TechnologyAccounting SoftwareInternet security – Ghosts in the Machine

Internet security - Ghosts in the Machine

We are only just discovering the myriad pitfalls of the world of the internet - a world that, until recently, had only appeared to offer us benefits, a world that is now divided on how to move forward.

On one side of cyberspace we have those advocating stricter regulation and on the other, those pushing for a broader understanding of the medium, and not more red tape.

Does the internet need to be regulated by special laws? Not according to members of Eurim, the liaison group for parliamentarians and the IT industry, who attended a lunch hosted by Accountancy Age’s sister title Computing to discuss the balance between self-regulation and statutory control.

‘The internet is another means of communication, so existing laws apply,’ insists Camille de Stempel, director of public policy at AOL Time Warner.

‘Any child pornography or racist material offences are covered by existing legislation and apply to an internet service provider and its customers.

‘We remove any such material from our servers once we have been made aware of it. For AOL the existing situation is acceptable.’

Eurim members say that improved knowledge would be better than regulation.

‘The issue is knowing the risks and why people publicise false risks,’ says Roland Perry, director of public policy for the London Internet Exchange.

For example, when credit card risk on the internet became an issue Perry heard claims that 60% of card fraud was carried out over the internet.

The actual figure was 4%.

So why are people so worried, particularly when the consumer credit act protects cardholders against most fraud? There is a lot of fear, uncertainty and doubt. But there are easier ways of getting hold of credit card numbers, according to Perry.

He is also concerned that legislation reduces privacy. ‘Police don’t have access to CCTV from private premises,’ he said. ‘They need to request such footage after a crime has been committed. The proposals for e-commerce do include routine access to transactions.’

Philip Virgo, strategic adviser to IMIS, a professional body for IT managers, says: ‘WH Smith doesn’t have cameras trained on the top shelf to see what you’ve looked at or bought. But that is effectively what happens when you shop online.’

The Earl of Erroll suggests most people are not interested in online privacy. ’80 to 90% of people couldn’t give a damn, and they are perfectly right, because there is nothing that they are doing that is of interest to the authorities,’ he says.

But he points to the case of the Paddington rail crash campaigner who was checked for political affiliation by Labour party researchers. People can suddenly become of interest, and then they want privacy, says the Earl.

‘What happens when someone has increased power to access these records?

If government databases are linked properly, through biometrics, it would be much easier to pin down individuals,’ he says.

Corporate systems introduce even more complexity into the privacy debate.

‘People say that they don’t believe what’s in an email because it may have been changed on the way,’ says Perry, referring to the disclaimers that appear in many company emails. ‘There’s a sort of technophobia thing.’

Most organisations are split on the issue, according to Virgo. ‘Managers think they should be able to monitor emails and staff behaviour, so the organisation is not open to employees’ actions,’ he says.

‘But young technical staff have a different view. They think that free internet access is a libertarian right.’

The Earl of Erroll says one problem is the chance of being sued by someone who leaves the organisation. Someone leaving could get a friend to send a risque email through corporate systems, which could be used to sue the company.

Virgo says: ‘There should be no privacy over any corporate system. If they want privacy, employees should use their mobile phone.

‘If the company doesn’t allow mobiles to be used on the premises it should allow access during breaks to an unmonitored internet cafe that doesn’t belong to the company.’

Perry points out that facilities for private phone calls have to be provided by employers. ‘You’re not in prison when you’re at work. This policy has never been converged with the internet,’ he says.

Privacy at work has been driven by the Data Protection Act, which is mirrored across the European Union as a result of a 1995 European directive.

An earlier 1980s directive led Germany to introduce particularly tough laws.

According to Virgo. ‘After reunification, Germany erased the East German cancer registries because of West Germany’s tight data protection laws.

There were complaints, but the West knew best,’ he says. ‘Data protection was more important than helping protect a few thousand East Germans who were at known risk from preventable suffering and death.’

The Earl of Erroll says: ‘Five years ago, there were calls for a ban on transferring data collected under statutory authority outside the UK for entry, but nothing happened.

‘The laws are now written to try to define every circumstance that may occur. The internet is a totally resilient system for communicating if half the world blows up. But we’ve passed laws for data that just passes through the country, such as tobacco advertising.’

Virgo adds: ‘A lot of global financial organisations have long had systems that will keep running even if most of the northern hemisphere went to war.

‘To do that they had to permanently mirror their data files in the Far East, Australia or South America, even before they moved to time shifting network control, processing, helpdesks and call centres around the world according to the time of day.’

The Earl of Erroll concludes: ‘You have to handle the reality that people can store and access information anywhere in the world. We no longer live in an enclave.’

  • This is a version of an article that first appeared in our sister title Computing.

Related Articles

Finance and the tech foundation: what’s needed to deliver impactful business insights?

Accounting Software Finance and the tech foundation: what’s needed to deliver impactful business insights?

1m Workday | Sponsored
Best accounting software for businesses in the UK

Accounting Software Best accounting software for businesses in the UK

1m Accountancy Age, Reporters
Making sense of enterprise tech concepts for finance teams

Accounting Software Making sense of enterprise tech concepts for finance teams

2m Workday | Sponsored
Open Banking: what you need to know

Accounting Software Open Banking: what you need to know

2m Edward Berks, Xero
Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

4m Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

8m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

8m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

10m Alia Shoaib, Reporter