Copyright, Designs and Patents Act: Notes

The Copyright, Designs and Patents Act has two main

purposes:

1. To ensure people are rewarded for their Endeavour’s

2. To give protection to the copyright holder if someone tries to copy or

steal their work.

Currently it protects Films, Software, Music and anything original. This Act
was introduced to protect the investment of time, money and effort by the
people who create original pieces of work.

In relation to ICT, The Copyright Act helps to ensure that the following are
prevented:

• Copying of software

• Copying or downloading of music

• Copying images or photographs from the web

• Copying text from WebPages and using it in your work or posting it

onto your website and pretending it is your own work.

When purchasing a piece of software, you don’t actually but the software
itself but buy a license to be allowed to use it. There are 3 different types
of licenses each with its own boundaries and restrictions.
 Type of
How many people it covers
license
The software can be loaded onto just one machine. Only one
Single User person can use the software at a time. However, if that person
License stops using the machine then someone else can log on and use the
software.
Multi-user licenses are bought for a certain number of users e.g.
Multi User 20. So at any one time, up to 20 people on the network can use the
License software. The 21st person cannot use the software until one
person logs off or shuts it down.
A site license allows everyone on that site or in an office to use
the software. It can be loaded onto every machine and anyone on
the site can use it. Sometimes a site license covers loading the
Site License software onto staff laptops so that they can use it whilst on the
move. It might even cover staff to have a copy of the software at
home, but that is dependent on the terms of the site license. You
shouldn't just assume that you can do this.

Impact on the Industry

It is estimated that almost 40% of software is copied.

By just cutting the software piracy rate from 25% to 15% would result in an
extra 40,000 jobs in the IT sector and an extra £2.5 billion in tax revenues.

The extra revenue that software companies would receive would mean that
they could reinvest more into new product development.

t’s estimated, in fact, that people breaking the law and downloading
copyrighted music costs the industry something like £8.5 billion a year – and
loses £1.5 billion for the VAT man.

So, the end result, if everybody that has a PC in the UK decided to download
ripped off music rather than buy it, would be an end to the music industry in
the UK.
Legislation in ICT
Data Protection Act (1998)
Eight Principles of the act

1. Data must be kept Secure

2. Data stored must be relevant
3. Data stored must be kept no longer than necessary
4. Data stored must be kept accurate and up to date
5. Data must be obtained and processed lawfully
6. Data must be processed within the data subject rights
7. Data must be obtained and specified for lawful purposes
8. Data must not be transferred to countries without adequate data
protection laws

Computer Misuse Act (1990)

3 Principles

1. It is illegal to access unauthorised data (HACKING)

2. It is illegal to access unauthorised data with the intention of
committing a crime (FRAUD, BLACKMAIL)
3. It is illegal to access unauthorized data and amend it (Planting Viruses
and Deleting files)

The Computer Misuse Act (1990) was developed to cope with problems of
hackers and viruses.

Hackers: Unauthorised Virus: A virus is a

user who attempts to or program written to cause
gains access to an mischief or damage to a
information system. computer system.
Unauthorised Access
Hacking: Explain the consequences of malpractice and crime on information
systems.

Malpractice = Relates to not using a computer correctly weather it be

deliberate or by accident.

The consequences of malpractice/crime (from least to worst), can include:

• Inconvenience/ Time wasting

• Upset/ Emotional Disturbance
• Destruction of data
• Loss of Money
• Loss of Life

Different Types of Crime

• Hacking
• Fraud
• Viruses/Logic Bombs
• Software Theft/Copyright Infringement
• Storing of Illegal Images (Violence/Terrorism etc.)

“Describe possible weak points within information Technology systems”.

How can data be lost? Deliberately? Accidentally?
This boils down to whether your data is private and secure.

Privacy = Keeping data safe and secret from other people

Security = Preventing data “corruption”

There are also external and internal threats to privacy and security.
Internal threats usually refer to how computer systems are at risk from
within a company/organization. (This can include threats within the actual
room a computer is stored in or within the computer that data is stored in)

• Dishonesty of Employees (eg copying list of customers and selling to a

rival company.
• Accidents or bad practice/faulty procedures by employees (eg a user
not knowing how to use a database application properly, or network
technician/manager moving files on a network and not checking
whether it will affect other users.
• Failure to save or BACK UP data
• Hardware failure or damage
• Natural Disasters

External Threats refer to how data within the offices systems can be
affected from sources outside the building/organization.

