McColo: a case study in Internet Frontier Justice

The better American excuses for their low key poiltical presence at the Internet Governance Forum in Hyderabad this week include that they are now sorting spam, malware et al under civil law, after Governments and law enforcement have failed. I commend the Computerworld article “The McColo takedown: Online neighbourhood watch, or Internet frontier justice”   

The BBC carried a story yesterday “EU to search out cybercriminals” , the meat of which was 300,000 euros for towards a Europol collating service. That is probably less than the cost, including tme, travel and accommodation, of the meeting that agreed it. 

No wonder the Chinese, for example, think the Europeans are going through the motions lest they harm a multi-billion dollar computer security (alias e-sticking plaster) industry – by helping “remove” the half dozen global criminal consortia that appear to be organising most of problem. Once that has been done, the task of “educating” the million or so semi-literate script kiddies who account for most of the rest becomes very much easier. That will leave the various national e-warfare teams free to play “games” (albeit sometimes deadly games) with each other or co-operate against common terrorist enemies

The final report in the EURIM-ippr study on Partnership Policing for the Information Society was on the need for accountability in Internet policing, even though industry might well end up leading, oerganising and funding that partnership because law enforcement would never have the resources and skills necessary.

There is rather more to the McColo case study than meets the eye, including the quiet involvement of major ISPs and Law Enforcement agencies around the world, but the headline appears to be correct.

Law and order is finally coming to the Internet as it came to the Wild West: organised and paid for by the banks and railroad companies who hired the Piunkerton men et al to protect themselves and their customers.

Those who want democratically accountable policing (accountable to sheriffs and judges administering criminal law)  have yet to support the political effort necessary to deliver that side of the partnership.  

I expect this to change over the next six months as recession reduces the ability of large organisations to carry the cost of e-crime. The kind of co-operation that brought down McColo will become more common. Politicians will wish to climb on the bandwagon of success. Criminals will use the law to help protect their business models.

In the mean time those who are serious about working together to protect themselves and their customers are invited to join the EURIM E-Crime group and help create the non-geographic but accouintable partnerships that will be needed – as an essential complement . to the Police Central E-Crime Unit, the Fraud Authority, SOCA, CEOP, Get Safe On-Line and the other agencies that are doing invaluable, but seriously under-resourced, work in this space.   

Each of the e-crime reduction partnerships is intended to build on and work with and through the best of what already exists, using the “neutral” position of EURIM, the Information Society Alliance,  to cross organisation and sector boundaries – including between central and local government, lae enforcement and regulatory agencies and industry-users as well as suppliers – internationally as well as at the UK and European level.

The need for effective International co-operation is the reason that half the EURIM Board is in Hyderabad this week. I have, at best, a week to catch up on my backlog of respones to those who would like to join and participate in our work pogrammes on Information and Internet Governance before they return – with a strong of actions to progress the agenda. I also have to get out the invitations for the parallel work programme on reform of UK public sector ICT procurement  Please e-mail [email protected] , or do a posting to this blog, if you are one of those waiting to hear from me.