You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
This lesson practises applying legislation and ethical reasoning to real-world scenarios, as required by OCR J277 Section 1.6. The ability to identify which laws apply and discuss ethical implications is essential for the exam.
OCR J277 Paper 1 tests legislation knowledge through scenarios. You need to:
| Law | What It Covers | Key Focus |
|---|---|---|
| Data Protection Act 2018 / GDPR | Handling personal data | Consent, storage, security, rights |
| Computer Misuse Act 1990 | Unauthorised computer access | Hacking, malware, DDoS |
| Copyright, Designs and Patents Act 1988 | Intellectual property | Software piracy, copying content |
| Freedom of Information Act 2000 | Accessing public information | Transparency, exemptions |
A school stores student records including names, addresses, medical conditions, and exam results in a database. An employee accidentally sends a spreadsheet containing all this data to the wrong email address.
Data Protection Act 2018 / GDPR
| Principle Violated | Explanation |
|---|---|
| Integrity and confidentiality | Personal data was not kept secure — it was sent to an unauthorised recipient |
| Accountability | The school must demonstrate it has procedures to prevent such incidents |
A student discovers their teacher's password and uses it to log into the school network. They change their own exam grades in the school's database.
Computer Misuse Act 1990 — Sections 1 and 3
| Section | Offence | Application |
|---|---|---|
| Section 1 | Unauthorised access to computer material | Using the teacher's password to log in without authorisation |
| Section 3 | Unauthorised modification of computer material | Changing exam grades in the database |
OCR Exam Tip: In hacking scenarios, always identify the specific section of the Computer Misuse Act that applies. If the person only accesses data, it is Section 1. If they modify or delete data, it is Section 3. If they access data to commit another crime (e.g. fraud), it is Section 2.
An employee at a small business downloads a pirated copy of expensive design software from the internet and installs it on several company computers.
Copyright, Designs and Patents Act 1988
A journalist submits a Freedom of Information request to a local council asking for details about spending on a new IT system. The council refuses, stating the information is "commercially sensitive."
Freedom of Information Act 2000
A city council proposes installing facial recognition cameras in the town centre to reduce crime.
| Argument | Detail |
|---|---|
| Crime reduction | Identifying known criminals could deter and reduce crime |
| Public safety | Helps locate missing persons or wanted suspects |
| Evidence | Provides evidence for criminal prosecutions |
| Argument | Detail |
|---|---|
| Privacy | Mass surveillance invades the privacy of innocent people |
| Accuracy | Facial recognition has higher error rates for certain demographics |
| Consent | People have not consented to being scanned |
| Chilling effect | People may avoid the town centre if they feel watched |
| Data security | The biometric data collected could be breached |
OCR Exam Tip: For ethical scenarios, always structure your answer with clear paragraphs for arguments for and against. Use specific terminology (not just "it is wrong" or "it is good"). Link ethical issues to relevant legislation where appropriate. End with a balanced conclusion.
| Scenario | Law |
|---|---|
| Someone's personal data is leaked or mishandled | Data Protection Act 2018 / GDPR |
| Someone accesses a computer system without permission | Computer Misuse Act 1990 |
| Someone copies or distributes software/music/images without permission | Copyright, Designs and Patents Act 1988 |
| Someone wants information from a public body | Freedom of Information Act 2000 |
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.