• Hackers (Accessing data/Information remotely, possibly via internet)

• Virus (Transmitted by USB or over the internet)

Describe the measures that can be taken to protect information technology

systems against internal and external threats

For all of the above internal and external threats, you should be able to
come up with further examples and the various ways to avoid them,
whenever possible. These may include:

Physical measures (eg: Keeping computers in locked rooms, or not leaving

disks or printouts lying around)

Organised systems (eg: Use of PASSWORDS, BACKUPS, Verification and

Validation of Data)
Data Protection

It is important for the IT department of any organization to have an overall

data protection strategy in place that uses various techniques to protect
what in many cases an organization most valuable asset – it’s data.

There are various techniques an organization can apply to protect its

computer information. Listed below are some examples of common data
protection techniques employed by IT Departments.

1. Regular Backup Routines. (Daily, Weekly, Monthly etc.)

2. Fault Tolerant Technology (Equipment which are able to cope with
problems)
3. Anti Virus Policies/Procedures
4. User level security provided by the network operating systems.
5. Firewall.

Viruses

OVERWIEW ON COMPUTER VIRUSES

1. Computer viruses first appeared in the 1890s

2. The 1990s sold development of the macro viruses (macro language is
used in program or application)
3. today the wide use internet and e-mail have seen viruses spreading
faster and easier
4. In 1988, there are three known dos viruses
5. In 1991, there are 900 know viruses
6. Today, there are an access of 1 thousand viruses
7. Every month, a further 200 new viruses appear

Well know anti-viruses software manufacture includes:

AVG, Norton, McAfee, Solomon, and Sopho

WHAT IS VIRUS?
A virus is the term given to a software program that has the ability to
reproduce by modifying other programs to include a copy of itself. It may
contain destructive code that moves into multiple programs, data files, or
devices on a system and spread through multiple systems in a network.
Potential damages include erasing data or freezing PCs, causing loss of
productivity, creating a security breach, invading privacy or stealing internal
services.

There are many types of viruses around, for example a Trojan Horse it a
program that appears to perform a useful function, and sometimes does so
quite well, but also includes an unadvertised features that is usually
malicious in nature.
Malicious means = causing harm
Modifying = improve or change

How does a virus spread?

A computer virus, like its human counterpart, does not spread through the
air. Humans become infected by a virus by coming in contact with someone
who is infected. So is it with computers. They must come in contact with
some contaminated source. The virus infects any form writable storage,
including hard drivers, diskettes, magnetic tapes and cartridges, optical
media and memory. The most frequent sources of contamination are:

1. Physical communication with an infected computer.

2. Copying an unknown disk containing a carrier program.
3. Downloading a file/email from the internet or a bulletin board
system.
4. Running an infected LAN program
5. Booting with an Infected Disk.
Controlling Against Computer Viruses

While Information Technology professionals shave long tried to ensure the

reliability of a computer and network hardware, many are realizing that the
loss or lack of access to PC software and data can cripple operations and
curtail revenue, Computer viruses and other types of malicious software
pose a serious threat.

A number of clues can indicate that a virus has infected or attempted to

infect a system, even before any damage is done. Unexplained system
crashes, programs that suddenly don’t seem to work properly, data files or
programs mysteriously erased, disks becoming unreadable; all could be
caused by a virus.

Worms
A worm is similar to a virus by design and is considered to be a sub-class of a
virus. Worms spread from computer to computer, but unlike a virus, it has
the capability to travel without any human action. A worm takes advantage of
file or information transport features on your system, which is what allows it
to travel unaided.

Differences between Worms and Viruses

Worms
• Can travel around the
computer or Network without
Physical Action
• Can Replicate without a Host
File
• Can Multiply Automatically,
taking up large amounts of
space in the Computer. Causing
system to overload or freeze
Viruses
• Needs to Physically move by a
Computer User (Execute/Copy
Paste)
• Needs Host file to Work
• Needs Physical Execution to
cause Damage on a Computer.
Damage can range from
Complete Shutdown to
Automatic Deletion of Files.
PREVENTING INFECTION

Preventing a virus infection is the best way to protect your organization

against damage. If a virus cannot establish itself within your systems, then
it cannot damage your programs or data. “Prevention is better than cure”.
The following steps can help keep a clean system from becoming infected
with a virus.

Policies and procedures, The Organization should prepare a policy in virus

control to address the following issues

• Tight control of freeware and shareware, A control process that

includes running anti software regularly by each department.

• Control of the infection once it is detected and recovery from the

virus, including backup and dump policies.

Virus Protection Packages

Several commercially available programs can now help detect viruses and
provide some degree of protection against them. However if you’re using
such programs, be careful that they don’t cause greater problems than they
can solve. Some anti-virus programs may warn of a suspected infection when
none has actually taken place. Because of the differences in anti-virus
packages, it’s important to standardize testing procedures and analytical
tools, so results can be compared on a consistent basis. Unfortunately,
malicious code is now a fact of life. Computer viruses appear to be a longer
term threat. Systems and data will continue to be updated to deal with the
threat accordingly.