Business dns Regs scams security

Nominet and the pseudo-judicial roles of ISPs

I met with the Police Central eCrime Unit last year as part on an ISPA group that wanted to understand the issues that police have in fighting internet related crime and to see whether there is anything that we could do to help.

The police’s biggest problem is the speed that things can happen at over the internet versus the amount of time it takes the judicial system to crank their mechanical organisational cogs. PCEU staff can, for example, be following a suspect criminal, either physically or electronically, and sometimes have very little time to pounce. A gang might be planning a fraud using online resources – facebook pages, gmail, skype etc. Access via a service provider to look at these resources takes a court order (RIPA) which takes time to organise and by the time it has been effected the crooks are often long gone.

If the police did not require judicial consent to access these data then the whole process could be speeded up and more criminals prevented from harming us. The problem is that even if it was clear to everyone concerned that providing the police with what they ask for was the right thing to do the act of doing so puts the ISP in breach of data protection laws. If the suspect criminal happens to be innocent (or otherwise) this potentially leaves the ISP open to legal action. We can’t have ISPs being asked to perform the role of the judiciary because they don’t have the same legal protection or training.

Now enter Nominet stage right. I have coincidentally just written about Nominet after attending the .uk registrar’s recent 25th birthday party. Nominet is proposing to change its

Business internet security

Britain needs eJudge

Had a meeting yesterday with the Police Central eCrime Unit in London together with a few other leading ISPs and content providers to discuss how the industry can help tackle eCrime.

Part of the problem is the speed at which things happen in the internet world when compared with the “good old fashioned” Old Bailey style of justice where response times are slow and delay is the norm . 

For example a police officer working on a case can take days for to obtain a court order requesting data on a suspect from an ISP.  In this time the gang has moved on and is lost to the justice system. A Communications Provider needs a court order to do this as providing such data without one is in breach of privacy laws, despite the cause notionally being a good one.

The solution is likely to be to put a system in place to speed up the process.  Whilst speed of communications between police and ISP could possibly be improved it seems to me that the whole area would benefit from specialist “eJudges”. 

An eJudge would be conversant with the  workings of the internet and being able to respond in real time to requests for Court Orders.  Such a judge would not have to sit in on normal court sessions.

The bit about understanding how the internet works is a real issue.  In recent times ISPs have been the subject of court orders requiring them to “remove certain websites from the internet”. 

Whilst an ISP can take down a site hosted on its own servers it can’t completely remove it from the internet because that site is likely to be cached in many places (countries) and could be easily replicated elsewhere.

In this instance the ISP would likely be in breach of the court order even though it had removed the offending site from its own server.

I realise that it is unlikely that a court would pursue the ISP in such a case but this does hilight the ignorance of  the judiciary in these matters.  

Rumpole of the Bailey is not equipped to cope with modern criminals and specialist eJudges would be a very cost effective solution.