House of Lords security report deems internet a playground for criminals

Internet crime is the biggest fear for Britons, says a new House of Lords report. The Personal Internet Security report published by the House of Lords’ Science and Technology Committee headed by Lord Broers, has decried the ‘wild west’ nature of the internet, and says the fact that individual users are responsible for protecting themselves from online crime is ‘inefficient and unrealistic’. He warns that public fears of personal data theft online need to be addressed or risk undermining their confidence in the internet.

The report calls on the government to introduce a bank data security law that would require financial services firms and online retailers to notify the public immediately about any data security breaches. The new law would provide an incentive to banks and other companies trading online to improve data security, says the report. It also calls for measures that would establish legal liability for damage resulting from security flaws. The government is also advised to undertake a review, ‘as a matter of urgency’, of the decision to require online frauds to be reported to banks rather than to police in the first instance. And that the victims of e-crime should have acknowledgment from law enforcement bodies that a serious crime has taken place.

Other recommendations include increasing resources available to the police and criminal justice system to catch and prosecute e-criminals, the establishment of a centralised and automated system, administered by the police, for the reporting of internet crime and the introduction of a security ‘kite mark’ for internet services.

“This report is reflective of the growing concern in the whole area of data compromise, with the financial services in particular highlighted as targets due to the richness of their data. The FSA is investing a lot of effort to mitigate this growing criminal sector,” says Neal Ysart, senior manager, forensic technology solutions, PricewaterhouseCoopers in London. “A debate about the measures outlined in this report is only the first of many steps that need to be taken to make a real impact on the many different aspects of the problem of online data security. It is not just banks that are at risk, there are countless organisations that hold personal data, and the online criminals use increasingly sophisticated measures to tap into the wealth of information held on the internet.”