What are the moral, ethical, legal and cultural consequences of computing?
Understand the moral, ethical, legal and cultural issues raised by computing, the relevant UK legislation, privacy and data protection, and the responsibilities of computer professionals.
A focused answer to AQA A-Level Computer Science 4.12, covering the moral, ethical, legal and cultural issues raised by computing, the relevant UK legislation, privacy and data protection, and the responsibilities of computer professionals.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
AQA wants you to discuss the moral, ethical, legal and cultural consequences of using computing, refer to the relevant UK legislation, explain privacy and data protection concerns, and describe the responsibilities of computer professionals.
The kinds of issue
Major areas of concern include: privacy and surveillance (monitoring of communications and online activity), misuse of personal data (selling, leaking or profiling), the digital divide (unequal access to technology by income, age or region), automation and employment (jobs replaced by software and robotics), algorithmic bias in automated decisions, and the environmental impact of manufacturing and powering hardware and disposing of e-waste. A strong answer in this topic always weighs benefits against harms rather than listing only one side, because the examiner is testing balanced judgement.
Relevant UK legislation
Matching a scenario to the right law is a common exam task, so it helps to fix the cue for each. Anything about unauthorised access or hacking points to the Computer Misuse Act; anything about handling people's personal information points to the Data Protection Act and UK GDPR; copying software, music or text points to the Copyright, Designs and Patents Act; and lawful interception of communications by authorities points to RIPA. Linking the legal protections to the technical topics is natural here, since encryption and secure protocols (from the networking module) are the technical means of meeting the data-protection duty to keep personal data secure.
Privacy and professional responsibility
The professional responsibility dimension is what separates merely legal behaviour from genuinely ethical practice. A professional may face situations that are legal but harmful, such as building a system that is technically compliant but invades privacy or embeds bias, and a code of conduct exists precisely to guide behaviour beyond the minimum the law demands. Considering consent, proportionality, fairness and the wider social impact, not just legal compliance, is the mark of a top-band answer.
Exam-style practice questions
Practice questions written in the style of AQA exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
AQA 20196 marksA company plans to use facial recognition to monitor customers in its stores. Discuss the moral, ethical and legal issues this raises, considering both potential benefits and concerns.Show worked answer →
A strong answer weighs both sides. Benefits include improved security (identifying known shoplifters), personalised service and reduced theft, which can lower prices for honest customers.
Concerns are significant. The moral issue is whether it is right to track people without their meaningful consent, treating ordinary customers as suspects. The ethical issue concerns the company's professional responsibility to be transparent, to avoid bias (facial recognition can be less accurate for some groups, leading to unfair treatment), and to secure the data. The legal issue is data protection: facial data is personal (indeed biometric) data, so under the Data Protection Act and UK GDPR it must be collected lawfully, with a clear purpose, kept secure and not retained longer than necessary, and individuals have rights over it.
A good conclusion notes that an action can be legal but still unethical, so the company should consider proportionality and consent, not just legal compliance.
Markers reward a balanced discussion covering moral, ethical and legal dimensions with specific concerns (consent, bias, data protection law) and a reasoned judgement, not a one-sided list.
AQA 20214 marksIdentify the relevant UK legislation for each of the following and justify your choice: (a) a person hacking into a school network, (b) a company sharing customers' personal data without consent.Show worked answer →
(a) Hacking into a school network is covered by the Computer Misuse Act, because that Act makes unauthorised access to computer systems (and unauthorised modification, and creating malware) a criminal offence. The person has accessed a system without permission, which is exactly what this Act prohibits.
(b) A company sharing customers' personal data without consent is covered by the Data Protection Act and UK GDPR, because these govern how personal data is collected, stored and used, requiring a lawful basis and giving individuals rights over their data. Sharing data without consent or another lawful basis breaches these rules.
Markers reward naming the Computer Misuse Act for unauthorised access and the Data Protection Act / UK GDPR for misuse of personal data, each with a justification tied to what the law covers.
Related dot points
- Understand the functional programming paradigm, functions as first-class objects, function application, partial application and composition, and the higher-order functions map, filter and reduce.
A focused answer to AQA A-Level Computer Science 4.13, covering the functional programming paradigm, functions as first-class objects, function application, partial application and composition, and the higher-order functions map, filter and reduce.
- Understand network security threats, firewalls and proxy servers, the use of encryption, digital certificates and digital signatures, and the difference between symmetric and asymmetric encryption in transmission.
A focused answer to AQA A-Level Computer Science 4.8.5, covering network security threats, firewalls and proxy servers, encryption in transmission, digital certificates and digital signatures, and symmetric versus asymmetric encryption.
- Understand the structure of the internet, packet switching, the TCP/IP four-layer model, IP addressing, DNS, routers and gateways, and how data is routed across networks.
A focused answer to AQA A-Level Computer Science 4.8.4, covering the structure of the internet, packet switching, the TCP/IP four-layer model, IP addressing, DNS, routers and gateways, and how data is routed across networks.
- Understand lossy and lossless compression, run length encoding and dictionary-based compression, symmetric and asymmetric encryption, and error-checking methods such as parity and check digits.
A focused answer to AQA A-Level Computer Science 4.5.12 to 4.5.14, covering lossy and lossless compression, run length encoding and dictionary-based compression, symmetric and asymmetric encryption, and error checking with parity and check digits.
- Understand the client-server and peer-to-peer models, web technologies including HTML, CSS and JavaScript, the role of web servers, and the use of APIs and thin versus thick clients.
A focused answer to AQA A-Level Computer Science 4.8.6, covering the client-server and peer-to-peer models, web technologies including HTML, CSS and JavaScript, the role of web servers, and thin versus thick clients.
Sources & how we know this
- AQA A-level Computer Science (7517) specification — AQA (2015)