GCSE Business
Communication
Systems
Unit 2 – The Business Environment
Implications of Digital
Technology for Business and
Customers – Part 2
Learning Outcomes
Students should be able to:
1. Evaluate the impact that digital technology has had on
business and customers, particularly in relation to:
– Security and/or e‐safety
– Costs
– Training
2. Investigate the Legislation that businesses must adhere to when trading online. You should be
aware of the contents of the:
1. Data Protection Act (and General Data Protection Regulations – GDPR)
2. Copyright, Designs and Patents Act
3. Computer Misuse Act
4. Consumer Contracts REgulations
Images © thinkstockphotos.co.uk
ILO 3
Evaluate the impact that digital technology has had on
business and customers, particularly in relation to:
•security and/or e‐safety
•costs
•training
•legislation (students should be aware of the contents of
the following:
•Data Protection Act (GDPR)
•Copyright, Designs and Patents Act
•Computer Misuse Act)
Images © thinkstockphotos.co.uk
Security/e-safety
If a business offers payment over
a website for their products,
they have a duty to ensure that
customers’ details are kept
secure.
Images © thinkstockphotos.co.uk
Methods of Security
• Use a secure website that begins with
https:/
• Visitors should be able to click on the
padlock and view security infomation
• Use Encryption methos
• Ask customers to set up Username and
password
• Biometric Authorisation rm of security that
measures and matches biometric features of a
user to verify that a person trying to access a
particular device is authorized to do so, e.g.
face ID
• Use of Firewalls – extra form of security
that block out threats entering or exiting
a computer network
Images © thinkstockphotos.co.uk
Payment Security over the Internet
There are a number of different ways that businesses can manage the taking of
payments for orders made on their websites. The choice of system will depend on the
following factors:
• whether the business wishes to host its own payment system via its own website
• or use the services of another business, e.g. PayPal
• the cost of the payment system (hardware as well as security systems) and whether
the business can afford them
• the size of the business: larger organisations tend to own and manage their own
payment systems, smaller businesses tend to use other methods.
Images © thinkstockphotos.co.uk
Cost implications:
• Hardware/software
• Set up
• Maintenance
• Updating
• Staffing
• Recruitment of new
staff
• Retraining of existing
staff
• Security
Images © thinkstockphotos.co.uk
Training & retraining
• Changing and upgrading technology
leads to increased staff training and
retraining
• Whilst there are benefits of having
a well trained staff, this training also
comes at a financial cost to the
business
• Stress levels of staff can also be
increased as they have to deal with
continuous change and retraining
• Training methodology may also be
introduced as a result of technology
e.g. video tutorials
Images © thinkstockphotos.co.uk
Legislation
• The following legislation governs the use of digital technology
today and all businesses must be aware of this legislation and
ensure that their business is compliant:
– The Data Protection Act (now covered under the General Data
Protection Regulations {GDPR})
– The Copyright, Designs & Patents Act
– The Computer Misuse Act
– Consumer Contract Regulations
Images © thinkstockphotos.co.uk
Legislation
UK Data Protection Act 2018 – latest version
controls how your personal information is used by organisations, businesses or the government.
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation
(GDPR).
• Everyone responsible for using personal data has Images © thinkstockphotos.co.uk
to follow strict rules called ‘data protection
principles’. They must make sure the information
they hold is:
– used fairly, lawfully and transparently
– used for specified, explicit purposes
– used in a way that is adequate, relevant and limited to
only what is necessary
– accurate and, where necessary, kept up to date
– kept for no longer than is necessary
– handled in a way that ensures appropriate security,
including protection against unlawful or unauthorised
processing, access, loss, destruction or damage
Your Rights under the DPA
• Under the Data Protection Act 2018, you have the right to find out what information the government
and other organisations store about you. These include the right to:
– be informed about how your data is being used
– access personal data
– have incorrect data updated
– have data erased
– stop or restrict the processing of your data
– data portability (allowing you to get and reuse your data for different services)
– object to how your data is processed in certain circumstances
– You also have rights when an organisation is using your personal data for:
– automated decision-making processes (without human involvement)
– profiling, for example to predict your behaviour or interests
Images © thinkstockphotos.co.uk
Roles in the DPA
• Data Subject – the person on whom the information is held
• Data Controller – the person in an organisation who is
responsible for ensuring that the organisation and staff are
compliant with the DPA
• Information Commissioner – employed by the Government to
ensure that all business & organisations comply with the DPA.
