JISC Legal : Computer Misuse

The prevalence of computer related crime means that FE and HE institutions are affected in many of the same ways as other businesses, organisations and individuals.

This Cybercrime overview paper explores the main obligations imposed on institutions concerning the provision and use of IT facilities in terms of cybercrime.

A checklist of questions for institutions to consider when updating or framing an e-safety policy.

Legal issues which may affect the development and use of particular ePortfolio systems.

ARCHIVED

This document describes an investigation process, the legal issues to be considered and provides guidance in formulation of an institutions policy in dealing with incidents of computer misuse and their subsequent investigation at institutions.

ARCHIVED

Guidance on potential liability for FE and HE in storing information on networks, best practice and limitation of risk.

The Internet Watch Foundation, established in 1996, aims to minimise the availability of online criminal content.

The Child Exploitation and Online Protection (CEOP) Centre delivers a multi-agency service dedicated to tackling the exploitation of children.

Information on and examples of acceptable and unacceptable use of computer systems as well as practical tips on dealing with computer crime.

The EFF is a lobbying organisation which campaigns for consumer rights and monitors cases and legislative changes relevant to the sphere of digital technologies.
http://www.eff.org/.

Links to news items about legal and regulatory aspects of the Internet and the information society, particularly those relating to information content as well as technology.  http://www.qlinks.net/quicklinks/comcrime.htm.  

One of a series of exclusive features focusing on different aspects of crime.
http://news.bbc.co.uk/hi/english/static/in_depth/uk/2001/life_of_crime/cybercrime.stm.

The Charter is aimed at three user groups and is available here -
http://www.ja.net/development/legal-and-regulatory/regulated-activities/charter-for-system-administrators.html.

Factsheets focusing on various aspects of information security, and good practice in information security have been published for the Department of Business, Enterprise and Regulatory Reform. They can be accessed from the BERR web site at:
http://www.berr.gov.uk/sectors/infosec/infosecadvice/resources/checklistshowtoguides/page33298.html.

The Parliamentary Office of Science and Technology (POST) produced a briefing document in October 2006 on data encryption. It provides an outline of the various encryption techniques, how they may be applied and some discussion of government initiatives under the Regulation of Investigatory Powers Act to help criminal investigations deal with encrypted data. The document has been published as POSTnote 270 and is available on the Parliament website at: http://www.parliament.uk/documents/upload/postpn270.pdf.

The Parliamentary Office of Science and Technology (POST) produced a briefing document in October 2006 on computer crime. It provides a general overview, with an indication of the legislation and policy initiatives to combat it. The document has been published as POSTnote 271 and is available on the Parliament website at: http://www.parliament.uk/documents/upload/postpn271.pdf.

JISC has worked with UCISA (Universities and Colleges Information Systems Association) to produce an Information Security Toolkit aimed at assisting educational establishments to protect themselves, their staff and students from online threats. The toolkit is available on the UCISA website at http://www.ucisa.ac.uk/ist

Cybercrime Useful Links

Cybercrime FAQs

As with any other incident response the first aim of is to limit the damage caused by the incident.

A surprise amendment forced through for controversial clause 17 of the Digital Economy Bill could lead to entire sites being forced offline if it becomes law.

Removing potentially libellous material posted by website users as soon as possible can protect from liability

Institutions falling to report data breaches can face financial penalties from April 2010

Further to consultation on The Regulation of Investigatory Powers Act 2000, the Home Office has published new Codes of Practice that will come into force on 6 April 2010.

The ICO has published privacy notice codes of practice.