The authors of the House of Lords Select Committee report on Personal Internet Safety are seeking comment on the Government Response with a view to doing a follow up exercise. The Earl of Erroll, explains why, in this “guest blog”.
“Our report was focussed on the threats to consumers and their children, not e-crime as a whole. The Government response was there was no hard evidence of a serious problem, they were supporting awareness campaigns, such as Get Safe On-line, it was all too difficult and they were planning to support a co-ordinating unit anyway. It is now nearly two years since the previous co-ordinating unit was disbanded and six months since the web-site for reporting “non-urgent” crime was taken off-air.
We didn’t want more talk. There’s a lack of action in the government response to our report. If someone doesn’t take some leadership, the civil service won’t have the clout to say to their masters “we need some budget to sort this out”. We want to shake things up so we are not in the same position in a year’s time. If we don’t push, nothing will happen.
We were looking at the issues from the point of view of the individual. The Banks came to us and said they were only losing £33.5m last year to fraud, but they off-load all the liability for Card Not Present transactions onto the merchants, many of them small. Most individuals are only losing £500 or £1000 a month: too small to bother to report, let alone investigate. Nobody seemed to care and there was nobody to report it to. The police say it’s too small and we haven’t got time. But that might well be the family’s mortgage repayment and large volumes of small amounts can have a huge impact. It’s a major problem. A lot of people say the next generation will know how to avoid e-crime. But there’s always going to be greedy and gullible people in every generation. Technology is not going to provide the solution because of social engineering, ever more plausible reasons to click the button or contact your supposed “new friend”. We must educate the public – but “train and blame” is not enough.
The UK is effectively a safe haven for e-crime, as there’s no risk of prosecution because each crime is too small. We need to take a random ten per cent every year and prosecute them to encourage the younger generation not to get involved in it. Small-scale fraud added together becomes large scale.
More regulations won’t work – we need incentives. Greater liability might give the incentive for greater security. Liability needs to be shifted onto those who are in a position to take effective action – that means the banks and the communications providers. That was one of our main recommendations and Government has ignored it.
We also said that Information Commissioner needs proper teeth. The problem of having to wait to shut the stable door until after the horse has bolted is completely ridiculous.
But we also need a proper police crime unit. The National High Tech Crime Unit was providing some sort of training and resource to the local police forces – perhaps not enough but at least some. Police forces are organised on a local basis because most burglars live close by. One of the challenges of the Internet is that you can have low individual value burglaries even when the person lives a long way away.
Which police force deals with this? We need a national co-ordinating unit at the very least. The sums being asked for by the police are quite small, only £1.5m to get this thing off the ground, because then the private sector will join in to help protect their customers, as in the United States. But it does have to have a government paid police core.
So why the delay over such a small sum? I cannot see any valid reason. That is why I signed the petition on the Number 10 website calling for support for the proposed police e-crime co-ordinating unit
The launch of the Information Security Awareness Forum bringing together the work of the ICT professional bodies is this area is a great idea – but government also needs to get its act together and improved awareness is not enough.
As I said earlier we need to move from debate to action. Please read the Government response to our report and then send your comments to the Clerk to the Select Committee or post them to this blog for Philip Virgo to forward.”