The petition calls on ‘the Prime Minister to give the formation of a police central e-crime unit, as proposed by the Metropolitan Police and ACPO, urgent priority’ including to help limit the damage from recent data leaks.
Over the past week there have been a number of meetings of information security professionals to discuss how to limit the expected “collateral damage” as tech-savvy criminals exploit the opportunities afforded to them by publicity for recent data leaks, whether or not they have actually acquired copies of the files.
It became immediately clear that co-operation is severely hampered by lack of a properly resourced and funded NHTCU replacement. Most participants in the meetings were already well aware of the plans of the Metropolitan Police and ACPO for a National Co-ordinating Unit but wanted something more ambitious. [the papers linked to in the “P.S.” below include the summary diagram used at a Scotland Yard presentation four months ago, attended by nearly a hundred heads of security – plus about thirty hangers-on, like me].
The supporting statement to the petition is:
“The consequences of, and reactions to, the loss of records by HM Revenue and Customs, make the creation of a well resourced operation to address computer assisted crime (including information and identity theft from data and call centres, not just the use of the Internet to automate old crimes and invent new ones) a matter of great urgency.
“The operation should cover all the activities proposed by the Metropolitan Police to the Home Office for such a Unit (beginning with the collation of incident notification and intelligence and support for and co-operation with organisations like Get Safe On-Line and the National E-Crime Prevention Centre) but it needs to be on a scale akin to similar operations in the United States, with additional funding and resources from other government departments and industry (i.e. not just existing Police budgets) as necessary.”
Petitions that attract over 200 signatures are supposed to receive an official response and I understand that exercises to draw attention to this petition are expected to start over the next couple of weeks – via some of the IT industry professional bodies and trade associations – although the Number 10 petitions are for signing by individuals not organisations.
If this is an area where you wish to be seen as an opinion leader rather than a follower, then I suggest you either sign early or be ready to say why you have not.
I would be most interest to hear views on either side – particularly from any who think it either a bad idea or that other things should have even greater priority. I’d also be most interested in views as to the services such a unit should provide and its own priorities, as well as who should contribute what resources including people and expertise – i.e. not just money.
P.S. You will find summaries of the current UK organisations and initiatives relevant to e-crime reporting and intelligence, crime prevention, security and investigation skills, vulnerability reduction and investigation and enforcement on the e-crime section of the EURIM website. These were produced to aid the discussion on “Confidence in the On-line World at the recent Parliament and the Internet Conference.