Sunday, August 12, 2007

Government should act on cybercrime

The BBC reports that the House of Lords Science and Technology Select Committee has issued a paper prompting the government to take tougher action against cybercrime. It is refreshing to see a policy-making body taking the problem seriously, as lack of enforcement has been a problem in the past.

One of the most important points of the report is that it nails the issue of personal internet security as one that should be treated as crime in general. The problem so far is that regulators have left the bulk of the responsibility for Internet security to the end-user: install anti-virus, firewall and keep your computer updated at all times. However, some of the responsibility for keeping the Internet secure should go to the government. The report recommends:

"The current emphasis of Government and policy-makers upon enduser responsibility for security bears little relation either to the capabilities of many individuals or to the changing nature of the technology and the risk. It is time for Government to develop a more holistic understanding of the distributed responsibility for personal Internet security. This may well require reduced adherence to the “end-to-end principle”, in such a way as to reflect the reality of the mass market in Internet services."
Let us hope that this measured and well-informed report prompts some action.

5 comments:

Axel H Horns said...
This comment has been removed by the author.
Axel H Horns said...

But "reduced adherence to the end-to-end principle" might well be the end of the Internet as we know it. The strength of the Internet revolution comes from just that principle. I'm quite opposed to any such thinking. Do the Lords really overview the full and ultimate consequences of their proposal?

Esther Hoorn said...

Hi,
I browsed through the paper and saw that the Committee urged for ratification of the
Council of Europe CyberCrime Convention. I think it will be interesting to discuss with U.K. students why the U.K. has not yet taken this step. In the Netherlands we saw that the ratification of Cybercrime treaty was followed by new legislation on bot-nets and -more important- on international collaboration. Look forward to international student-centered collaboration in the Cybercrime wiki.

Andres Guadamuz said...

Hello Axel.

That is a good point, but I do agree with their view that we cannot continue to act as if all responsibility lies with the user. Jonathan Zittrain always makes the point that the Internet's infrastructure is faulty, so there is some room to get some form of official involvement.

I'm also not sure what should replace the end-to-end principle, but the status-quo is unsustainable.

Andres Guadamuz said...

Hello Esther,

I'm also looking forward to the cybercrime wiki.