Everyone affects mock surprise at the attitude of politicians, not least the committee members themselves, who declare themselves ‘disappointed’. But they know the deal – nobody listens to anything that has the word ‘committee’ in its title. Governments hate committees even as they create them by the dozen. But if they wanted the committee’s opinion they give it to them, as the saying goes.
The August report contained some good ideas, but they are way ahead of where governments are right now. Among other suggestions, the Lords liked the idea of a central agency to handle e-crime reporting, a software liability law by which users could hold companies to account for bad coding, and a kite mark for good software.
Does the snub matter? Not really. The job of the Lords committee has been to put some important issues into the wider public domain, and to at least force the government to state its policy on certain issues, which it would rather not do.
Job well done then. You can read the government’s insipid response to the report here, but pay special attention to its reply on the issue that is probably the most contentious raised by the committee, that of compelling companies to let consumers know when their personal information has ben compromised.
I have the feeling the government will come to regret this particular reply on data breach laws in the US:
“The experience in the United States has yet to be fully analysed but there is a strong body of opinion that doubts whether there has been significant differences to corporate behaviour and may, in fact, have desensitised consumers to security issues and undermined confidence in the internet as a business medium,” it says.
And the alternative is to allow UK companies to continue losing personal information with no accountability whatsoever? Or to leave the matter up to the Financial Services Authority, the same UK regulator that was unable to spot the speeding train of the Northern Rock bank crash until it had happened?