Feeds

UK.gov lambasted for ignoring peers' cybercrime report

Either stupid or ignorant, fumes security researcher

Providing a secure and efficient Helpdesk

A leading security expert has criticised the UK government for ignoring recommendations on tackling cybercrime from peers.

The House of Lords' Science and Technology Committee produced a five point plan for tackling cybercrime and safeguarding e-commerce after extensive consultations with experts in industry and academia.

Proposals in the committee's Personal Internet Security report included establishing a centralised and automated system for the reporting of e-crime and enacting US-style data breach notification disclosure laws.

More controversially, the committee argued for moves towards making suppliers legally liable for damage resulting from security flaws.

The government responded last week to the August report of the committee that "turned down pretty much every recommendation", according to a security researcher who aided peers in their hearings.

Richard Clayton, a security researcher at Cambridge University and long-time contributor to UK security policy working groups, has expressed deep frustration at the government's lack of action. He accuses the government of complacency, or worse, in a strongly worded critique posted on the University of Cambridge security blog.

Among the peers' key recommendations - after hearing testimony from experts from Microsoft, Cisco, Verisign, and others - were measures designed to collate information on the extent of cybercrime. Policies introduced last April mean the public is advised to report incidents of credit card fraud to the banks instead of to the police.

The peers, and experts such as Clayton, disagree with this policy. But the government officials turned down calls for a rethink. "They don't think that having the banks collate crime reports gets all the incentives wrong; and they 'do not accept that the incidence of loss of personal data by companies is on an upward path'," Clayton writes.

He argues that the government is burying its head in the sand through a combination of either ignorance or stupidity. "If the government was up-to-speed on what researchers are documenting, they wouldn't be arguing that there is more crime solely because there are more users - and they could not possibly say that they 'refute the suggestion... that lawlessness is rife'," Clayton laments.

He expresses frustration at the government's lack of action. "That's more than a little surprising, because the report made a great deal of sense, and their lordships aren't fools," Clayton writes.

Clayton's frustration is understandable, but the government's lack of action on the recommendation of a parliamentary committee looking at internet security issues is far from unprecedented.

When the All Party Internet Group of MPs looked at the nuisance of junk mail it heard testimony that criminal sanctions were necessary and that legislation ought to deal with spam emails sent to businesses as well as private individuals. The recommendations were ignored, leaving huge loopholes that have rendered UK anti-spam laws toothless. ®

New hybrid storage solutions

More from The Register

next story
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.