Feature

Terrorism Act prompts concern for IT security

The government’s latest Terrorism Act, which was passed last year and becomes law later in the spring, could lead to confusion and a potential backlash from the IT sector.

Kenneth de Spiegeleire, manager of the security assessment services team at Internet Security Systems (ISS), told MicroScope: “It [Section 58 of the Act] is so vague that about 99 per cent of my consultants could be regarded as terrorists under this Act.”

De Spiegeleire pointed to one of the key areas of the Act, which states a person commits an offence if “he collects or makes a record of information of a kind likely to be useful to a person committing or preparing an act of terrorism, or he possesses a document or record containing information of that kind”.

According to de Spiegeleire: “The way it’s phrased basically means any kind of information you have about security flaws in certain systems is also a possession of information that can be used by a terrorist.

“This means the tools we use to test the security of such operating systems could also be considered as tools that can be used by terrorists. That is an area of concern.”

De Spiegeleire suggested parallels could be drawn with the situation last year with data encryption, when a number of governments around the world wanted to impose restrictions on encryption strength so they would be able to decrypt it.

“If this Terrorism Act is applied to the strict letter of the law, it would mean most IT security firms, which have a kind of tool that can evaluate security, would be prohibited from developing, possessing and even selling it,” he argued.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in March 2001

 

COMMENTS powered by Disqus  //  Commenting policy