthermore, the 2006 Act highlights that it is not necessary to demonstrate that the criminal intention was directed to a specific program or computer. Accordingly, the denial of server attack will constitute a criminal offence and be subject to the same penalties as provided for in Section 36(6) of the Police and Criminal Justice Act 2006. Accordingly, if we apply this to the current scenario it is evident that the denial of server attacks will constitute a criminal offence under the Act and the Police and Criminal Justice Act 2006. In summary, the attempts to hack into the Macrobox computer system and servers will constitute a criminal offence under Section 3 of the Act. Furthermore, as the criminal conduct has been incited on forums in support of being against animal testing, it is also possible that the hacking attempts will constitute an act of terrorism under the Terrorism Act 2000. Similarly, the denial of server attacks will also constitute a criminal offence under the Act and potentially fall within the Terrorism Act provisions. TASK 2: DATA PROTECTION ISSUES The factual scenario indicates that potential liability of Macrobox for being in breach of Data Protection legislation for failure to protect against disclosure of its staff’s personal information along with client information. Firstly, the disclosure of this information raises issues of breach of confidence (Bainbridge, 2007). However, Bainbridge comments that the law of breach of confidence has developed on an ad hoc basis and remains narrow in application (2007). For example, the traditional premise for the law of confidence has assumed a relationship of confidentiality, which fails to cover instances of disclosure of information outside of such a relationship where disclosure may nevertheless be detrimental (Bainbridge, 2007). In the current scenario, the contractual relationship with customers and clients would imply a duty of confidence regarding information in order to bring a claim for breach of confidence (Bainbridge, 2007). Similarly, the employee relationship implies a mutual duty of trust and confidence and therefore the disclosure of personal employee information would also appear to point to a breach of confidence. Furthermore, the duty of confidence arises in equity on grounds of the equitable maxim “he who has received information in confidence should not take unfair advantage of it” (Bainbridge, 2007). Alternatively, the strongest basis for legal recourse against Macrobox for disclosure and the passing on of the employee and client information is the Data Protection Act 1998, which imposes obligations on all businesses handling customer information (Marcella & Stuck, 2007). In particular, the Data Protection Act 1998 requires protection of personal information and provides that anybody processing personal information (which includes customer information) must ensure the following: 1) Fair and lawful processing of data; 2) That processing of personal information is undertaken for limited purposes; 3) The processing is not excessive; 4) The information is kept up to date 5) The information is not kept for longer than necessary 6) The information is processed in line with the data subject’s rights 7) The information is secure 8) The information is not transferred abroad without reciprocal protection (Data Protection Act 1998). Additionally, as information was taken from employees and customers, it was not only Macrobox’s duty to register under the Data Protection Act 1998; but all staff, customers and indeed any “data subjects” have the legal right under the Data Protection Act 1998 to know what information is being held and whether or not the information has been passed to third parties (Carey, 2009). Therefore, if the information has been passed on, not kept secure and therefore unlawfully passed on to third parties as a result; then this could be in breach of the Data Protection Act 1998 for unlawful processing of personal information. In the current scenario, Macrobox would appear to have been in breach of the express obligation to ensure the information is held securely and therefore they are exposed to potential liability to its staff and any other data subjects for unlawful processing of data due to it being passed on to third parties beyond the limited purpose exception (Carey, 2009). As a result, any data subject whom Macrobox held information on could initiate proceedings under the Data Protection Act 1998 for compensation if they could establish “damage or distress”. Whilst this is very extreme and the customer bears the burden of proof, the factual circumstances of the current scenario clearly indicate a risk of a claim under the Data Protection Act 1998 (Carey, 2009). In summary, it is evident that as a data processor Macrobox had an express duty to register the information held and to ensure it was securely stored to prevent against unlawful processing. The fact that the information was not securely held and has now been passed on to third parties clearly constitutes a breach of the Data Protection Act 1998 in addition to potential claims for breach of confidence. As such, Macrobox is exposed to liability to data subjects for compensation for breaches of the Data Protection Act 1998. Additionally, the circumstances suggest that the failure to protect the data could constitute negligence and as such, the Information Commissioner could also impose a fine on Macrobox of up to a maximum of ?500,000 for the personal data security breaches (ICO, 2010). In order for the data breaches by Macrobox to attract a fine, the Information Commissioner would have to establish that the breach was serious, likely to cause distress and that Macrobox was negligent or failed to take reasonable steps to protect the information. As highlighted above, the nature of the data disclosed to the public is clearly sensitive and has potential to cause distress and damage. As such, the data breach by Macrobox will most likely satisfy the serious requirement. Additionally, the failures to ensure adequate protections were in place would also point to negligence and failure to take reasonable steps. On this basis, in addition to potential compensation claims by data subjects, Macrobox will most likely be subject to a fine by the Information Commissioner, the amount of which will be subject to the Commissioner’s discretion. Bibliography Bainbridge, D. (2007) Intellectual Property. London: Pearson Longman. Lloyd, I. (2004). Information Technology Law. Oxford: Oxford University Press. Marcella, A. Stuck C. (2007). Privacy Handbook: guidelines, exposures, policy implementation and international issues. London: Wiley Press Legislation Computer Misuse Act 1990 Data Protection Act 1998 Terrorism Act 2000 Serious Crime Act 2007 Police and Criminal Justice Act 2006 All Legislation Available at www.opsi.gov.uk accessed March 2011. Websites Information Commissioner at www.ico.gov.uk accessed March 2011. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(The Macrobox Computer System and Servers Essay Example | Topics and Well Written Essays - 1750 words, n.d.)
The Macrobox Computer System and Servers Essay Example | Topics and Well Written Essays - 1750 words. https://studentshare.org/environmental-studies/1413249-the-macrobox-computer-system-and-servers
(The Macrobox Computer System and Servers Essay Example | Topics and Well Written Essays - 1750 Words)
The Macrobox Computer System and Servers Essay Example | Topics and Well Written Essays - 1750 Words. https://studentshare.org/environmental-studies/1413249-the-macrobox-computer-system-and-servers.
“The Macrobox Computer System and Servers Essay Example | Topics and Well Written Essays - 1750 Words”. https://studentshare.org/environmental-studies/1413249-the-macrobox-computer-system-and-servers.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Macrobox Computer System and Servers

