More laws, collaboration required for online safety

Experts discussed ways to improve online safety and better prevent cybercrime at a security conference in Seattle.

Washington state's attorney general is only half joking when he suggests that perhaps sites like Facebook and MySpace should require members to use a credit card to sign up for access as a way to prove their identity.

"We need good age and identity verification technology so that it's much harder for an individual to get online and pretend to be 15 when really it's a 45-year-old man," said Attorney General Rob McKenna at the Authentication and Online Trust Summit in Seattle on Thursday. "There is a way to accomplish this quickly. It's wildly unpopular," he said, before suggesting that social-networking sites require users to have credit cards.

In addition to online identity verification techniques, McKenna and other security experts discussed ways that businesses, law enforcement and policy makers must work together to solve cybercrime.

"We need to figure out what we can do not just with law enforcement but with each other," said Hemanshu Nigam, chief security officer at Fox Interactive Media and MySpace. "If there are bad guys in MySpace or eBay or Facebook, are they the same people?"

He pointed to MySpace's lawsuit against Scott Richter, a notorious spammer who was also sued by Microsoft, settling with the software giant for US$7 million. The industry might have better success shutting down such people if they work together to pursue single actions, he said.

In addition, the entire legitimate online community should be on the same page in terms of strict safety and security policies, said Mozelle Thompson, a former commissioner on the U.S. Federal Trade Commission and currently a consultant. Sites like MySpace and Facebook represent implementations of the best security policies, he said. "There are a lot of sites out there doing nothing," he said. "You're only as good as where the bottom is."

Some of the speakers pushed for new laws that might help companies shut down some cybercrime. MySpace would like to have laws that ensure education for law-enforcement agents, who need training, as well as consumers. States should require schools to teach online safety every year to students, Nigam said.

That kind of education could very easily prevent some of the most common online fraud, he said, including one technique described by Chris Siouris, a cyber investigator at the U.S. Postal Inspector. His office pursues schemes where people unwittingly sign up for a job advertised online that they think simply involves receiving items in the mail, repackaging them and sending them to a new address. However, they usually don't know that the items are purchased with stolen credit cards.

When Siouris and his colleagues discover someone has begun engaging in this type of job, they serve the person with a cease-and-desist letter and require them to sign an agreement not to do such work in the future or they'll be arrested. Rarely if ever has anyone engaged in the activity again, usually because they didn't realize that they were doing anything illegal, he said.

In addition to laws that would ensure education so that people realize that such jobs are illegal, every states should have antispyware laws, said McKenna. He also said that there should be federal data-loss notification requirements and legislation regarding spyware.

Washington state is seen as a leader in the country in its efforts to pursue cybercrime. In 2005, McKenna was instrumental in expanding the state's high-tech unit, which investigates cybercrime. His department now trains other states on how to bring spyware and other online crime cases to court.

Online privacy should also be addressed from a broader perspective, McKenna said. There is far more identity theft in the U.S. than in Europe or other regions that have stronger privacy protections, such as requirements for opt-in, rather than opt-out, for data collection, he said. "I think as a society we need to discuss more fully the affects on our privacy and the impacts on issues like ID theft from the extensive commercialization of private information that we've seen in this country," he said.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Nancy Gohring

Computerworld

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?