Today, the U.K. House of Lords Science and Technology Committee highlighted the threat to the future of the Internet posed by cyber crime, and have argued that the government must do more to protect individual Internet users.
The committee argue that the laissez-faire attitude taken on Internet security by a range of stakeholders including government, Internet Service Providers, hardware and software manufacturers and others risks undermining public confidence in the Internet and contributes to a "wild west" culture where the end user alone is responsible for ensuring they are protected from criminal attacks online.
The Internet, while still a powerful force for good, has increasingly become the playground for criminals. Today's cyber criminals are highly skilled, organized and motivated by financial gain. Individual Internet users are increasingly victimized -- yet instead of acting to protect individuals, or providing incentives for the private sector to act, government continues to insist that individuals are ultimately responsible for their own security. The committee describes this approach as "inefficient and unrealistic."
The House of Lords Committee also recommend that the government should review, as a matter of urgency, their decision to require online frauds to be reported to the banks rather than police in the first instance. Victims of cyber crime should have acknowledgment from law enforcement bodies that a serious crime has taken place.
"We are firm believers in the Internet. It is a huge force for good," said Lord Alec Nigel Broers, Chairman of the House of Lords Science and Technology Committee. "But it relies on the confidence of millions of users. At the moment it seems that the Internet is increasingly perceived as a sort of 'wild west,' outside the law. People are said to fear e-crime more than mugging. That needs to change, or else confidence in the Internet could be destroyed.
"You can't just rely on individuals to take responsibility for their own security," continued Broers. "They will always be out-foxed by the bad guys. We feel many of the organizations profiting from Internet services now need to take their share of the responsibility. That includes the IT industry and the software vendors, the banks and Internet traders, and the Internet Service Providers."
The Lords Committee recommend a range of measures that would:
- Increase the resources and skills available to the police and criminal justice system to catch and prosecute cyber criminals
- Establish a centralized and automated system, administered by law enforcement, for the reporting of cyber crime.
- Provide incentives to banks and other companies trading online to improve the data security by establishing a data security breach notification law.
- Improve standards of new software and hardware by taking the first steps towards the establishment of legal liability for damage resulting from security flaws.
- Encourage Internet service providers to improve the security offered to customers by establishing a "kite mark" for Internet services.
"You can't legislate for better Internet security," said Broers. "But the government can put in place incentives for the private sector to up their game. And they can invest in better data protection and law enforcement. It's time to act now, before it's too late."