Also responsible for ensuring that the general public is aware
of their rights under the DPA
Images © thinkstockphotos.co.uk
Legislation
General Data Protection Regulations
On the 25th May 2018, the European Union’s General Data Protection Regulation (2016) legislation
came into force. The GDPR will apply here until the UK leaves the EU. It is likely that new UK
legislation will have to be drawn up after Brexit. The implications for individuals and business of the
GDPR legislation means that the data they hold must be:
• processed lawfully, fairly and in a way that is clear to the
individual in question
• used for purpose it is intended for only
• limited to the data needed for the declared purpose
• accurate
• not kept for longer than necessary
• held securely
Images © thinkstockphotos.co.uk
Thought Shower
What implications does the UK Data Protection Act
2018 have for businesses?
1. A company policy on the Act must be in place.
2. They must ensure they keep customer/staff data on file safe and
secure
3. They must ensure they have systems in place to process data
securely
4. They must ensure they only use data for its intended purpose
and that it is used fairly, lawfully and transparently
5. They will have to ensure their systems are robust and secure
6. They will have to retrain their staff on the DPA (GDPR) and how
to make sure they stay within the law
7. There will be cost implication to all of this
Images © thinkstockphotos.co.uk
Copyright, Designs & Patents Act 1988
• Covers:
– illegally copying or
downloading software
– stealing ideas from one
company for use in
another
– using unlicensed
software
– non-payment of
downloaded materials
Images © thinkstockphotos.co.uk
More Detail on the CDPA
• The Copyright Designs and Patents Act (1988) gives creators of
digital media the rights to control how their work is used and
distributed.
• Music, books, videos, games and software can all be covered
by copyright law.
• Anything which you design or code is automatically
copyrighted and may not be copied without your permission,
as the digital creator.
Images © thinkstockphotos.co.uk
Thought Shower
What implications does the Copyright Designs &
Patents Act have for businesses?
1. The company must have a policy and processes in place to ensure
they work within the CDPA
2. They must ensure they have licences for all of their software
3. They must ensure that they have the correct user licences, e.g.
single; site licence etc.
4. They must ensure that they or any employee does not use copies of
software or provide copies to others
5. They must ensure that they or any employee does not download any
materials illegally
6. They must ensure that they or any employee does not copy or steal
ideas copyrighted by other companies
7. They must ensure that staff are adequately trained so as not to be in
breach of CDPA
8. Cost implications
Images © thinkstockphotos.co.uk
Quick Quiz on CDPA!
• https://www.bbc.com/bitesize/guides/zhd7hyc/test
Images © thinkstockphotos.co.uk
Computer Misuse Act 1990
The Computer Misuse Act protects
personal data held by organisations
from unauthorised access and
modification).
– gaining unauthorised access to
a computer system
– deliberately planting viruses in
a computer system
– committing computer fraud
– using a company computer
without permission
Images © thinkstockphotos.co.uk
Computer Misuse Act 1990
• The act makes the following illegal:
– Unauthorised access to computer material. This refers to entering a computer system without
permission (hacking)
– Unauthorised access to computer materials with intent to commit a further crime. This refers to
entering a computer system to steal data or destroy a device or network (such as planting a virus)
– Unauthorised modification of data. This refers to modifying or deleting data, and also covers the
introduction of malware or spyware onto a computer (electronic vandalism and theft of
information)
– Making, supplying or obtaining anything which can be used in computer misuse offences
• These four clauses cover a range of offences including hacking, computer fraud, blackmail and
viruses.
