What laws and ethical issues govern the use of digital technology and data?
The impact of legislation on individuals and organisations (data protection, computer misuse, copyright) and the moral, ethical and social issues raised by digital technology.
A CCEA A-Level Digital Technology answer on the impact of legislation (data protection, computer misuse and copyright) on individuals and organisations, and the moral, ethical and social issues raised by digital technology.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
CCEA wants you to describe the impact of legislation, data protection, computer misuse and copyright, on individuals and organisations, and to discuss the moral, ethical and social issues raised by digital technology. This is the responsibility-and-consequences topic that ties A2 1 together.
Data protection legislation
The impact on an organisation is substantial: it must secure data, train staff, write clear privacy notices, respond to access requests, and face fines and reputational damage for breaches. The impact on the individual is protection: they know data is handled fairly and can exercise rights over it.
Computer misuse legislation
This law protects systems and data from attackers, making clear that accessing or changing data without permission is a crime regardless of intent to profit. Organisations rely on it alongside technical security measures.
Copyright legislation
Copyright legislation protects original works, software, music, films, images, text, from being copied, distributed or used without the owner's permission. For digital technology this means software piracy (copying or sharing programs without a licence), illegal downloading of media, and using images or text without permission are unlawful. Organisations must hold valid licences for the software they use, and creators are protected against theft of their work.
Moral, ethical and social issues
Beyond the law, digital technology raises wider issues: privacy and surveillance (tracking, monitoring and profiling), the digital divide (unequal access to technology and the internet), the effects of automation on employment, the spread of misinformation, online safety and the environmental impact of manufacturing and powering devices. These are matters of ethics and society, not always settled by law, and CCEA expects you to discuss them with balance.
Why this matters
Every information system handles data and software within a legal and ethical framework. CCEA examines whether you can identify which law applies to a situation, describe the duties it imposes, and discuss the broader social and ethical consequences of digital technology.
Try this
Q1. Name the legislation that makes unauthorised access to a computer system an offence. [1 mark]
- Cue. Computer misuse legislation.
Q2. State two duties that data protection law places on an organisation holding personal data. [2 marks]
- Cue. Any two of: keep data secure; use it only for stated purposes; keep it accurate and up to date; not keep it longer than necessary; let individuals see and correct their data.
Q3. Explain one social issue, other than a legal one, raised by widespread digital technology. [2 marks]
- Cue. For example the digital divide: people without access to devices or reliable internet are disadvantaged in education, work and services, widening inequality.
Exam-style practice questions
Practice questions written in the style of CCEA exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
CCEA A2 16 marksDescribe the impact of data protection legislation on an organisation that holds personal data.Show worked answer →
Set out the duties the law places on the organisation and the consequences.
Data protection law requires personal data to be: processed lawfully, fairly and transparently; collected for specified, explicit purposes and not used for incompatible ones; adequate and limited to what is needed; accurate and kept up to date; kept no longer than necessary; and held securely against loss or unauthorised access. The organisation must also respect individuals' rights, such as the right to see the data held about them and to have errors corrected.
The impact: the organisation must register or comply, appoint someone responsible, train staff, secure data, write clear privacy notices, and respond to access requests. Breaches can lead to large fines and reputational damage.
Markers reward several of the principles or duties stated correctly and the point that non-compliance brings penalties. A list with no link to the organisation's obligations limits the marks.
CCEA A2 14 marksDescribe two actions that would be offences under computer misuse legislation.Show worked answer →
Give two clearly unlawful actions covered by computer misuse law.
Unauthorised access: gaining access to a computer system or data without permission, for example logging in with someone else's credentials or guessing a password (hacking). Unauthorised access with intent to commit a further offence: breaking in intending to commit fraud or theft. Unauthorised modification of data: changing, deleting or damaging data or programs without permission, for example introducing a virus or altering records.
Markers reward two distinct offences correctly described (unauthorised access, access with criminal intent, or unauthorised modification). Describing a lawful action, or a copyright or data-protection matter instead, does not earn the marks.
Related dot points
- The features of a relational database (tables, primary and foreign keys, relationships), entity relationship modelling, and normalisation to third normal form.
A CCEA A-Level Digital Technology answer on relational databases: tables, primary and foreign keys and relationships, entity relationship modelling, and normalisation to third normal form to remove redundancy.
- Optimising databases with indexing, maintaining data integrity, and securing databases with access rights, encryption and backup, including concurrency in multi-user systems.
A CCEA A-Level Digital Technology answer on optimising databases with indexing, maintaining data integrity, and securing databases with access rights, encryption, backup and concurrency control in multi-user systems.
- Cloud computing and its service and deployment models, mobile technologies and their uses, and the benefits and drawbacks of each for individuals and organisations.
A CCEA A-Level Digital Technology answer on cloud computing (its service and deployment models) and mobile technologies, with the benefits and drawbacks of each for individuals and organisations.
- Data mining and the discovery of patterns in large data sets, the characteristics of big data, and the uses, benefits and ethical concerns of analysing large data sets.
A CCEA A-Level Digital Technology answer on data mining (discovering patterns in large data sets), the characteristics of big data, and the uses, benefits and ethical concerns of analysing large data sets.
- Artificial intelligence and its applications: expert systems and their components, natural language and voice recognition, and robotics, with their uses, benefits and limitations.
A CCEA A-Level Digital Technology answer on artificial intelligence and its applications: expert systems and their components (knowledge base, inference engine, user interface), natural language and voice recognition, and robotics, with benefits and limitations.
Sources & how we know this
- CCEA GCE Digital Technology specification — CCEA (2016)