When IT Meets Politics


June 11, 2013  11:28 PM

The “free market” on-line world is under attack from all directions: who wants to save what and why?

Philip Virgo Profile: Philip Virgo
BBC, BDUK, DCMS, Fraud, FSA, Google, Impersonation, Microsoft, NFA, Prism, RIPA, Which

The storm of media cover for PRISM, the NSA equivalent for what the Communications Bill was intended to support in the UK, raises many questions, including the future of competition in the provision of the infrastructures over which we access the on-line world. The ZDNET speculative article on how and why PRISM actually works and why Apple, Google, Microsoft et al may be “innocent” of collusion, also explains why those promoting the Communication Bill wish to go back to 1979 and recreate a situation whereby all UK communications are routed via BT monitoring points and it can be treated as a Tier One operator. Currently BT is a Tier 2 operator because the UK still has, (or perhaps one should say, had until Ofcom and BDUK set about helping recreate a BT monopoly), a reasonably competitive infrastructure market and might be on the verge of once again having a truly competitive market

The media cover has an additional edge because journalists from the New York Times to the BBC are now painfully aware that, even if the NSA and GCHQ have not rummaged through their files of private contacts, agencies of the Chinese, Iranian and Syrian media may well have done so.

Meanwhile the latest NFA Annual Fraud Indicator would appear to show that over 25% of us have been actively defrauded (average lost over £1,000), not just had our personal identities or information compromised. Most frauds now have an on-line component, albeit increasingly integrating voice, text and e-mail customer communications in ways well in advance of most legitimate commercial players: 20% of us according to Which have now received telephone calls from Microsoft techncial staff offering to help us fix problems they have found.

The total cost of Fraud to the UK is over £50 billion, 40% of it from the public sector. There is, therefore, mounting pressure on Government to do more to tackle fraud and money laundering as part of the deficit reduction package. That pressure now extends from tax fraud (over £10 billion), through evasion to avoidance. Hence the case for using surveillance to track the proceeds of crime and sources of terrorist funding to also identify the means used to move taxable sales and income off-shore and question their legality. PRISM, RIPA  and the Communications Bill may not cover content but there is plenty of legislation regarding the regulation of Financial Services et al that does, once the communications to be “unpacked” have been identified .  
 

The Internet, as perceived by the mix of Californian liberals and libertarians who created its current “governance” structures, is now under attack from all directions:

  • from perverts and terrorists seeking victims and converts,
  • through criminals impersonating and defrauding businesses and consumers,
  • to taxmen seeking to recoup the sales and property taxes they have lost as traditional retailers are put out of business by “out-of-state” or “off-shore” on-line operators
  • and lawyers seeking to enforce intellectual property rights that go way beyond those which stimulated created and growth in previous centuries.

Meanwhile most claims with regard to anonymity, neutrality, privacy, resilience and security have been shown to be false and most attempts at regulation achieve the opposite of their supposed objectives: protecting dominant incumbents by reducing competition and choice while failing to protect consumers, customers and the vulnerable from abuse.

Recent press cover in the Washington Post and Guardian has focussed on leaked “evidence” regarding long-standing trans-atlantic co-operation with regard to communications monitoring – as though the revelations are surprising, new or scandalous. Those who suffer from deja vu (Echelon et al) will not be surprised at the leak of the modern equivalent of a “D-Notice” asking journalists to refrain from doing “real” harm.

Such cover has almost buried the, far more worrying, allegations that major players, including defence and security contractors as well as major ISPs, have had their networks comprehensively penetrated and their most sensitive files copied. If such allegations were to be widely believed, whether true or not, the result could be a collapse of confidence in the expensive technical solutions the suppliers promote to supposedly protect “big data” solutions that are inherently insecure because of the number and variety of sources (hardware, software and information) and of users (with privileged access) involved.

I happen to think that such a collapse, or at least a much wider degree of well-informed scepticism, including at the political level, would be an excellent development. Those designing such systems commonly lack the necessary training in information systems and security, (people processes not just technology), to be anything other than a menace to their employers, let alone the rest of us. Worse, there have been several, as yet little publicised, cases of damning reports on the impossibility of adequately securing major applications (such as national programmes for detailed children or patient records) not being passed on or being described to Ministers as “technical problems that can be overcome during implementation”.  

The current controversies, however, also risk burying good news: such as how the takedown of the Citadel network  shows that industry and law enforcement can work together to make a real difference. The problem is to organise co-operation across well established, and  sometimes well-deserved, barriers of mistrust between networks of insiders indoctrinated with concepts of “need to know” which mean “we need to know what you are doing but we will not tell you why, let alone tell you what we already know, unless we are convinced that is in our interest that you know too”.  Progress will be limited until we have found and tested better ways of organising trustworthy (and trusted) “connections” (people not just technology) to handle communications between such networks. 

Is the current mix of assaults from all direction such that confidence in the Internet (seen in context as core part of the world’s largest machine, the global communications network) is about to collapse? Or is it about to be reborne around different conceptual models?

If so what will trigger the collapse?

