European officials came under fire this week for failing to consult
businesses over a raft of new legislative proposals to combat crime
on the Internet.
The proposals include the creation of a European early warning
system for cybercrime attacks and a public awareness campaign on
the dangers of buying over the Internet.
However, IT industry groups have accused the European Commission of
pushing ahead with new policy proposals without properly consulting
businesses and IT user organisations.
Eurim, the influential IT lobby group, which is meeting to discuss
the proposals this week, said the commission is failing to tackle
some of the basic problems facing victims of cybercrime.
"There is a concern that the issues of how you report cybercrime,
to whom, and who is going to take action over it, do not appear to
have been addressed," said Philip Virgo, Eurim's secretary
general.
Virgo's comments follow concerns that many local police forces in
the UK and mainland Europe lack the expertise to investigate
complaints from the public about computer crimes.
Eurim also raised questions over the effectiveness of any campaign
to raise the public's awareness of the security risks of buying
over the Internet.
The commission called for an education campaign through the media
to alert the public to the risks of using the Internet. But, unless
the campaign is carefully thought out, it could hinder the
development of e-commerce.
The commission's plans for a European early warning system will
also need to be thought about more carefully, Eurim said. The
existing global early warning systems run by banks and other
private organisations are currently more effective than police
warning systems, raising questions about the need for a European
network.
"It appears that we have four separate groups who are not engaged
in dialogue: users that are already being targeted by criminals;
individuals who do not trust the Internet; suppliers who want
people to trust it; and law enforcement agencies that want to
monitor it,"said Virgo. "The real task is to bring those
communities together in constructive dialogue."
European Commission proposals
- A European early warning system that will allow IT directors to
exchange information on hacking and virus attacks as soon as they
happen
- European-funded research into cryptography, privacy systems and
other security technologies
- Promotion of the use of strong encryption software
- European standards for interoperable security products
- Relaxation of export controls to encourage the circulation and
use of encryption
- Legislation to harmonise European laws against hacking and
denial of service attacks
Source: Network and Information Security: Proposal for a
European Policy Approach. European Commission
Bill Goodwin
bill.goodwin@rbi.co.uk