You are here

Acts and things which affect us legally

The following is a list of Acts and such-like things which affect us, with some links to more information. It's not guaranteed to be a complete list, and will of course require revision as new things appear.


    "The official home of UK legislation 1267-present."

  2. Scotland Act 1998

    This Act establishes the legislative competence of the Scottish Parliament.

  3. Human Rights Act 1998

    As a public authority we are required to act in such a way that we conform to the Articles of the European Convention on Human Rights as set out in the HRA, particularly Articles 8, 9 and 10, which refer to "right to respect for private and family life", "freedom of thought, conscience and religion" and "freedom of expression".

  4. Data Protection Act 2018 and UK GDPR

    The University's Data Protection web site and Data Protection sharepoint site contain a host of policies and other useful information.

    The DPA and the UK GDPR control the way information about real live people is processed. In general terms, any such processing requires a UK GDPR article-6 basis. Certain classes of "sensitive" personal data are subject to tighter controls. Seek advice from one of the School's "Data Protection Champions" if you are responsible for processing information about real people.

    Note also the provisions of the Privacy and Electronic Communications (EC Directive) Regulations 2003 which regulate the use of email for direct marketing, which must be borne in mind when considering contacting groups by email.

  5. Freedom of Information (Scotland) Act 2002

    FoI(S)A gives anyone anywhere the right to ask us anything they want, and gives us 20 working days to reply. There are some exemptions. It should be assumed that every question asked falls under FoI(S)A, and must be answered (or an exemption claimed and notified). Take advice as necessary.

  6. The Information Commissioner's Office, the Scottish Information Commissioner and The Investigatory Powers Tribunal

    The Information Commissioner and the Scottish Information Commissioner are responsible for the interpretation and enforcement of the DPA and FoI(S)A respectively in Scotland. They both publish useful guidance notes.

    The Investigatory Powers Tribunal "can investigate anything you believe has taken place against you, your property or communications, as long as it relates to a power held by the organisation you are complaining about, under the Regulation of Investigatory Powers Act."

  7. Computer Misuse Act 1990

    The CMA creates offenses of unauthorised access or intended access to computers or modification of computer material.

  8. Communications Act 2003

    Most of the CA doesn't apply to us. It does create offences of dishonestly obtaining electronic communications services or possessing apparatus for doing so, which have been held to be applicable to wireless networks.

  9. Investigatory Powers Act 2016 and the Investigatory Powers (Interception by Businesses etc. for Monitoring and Record-keeping Purposes) Regulations 2018

    This act, and its associated Regulations, set out the circumstances under which "interception" can take place.

    The interception by COs as part of the provision of the service is permitted under section 45 of the Act. Any other interception for whatever purpose is controlled by the IP(IBMRP)R and may require the consent of the Head of School.

    (Most of the Regulation of Investigatory Powers Act 2000 has been replaced by the Investigatory Powers Act 2016. What remains of it doesn't apply to us.)

  10. JANET Acceptable Use Policy and
  11. JANET Security Policy

    We connect to the other Scottish Universities and the rest of the world over JANET. This AUP and security policy govern what traffic is allowed.

    These are implemented locally by the University's Computing Regulations.

  12. JISC Legal

    JISC Legal used to have a responsibility to consider legislation and produce guidance notes for the benefit of the Academic Community. Their repository was often a good place to look for information. An archive of their useful web site can be found on the Wayback Machine (internet archive).

  13. Further and Higher Education (Scotland) Act 2005

    Section 26 of the FHE(S)A requires that Universities in Scotland respect academic freedom for those engaged in teaching and research, though not for taught students. Any publishing and take-down policies would need to take account of this. (The Human Rights Act would also apply, of course.)

    (The Education (No 2) Act 1986 imposes a duty on Universities in England and Wales to uphold freedom of speech; but the section of the act involved does not extend to Scotland.)

  14. Terrorism Act 2006

    Section 3 essentially requires that we have take-down procedures in place which can operate very quickly (and which may have unavoidable side-effects when applied to ensure they can work sufficiently quickly). The deadline for compliance is two working days, excluding a small number of specific holiday days, with no allowance for any delay in the Section 3(3) notice reaching us.

  15. The Health and Safety at Work etc Act 1974

    This act provides a framework for various safe-working practices which we are obliged to follow. Details are in the associated Regulations.

Last reviewed: 

System Status

Home dirs (AFS)
Other services
University services
Scheduled downtime

Choose a topic