Images © thinkstockphotos.co.uk
Thought Shower
What implications does the Computer Misuse Act have
for businesses?
1. A company policy on CMA must be in place
2. They must ensure that have robust and secure systems that are
difficult to break into
3. They should have processes in place that ensure authorised
access to systems for authorised personnel only
4. They must keep their systems up to date in terms of security
5. Staff might need to be trained for this purpose – this will mean a
cost implication
6. Cost – around secure systems in place
Images © thinkstockphotos.co.uk
Quiz – Computer Misuse Act
• https://www.bbc.co.uk/bitesize/guides/zt8qtfr/test
Images © thinkstockphotos.co.uk
Consumer Contracts Regulations
The Consumer Contracts Regulations came into force on 13 June 2014.
• These regulations are designed to protect us when purchasing good and services 'off premises'. This means we
are covered when buying goods from online retailers. When purchasing online you have the right to:
– A description of the goods
– The total price of the goods
– How they will be provided to you
– All additional delivery charges
– Details about your right to cancel
– Information on the compatibility of digital content with hardware and other software that the trader is aware of (or can
reasonably be expected to be aware of)
Images © thinkstockphotos.co.uk
Consumer Contracts Regulations
In summary, Consumer Contracts Regulations state that:
• Your right to cancel an order for goods made at a
distance starts when you receive the goods and lasts for
14 days
• Your right to cancel a service made at a distance starts
the moment you enter into the contract and lasts 14
days
• If you want to download digital content within the 14-
day cancellation period, you must agree to waive your
cancellation rights
• Companies are not allowed to charge you for items
they put in your online shopping basket or that you
have bought as a result of a pre-ticked box
Images © thinkstockphotos.co.uk
Thought Shower
What implications does the Consumer Contracts Regulations
have for businesses?
1. A company policy must be in place
2. They must ensure they adhere to the regulations
3. The must clearly state delivery charges on any website
4. They must provide clear descriptions of all goods
5. They need to ensure staff are trained in the Policy
6. All of this will have a cost and time implication for a Business
Images © thinkstockphotos.co.uk
Quiz on Legislation
• https://www.bbc.co.uk/bitesize/guides/z8m36yc/test
Images © thinkstockphotos.co.uk
Assessment – ILO 3
• Questions:
• 2019 Q3d
• 2014 Q2d
• 2011 Q1fii p4
• Specimen paper – p27 ms p97
Images © thinkstockphotos.co.uk
• https://www.bbc.co.uk/bitesize/guides/z9fbkqt/revision/6
• https://www.bbc.co.uk/bitesize/guides/zv6cgwx/revision/7
• https://student.craigndave.org/videos/ocr-gcse-j277-slr-1-6-
legislation-relevant-to-computer-science
Images © thinkstockphotos.co.uk
Videos on Legislation
https://youtu.be/yQila5tRvek
https://youtu.be/DdZWxllYKQk
https://youtu.be/j6wwBqfSk-o
https://youtu.be/yaHTvlpnQsk
Images © thinkstockphotos.co.uk
Learning Check
Can you:
• demonstrate a knowledge and understanding of how digital technology has affected business,
in the following areas:
– retraining
– job displacement
– job creation
– teleworking
• demonstrate knowledge and understanding of how a business can use the following digital
technologies and their implications:
– Radio Frequency Identification (RFID)
– Global Positioning System (GPS) tracking
– contactless payment
• evaluate the impact that digital technology has had on
business and customers, particularly in relation to:
– security and/or e‐safety
– costs
– training
– legislation (students should be aware of the contents of the following: Data Protection
Act, Copyright, Designs and Patents Act and Computer Misuse Act)
Images © thinkstockphotos.co.uk