Cybersecurity Laws and Students: What You Need to Know About Staying Safe and Legal Online

Guest Contributor -

In an age where students live, learn, and socialise online, cybersecurity is no longer just the concern of IT professionals or government agencies. Whether you're submitting coursework via your university's portal, using cloud storage to back up your dissertation, or simply engaging on social media, you are part of a vast digital ecosystem—and that comes with both rights and responsibilities.

Recent changes in UK cybersecurity legislation mean students need to be more aware than ever of what’s legal, what’s risky, and what’s expected of them online. This blog post breaks down the key laws, explores how they affect students, and provides practical tips to stay secure and compliant.

Key Cybersecurity Laws Affecting Students

1. Computer Misuse Act 1990 (CMA)

Still the bedrock of UK cybercrime legislation, the CMA criminalises:

  • Unauthorised access to computer systems (such as hacking),
  • Unauthorised modification of computer material (for example, deleting or changing files),
  • Making or supplying malware.

Why it matters for students: Attempting to access university systems, restricted documents, or using another student's login—even as a joke—can result in criminal charges. These offences carry serious penalties, including imprisonment.

A university student in the UK was expelled and prosecuted in 2021 for attempting to alter his academic marks by accessing a lecturer’s account.

2. UK GDPR and Data Protection Act 2018

These laws protect individuals’ personal data and ensure organisations are clear and lawful in how they use it.

  • Universities must inform students what data they collect and why.
  • Students have the right to access their data, request corrections, and in some cases, request erasure.

Why it matters for students: If you're conducting surveys or handling participant data for research, you may also be subject to these laws. It’s essential to seek ethical approval and follow your institution’s data handling protocols.

3. Online Safety Act 2023

This legislation places legal obligations on digital platforms to protect users from illegal or harmful content, including hate speech, cyberbullying, and extremist material.

Why it matters for students: Educational and social platforms used by students (e.g., Zoom, Discord, or group chats) now face stricter regulation. While this improves user safety, it also means students must be cautious about the content they share. What may be intended as banter could be interpreted as offensive or even unlawful.

Student Life Online: Rights and Responsibilities

Students interact with digital platforms every day—whether through university systems, research databases, or group chats. Here’s how current cybersecurity laws affect these activities.

Academic Platforms

  • Accessing restricted university content or attempting to bypass login protocols could breach the Computer Misuse Act.
  • Sharing login credentials, even with friends or housemates, can result in disciplinary action or legal consequences.

Social Media and Messaging Apps

  • Posting or forwarding offensive content, harassment, or misinformation may now fall under scrutiny of the Online Safety Act.
  • Engaging in or failing to report online bullying could have consequences both online and within your institution.

Research and Data Collection

  • When conducting surveys or research involving human participants, informed consent and data anonymisation are critical.
  • Mishandling or leaking personal data can lead to data breaches, with potential disciplinary and legal outcomes.

How to Stay Safe and Compliant

Here are some practical actions students can take to stay within the law and protect their digital wellbeing:

1. Strengthen Your Digital Security

  • Use strong, unique passwords for each account.
  • Enable two-factor authentication where available.
  • Avoid clicking suspicious links or downloading unknown attachments.

2. Protect Your Personal Data

  • Check privacy settings regularly across devices and platforms.
  • Only share necessary personal information and always with trusted sources.
  • If you're using cloud storage, make sure it's encrypted or password-protected.

3. Be Mindful in Digital Spaces

  • Treat digital platforms as public spaces—what you post can be screenshotted, shared, and scrutinised.
  • Don’t engage in or ignore abusive behaviour online. Report anything you believe breaches university or platform rules.
  • Read your institution’s IT usage and data protection policies to stay informed.

Opportunities for Law and Tech Students

For students studying law, computer science, or cybersecurity, this is a field full of academic and professional opportunity.

  • Legal and regulatory frameworks are evolving to address issues like AI, cybercrime, and online harm.
  • The demand for legal professionals and advisors with technical expertise is growing in law firms, tech companies, and regulatory bodies.

Recommended resources include:

  • National Cyber Security Centre (NCSC)
  • Information Commissioner’s Office (ICO)
  • Law Society reports on digital and cybersecurity policy
  • University-based LegalTech societies or student groups

Cybersecurity laws are not just abstract rules buried in legislation—they affect the way you submit assignments, join lectures, and interact with your peers online. Staying informed is key to protecting your privacy, avoiding accidental violations, and building a responsible digital presence.

The digital world is part of your academic environment. Learn the rules, stay alert, and be the kind of student who contributes to a safer and more ethical online space.

Do you feel equipped to navigate cybersecurity laws as a student? Share your thoughts with the Student Bytes team or consider writing your own take for the blog.