Distributed Computer System

For instance, businesses that require e-commerce applications are more likely to achieve greater benefits using a distributed computer system.... This paper will present a critical evaluation on the reality of having a true distribute system.... A distributed system is one that is made up of independent computer systems that work together and appear to those using it as a unified system.... The core of a distribute computer systems is the interconnectedness between its components making users think of it as a single system....
11 Pages (2750 words) Essay

The Employees Performance of Their Duties in Macrobox

The task of this paper to examine culpability, if any, of the perpetrators, including the service provider which is parallel to the problem presented by Macro box, a software supplier, where one of its clients is Staffordshire Pets Inc.... which is engaged in animal testing.... hellip; Macro box alleged that it not only suffered actual damages but also damages on its customer goodwill due to several DNS attacks launched by activist groups to compel them to cease and desist from providing software services....
8 Pages (2000 words) Essay

Computer Operating Systems

It enables communication between the system and the user.... This paper ''Computer Operating Systems'' discusses that Operating system can be described as Heart of a computer.... It is the most vital part of a system.... The operating system is the most crucial software which a computer needs to run itself.... nbsp;… It is a set of different software's which manages the hardware resources and different activities of the system....
11 Pages (2750 words) Research Paper

A New Computer System for Staples

(Staples, The Office Superstore, 2005) I suggest implementing a new computer system that allows getting a full description of every item in the sales area and give consumer complete information about this item.... The computer system includes expert information and can give a piece of good advice to the consumer.... For example, if he or she is interested in a drawing board, the system prompts to purchase a set of colored markers as well.... If the customer is interested in a table, the system prompts to purchase a chair of the same color and displays prices on them....
4 Pages (1000 words) Essay

Web Servers and Internet Applications.Client Server Communication.Goodyear (1999)

Specific types of servers include: application servers, file servers, terminal servers, and mail servers.... For example, if someone read a Web page, his computer and web browser is considered a client, and the computers, databases, and applications that make up the Web page are considered the server.... Client/server architecture illustrates the relationship between two computer programs in which one program is a client, which makes a service request to another program called as Server....
12 Pages (3000 words) Essay

Server Virtualization

Dividing the functionality into clients and servers allows each to be specialized.... hellip; According to the research paper, modifying an existing service is an onerous task, oftentimes involving modifications to the clients and servers.... Because the virtualizer is separate from and independent of the clients and servers, the clients and servers do not need to be modified.... In most computer networks, the clients and servers are not directly connected, but the messages between them are routed through a series of network routers or switches....
9 Pages (2250 words) Term Paper

What is the Computer Misuse Act

Accordingly, whilst there has clearly been an intention to commit the office, there does not appear to have been actual access to the computer system or computer material.... With regard to the current factual scenario, it is evident that there have been attempts to hack the Macro box system without success so far.... This paper "What is the computer Misuse Act" discusses the main legislative provisions dealing with computer misuse is the computer Misuse Act 1990, which was drafted without the foresight of the practical implications of Internet growth....
7 Pages (1750 words) Assignment

Legal Advice for Macrobox Computing

It is the task of this paper to examine the culpability of the perpetrators, including the service provider which is parallel to the problem presented by Macro box, a software supplier, where one of its clients is Staffordshire Pets Inc.... which is engaged in animal testing.... hellip; Seventh Principle of the Data Protection Act mandates that diligent implementation of both technical and procedural protection should be undertaken by parties entrusted to keep such information....
8 Pages (2000 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us