Feeds

UK.gov lambasted for ignoring peers' cybercrime report

Either stupid or ignorant, fumes security researcher

Boost IT visibility and business value

A leading security expert has criticised the UK government for ignoring recommendations on tackling cybercrime from peers.

The House of Lords' Science and Technology Committee produced a five point plan for tackling cybercrime and safeguarding e-commerce after extensive consultations with experts in industry and academia.

Proposals in the committee's Personal Internet Security report included establishing a centralised and automated system for the reporting of e-crime and enacting US-style data breach notification disclosure laws.

More controversially, the committee argued for moves towards making suppliers legally liable for damage resulting from security flaws.

The government responded last week to the August report of the committee that "turned down pretty much every recommendation", according to a security researcher who aided peers in their hearings.

Richard Clayton, a security researcher at Cambridge University and long-time contributor to UK security policy working groups, has expressed deep frustration at the government's lack of action. He accuses the government of complacency, or worse, in a strongly worded critique posted on the University of Cambridge security blog.

Among the peers' key recommendations - after hearing testimony from experts from Microsoft, Cisco, Verisign, and others - were measures designed to collate information on the extent of cybercrime. Policies introduced last April mean the public is advised to report incidents of credit card fraud to the banks instead of to the police.

The peers, and experts such as Clayton, disagree with this policy. But the government officials turned down calls for a rethink. "They don't think that having the banks collate crime reports gets all the incentives wrong; and they 'do not accept that the incidence of loss of personal data by companies is on an upward path'," Clayton writes.

He argues that the government is burying its head in the sand through a combination of either ignorance or stupidity. "If the government was up-to-speed on what researchers are documenting, they wouldn't be arguing that there is more crime solely because there are more users - and they could not possibly say that they 'refute the suggestion... that lawlessness is rife'," Clayton laments.

He expresses frustration at the government's lack of action. "That's more than a little surprising, because the report made a great deal of sense, and their lordships aren't fools," Clayton writes.

Clayton's frustration is understandable, but the government's lack of action on the recommendation of a parliamentary committee looking at internet security issues is far from unprecedented.

When the All Party Internet Group of MPs looked at the nuisance of junk mail it heard testimony that criminal sanctions were necessary and that legislation ought to deal with spam emails sent to businesses as well as private individuals. The recommendations were ignored, leaving huge loopholes that have rendered UK anti-spam laws toothless. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
Microsoft: We plan to CLEAN UP this here Windows Store town
Paid-for apps that provide free downloads? Really
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?