UK report questions role of ISPs in online safety

A new report on Internet safety has concluded ISPs (Internet service providers) should take more responsibility for online security since end users are often lax.

Other stories on this topic
U.K. broadband providers move toward triple-play packages 8/10/2007
WORLDBEAT - Only connect -- if only ... 8/9/2007
VPN installation 8/7/2007
Powered by Inform
RSS feed

But the 121-page Personal Internet Security report, published on Friday by the U.K. House of Lords, stopped short of suggesting that the Office of Communications (Ofcom) -- the U.K. communications regulator -- should impose new rules on ISPs.

Read the latest WhitePaper - Research Brief: How Websense Users Protect Data

"We do not advocate immediate legislation or heavy-handed intervention by the regulator," the report said. "But the market will need to be pushed a little if it is to deliver better security."

ISPs generally argue that security is the responsibility of end users, which Ofcom has also supported. The report called it "disappointing" that the U.K. government has accepted those arguments since the reality often exceeds the capability of end users to recognize the threats.

"There appears to be still greater scope for intervention at the level of the Internet Service Provider," the report said. "They sit ...near the edges of the network, providing a link between the end user and the network."

The U.K. government has imposed one regulation on ISPs: By the end of 2007, ISPs must block Web sites involving images of child abuse as listed on a database maintained by the Internet Watch Foundation. Most ISPs already do this.

But more controversial are suggestions that ISPs should examine content flowing through their networks and apply filtering to cull malicious activity.

ISPs have maintained a "mere conduit" defense, codified in the European Union's E-Commerce Directive, which says they have no obligation to monitor content on their networks.

The report, however, suggested a tightening of how that defense works in an effort to nip emerging security problems earlier, such as sites containing malicious software.

"In particular, once an ISP has detected or been notified that an end-user machine on its network is sending out spam or infected code, we believe that the ISP should be legally liable for any damage to third parties resulting from a failure immediately to isolate the affected machine," the report said.   

1 | 2 |  Next >

The IDG News Service is a Network World affiliate.
Recent News:
· The State of Spam: What to Expect in 2009
· Twitter hit with phishing scam
· Psychic predictions for tech in 2009
· Watch out for hidden cookies
· Microsoft downplays Windows Media Player bug
Site Map | Recent News | Related Sites

Copyright © 2006 EmailSafety.net - All Rights Reserved.