Scramble for Safety but not to protect Children

Why did so many of those at Scrambling for Safety yesterday think they should also be in combat with the authors of the report of the Independent Parliamentary Inquiry into Online Child Protection. If the battle is between “techies for responsibility avoidance” and “parents for informed choice”, I know whose side I would be on.  

On Thursday I attended the launch of the report of the Inquiry into Online Child Protection so I had heard what was said, not just what was reported.  I recommend you read the report in full before jumping to conclusions. I also listened to the Today Programme this morning. The trailed cat fight between Belle du Jour  and Claire Perry MP,  with Sarah Montague  as umpire, did not materialise. They were clearly on common ground. Even so, the report for the BBC website contrived to turn it into the adversarial discussion the editors had wanted.

Those whocomplain about calls for action that are not based on conclusive evidence as to the harm doneby the uncontrolled exposure of children to sado-masochistic sexualviolence should re-read what what was actually proposed at the end ofthe Parliamentary Inquiry. Claire Perry did not get a HarvardMBA and jobs with Bank of America, McKinsey and Credit Suisse by taking acavalierattitude to evidence. Her comments about “a social experiment withoutknowing the consequences” are most apposite. The recommendations are awell-crafted and practical compromise across many deeply-held convictions. 

They should also listen to what was actually said by Dr Magnanti, who is now a research scientist at theBristol Institute for the Research of Child Health.

Those who blame parents for not being able to use the tools currentlyavailable to help protect their children should take a good look athow those tools are currently packaged and promoted. They should also take a good look at their own “evidence”,including widely accepted mythologies about how and why the Internetworksthe way it does. The Internet is in a constant state of evolution. What was impossible a decade ago has become almost routine today. Andvice versa. That is why so much of the thinking behind currentdebate over the Interception Modernisation Programme has also become divorcedfrom reality.

At a time of recession Internet enthusiastsneed to appreciate the potential cost of their patronising attitudes tothose who pay to go on-line: whether by subscription or by providingtheir personal details to who-ever wants to sell whatever to them andtheir children. It is not just the threat of regulation that is almostcertain to achieve the opposite of what is intended. It is also theloss of reputation and market share on the part of those ISPs andon-line advertisers and retailers who pay for their”expert” services.  

We need to work together to avoid unconstructive conflictbetween two crusading groups.

·        those concerned to separate benefit from risk and ensure that the new technologiesare used to serve us, not enslave us

·        those concerned with the social and sexual, notjust technical, education of ourchildren so that they grow up to love and appreciate, not exploit and degrade, the opposite gender 

We need to identify “least risk” courses ofaction in the absence of clearor conclusive evidence. Given that one of the areas of agreement appears tobe that we cannot trust governments and regulators to understand what they are doing, let alone getit right, that means doing the unthinkable: helping customers to make well informed choices.

Thatgoes against the grain of all respectable academic and professionalopinion. We

“the experts” know what is good for them.

Most of us sharethe ignorant arrogance of the Civil Servants and the major consultanciesthey employ to rationalise the status quo, bolstered by currentlyfashionable theories – albeit I like to think that, as a Peterhouse Historian(as well as sometime Acting Vice President of the British ComputerSociety and Principal Consultant at the National Computing Centre) I follow in the footsteps of those who earned Cambridge its reputation as the “Devil’s Flamethrower” .  

Here I should nail my own colours to the mast:

“Grab them by the b***s and their hearts and minds willfollow” has its technology equivalent “Grab them by the wallet and their marketing spend and development budgets will follow”. 

We should give priority to mobilising industrysupport for recommendations 2 and 3 of the all party report:

  • ISPs should provide better support for internetsafety education and initiatives such a Parent Port and improve signposting forthese services from their own web domains
  • Government and industry representatives shoulddraw up guidelines for improving the communication of existing internet safety settings,improving training for retailers, developing a family friendly kite-markingscheme for manufacturers and retailers and improving signposting topre-installed security settings during device configuration

I believe we need two parallel and complementary campaigns in order to achieve results.

Thefirst is to use customer and consumer boycotts to ensure that businessmigrates to those ISPs who take safety and security seriously.

The current near impossibility of finding,let alone making sense of, current guidance is indefensible.

Where are the links from most ISP websites to ParentPort , Get SafeOn-Line or the Childnet material being used in the Cyber Championsinitiative which uses young information security professionals to helpturn children from potential victims into  on-line prefects andpotential cyberwarriors?

Where are the links between ParentPort, Get Safe On-line and Childnet?

As Chairman of the Security Panel of the IT LiveryCompany  I recently hosted around table to look at using support for the Cyber Champions programmeto help draw the Banks and those running On-Line Paymentand Transaction services into supporting a rationalisation of ourcurrentfragmented and under-funded on-line safety awareness programmes.  That  exercise is expected to begin under theaegis of the Information Society Alliance  and to focus on the business case forusing better advice and guidance as a core part of marketing strategies for protecting market share  and winning new business at a time of recession. The success  of Talk Talk “Active Choice” already shows the potential.

I referred above to the need for a two campaigns.

The second is to harness the driving forces behindthe planned legislation to “update” RIPA and force ISPs to retaincommunications data to better purpose.

It is not enought to simply reveal why the currentproposals are as they are – despite the mounting evidence that what isproposed is a expensive way of weakening security. We have todemonstrate that there are better, cheaper ways of achieving thesupposed objectives.

I hope to make time to blog on some thoughts forthe second campaign shortly. I plan to link some of the moreconstructive discussions in the bar after yesterday’s Scrambling forSafety to what I have learned recently about the scale and nature ofsome of the commercial monitoring services used by major ISPs andOn-line transaction and payment services around the world, not justwithin the UK, to protect themselves and their customers.