Terrorism Act prompts concern for IT security

The government’s latest Terrorism Act, which was passed last year and becomes law later in the spring, could lead to...

The government’s latest Terrorism Act, which was passed last year and becomes law later in the spring, could lead to confusion and a potential backlash from the IT sector.

Kenneth de Spiegeleire, manager of the security assessment services team at Internet Security Systems (ISS), told MicroScope: “It [Section 58 of the Act] is so vague that about 99 per cent of my consultants could be regarded as terrorists under this Act.”

De Spiegeleire pointed to one of the key areas of the Act, which states a person commits an offence if “he collects or makes a record of information of a kind likely to be useful to a person committing or preparing an act of terrorism, or he possesses a document or record containing information of that kind”.

According to de Spiegeleire: “The way it’s phrased basically means any kind of information you have about security flaws in certain systems is also a possession of information that can be used by a terrorist.

“This means the tools we use to test the security of such operating systems could also be considered as tools that can be used by terrorists. That is an area of concern.”

De Spiegeleire suggested parallels could be drawn with the situation last year with data encryption, when a number of governments around the world wanted to impose restrictions on encryption strength so they would be able to decrypt it.

“If this Terrorism Act is applied to the strict letter of the law, it would mean most IT security firms, which have a kind of tool that can evaluate security, would be prohibited from developing, possessing and even selling it,” he argued.

This was last published in March 2001



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.