Government must do more to safeguard e-commerce

August 13, 2015

The House of Lords' Science and Technology Committee has released its report into Internet security, which concludes that the government needs to do more to protect ordinary users from cybercrime and safeguard the growth of e-commerce.

The committee is of the opinion that a laissez-faire attitude to internet security by interested parties, which include government, ISPs, hardware and software manufacturers, plays into the hands of hackers. The report says that a wild west culture where end-users alone are responsible for ensuring they are protected from criminal attacks online is inefficient and unrealistic.

The chairman of the committee, Lord Broers, said in the report that people fear e-crime more than mugging. That needs to change, or else confidence in the internet could be destroyed. Government has a role to play in providing incentives to the private sector, and by putting more resources into law enforcement.

Several measures are proposed to improve the security landscape. These include an increase in the resources and skills available to the police and criminal justice system to catch and prosecute e-criminals; and the establishment of a centralised and automated system, administered by law enforcement, for the reporting of e-crime.

It is also recommended that there should be provision of incentives to banks and other companies trading online to improve the security of data by establishing a data security breach notification law. The standards of new software and hardware should be improved by moving towards legal liability for damage resulting from security flaws.

In addition, internet service providers should be encouraged to improve the customer security offered by establishing a kite mark for internet services.

The committee also recommends that the government should review, as a matter of urgency, its decision to require online frauds to be reported to the banks rather than police in the first instance. Victims of e-crime should have acknowledgment from law enforcement bodies that a serious crime has taken place.

The report suggests that many of the organisations profiting from internet services need to take their share of the responsibility. That includes the IT industry, the software manufacturers, the banks and internet traders, and ISPs.