The influential Lords Science and Technology Committee has accused the UK Government of turning its back on Internet crime, leaving ordinary users to fend for themselves.
In the report, Personal Internet Security, the committee members came to the conclusion that the Government, police, large companies, and even software makers had underestimated the increasing chaos that electronic crime was causing to society because it was seen as affecting only individuals.
One of the committee’s central recommendations is that there should be a centralised reporting system for such crime, something which runs directly counter to recent government policy. In April, in a widely criticised move, the Government changed the reporting system for a wide range of electronic crimes, making them the responsibility of financial services companies rather than police.
Other recommendations were that the criminal justice system and police should be overhauled so that they could more effectively deal with complex electronic crimes, and that software and hardware vendors should be made liable for the flaws in their products. The Lords also saw value in establishing a ‘kite mark’ system for rating the security offered by ISPs.
“The Internet is now increasingly the playground of criminals. Where a decade ago the public perception of the e-criminal was of a lonely hacker searching for attention, today’s "bad guys" belong to organised crime groups, are highly skilful, specialised, and focused on profit,” says the report.
The committee was especially scathing about the software industry, all but accusing it of ignoring problems that could not be used to generate profit.
"Efforts to promote best practice are hampered by the current lack of commercial incentives for the industry to make products secure: companies are all too easily able to dump risks onto consumers through licensing agreements, so avoiding paying the costs of insecurity," it said after hearing submissions from a range of industry figures on the topic, such as Alan Cox and Professor Ross Anderson.
Controversially, the committee recommended that technology companies be made legally liable for security issues in their software, a theme that has in the past been supported by security experts such as Bruce Schneier, even as it has been opposed by others.
Last December, in advance of today’s more detailed report, the Lords Science and Technology Committee was critical of how UK banks have dealt with the issue of online crime.