And which of the players currently trying to screw each other will help conceive its successor?    

As I have said in previous postings, these are questions we should be putting to the next generation of thought leaders. What I am personally calling “the Cyber Integrity Challenge” has now had its first registrations (one of the very first was from a masters student at a post-graduate school of journalism), even though we have yet to have the first briefing event for students and employers. Students whose University is not among the initial participants should ask their supervisor to contact their University’s CPHC contact (or to e-mail the Cyber Security Challenge contact using the website link). Additional Universities can be added until shortly before the deadline for registration: thus Lancaster (which has one of the goverment funded, cross disciplinary cyber security centres of excellence) was confirmed last week as an addition to the announced list.

Employers seeking contacts with those who will help them build an on-line future in which we can have genuine confidence should make similar contact remembering that the pilot is being organised as a stream within the main Cyber Security Challenge . So too should those wishing to support entries and sponsor prizes (to show that their organisation is serious about building confidence in the on-line world) should do likewise. I am happy to pass on details to the organising team but am now only one among a growing number of cheerleaders and supporters. This is clearly an idea whose time has come.    

One of my reasons for spending so much time on getting the competition off the ground is that I believe the Internet as currently conceived cannot survive unless those who want it to do so work together – to help rebuild confidence that it is worth protecting. If it is going to have to continue to evolve, it is even more important to work together to ensure that it evolves into something better suited to the needs of the majority of law abiding citizens and businesses. As some-one whose personal “open market” politics are near to “where Tribal Tory meets Old Labour, round the bike sheds at the back”, I would also like to think that future might involve a measure of democratic accountability and personal freedom, as opposed to …  

But those who are serious about such matters often have to be ready to kill for them, not just die for them. That leads us back to PRISM. I do not see what the fuss is about. I would be dismayed if the NSA and GCHQ were not doing such things. However, I do not believe it is worth recreating the BT monopoly as part of a vain attempt to expensively prop up a surveillance strategy that is fast becoming obsolete. I would far rather we looked forward to a world of genuine partnerships in “civil defence” as well as “policing” that are genuinely fit for the on-line world.

Hence also my comments quoted by Michael Dempsey in the Financial Times on Friday  on why we need to make much better use of industry expertise as “cyber reservists” and “specialist constables” with governance frameworks which also enable those working in key roles in industry to “change hats” without necessarily leaving their desk or control console when an attack develops. Now that raises far more interesting questions of trust and accountability than PRISM et al.

June 11, 2013  9:30 PM

DCMS Consultation to put Computer Programming alongside Music and the Performing Arts

Philip Virgo Profile: Philip Virgo
e-skills, Nesta, Professionalism, SEM

Further to my acid blog on the motivation behind the consultation to change the SIC Codes rlated to ICT to transfer computer consultancy and programming to sit alongside music and the performing arts, my personal responses are below. Others may chose to be less constrained and describe it as a proposal to step back forty years with regards to professionalism. I would, however, say that Skillset and NESTA are rather good at what they do and some of the new courses to develop the skills for the computer games industry are excellent. Nonetheless changing funding boundaries, as opposed to improving co-operation across them, never did any good.

Consultation issue 1: What are your views of using the Creative Industries methodology to underpin the DCMS Creative Industries classification?

The methodology could be used to include the whole of invention and product design and development across traditional industry. The consequent inclusion of Computer Programming and Consultancy within the Creative as opposed to Engineering Industries is nonsense. It includes, for example, those who design the software control systems for power plants (often using the some disciplines as for computer games) while excluding those who design the chipsets used. In fact they often work in symbiotic teams.

It would be helpful to explicitly exclude from the definition those roles and industries which depend on extensive product testing and on engineering disciplines and not just individual creativity.

Consultation issue 2: What are your views of the list of Creative Occupations as defined in figure 1 of the consultation document? Are there occupations which have been included which you think should not be? Are there occupations which have not been included which you think should be? What evidence do you have (if any) to support your view on inclusions or exclusions?

 IT Business Analysts, Programmers and Web designers should be excluded because in modern system development environments, with hybrid skills and incremental change becoming increasingly common, the individuals concerned  cannot be readily distinguished from those operating and using the systems.

More-over the design and testing disciplines involved mean that the roles are very much more akin to engineering than the definition of creativity used in the methodology   

2135

IT business analysts, architects and systems designers

89

6.0

2136

Programmers and software development professionals

224

15.1

2137

Web design and development professionals

60

4.0

 

Consultation issue 3: What are your views of the list of sectors as defined in figure 2 of the consultation document? Are there sectors which have been included which you think should not be? Are there sectors which have not been included which you think should be? What evidence do you have (if any) to support your view on inclusions or exclusions?

Computer Programming and consultancy should be excluded because they depend more on systems engineering disciplines teamwork and testing than on individual creativity. 

62.01

Computer programming activities

215

118

54.9

62.02

Computer consultancy activities

255

80

31.4

 

Consultation issue 4: What are your views of the list of groupings as shown in figure 3 of the consultation document? Are there other groupings which you think would be preferable, given the SIC codes available to match together in these groupings?

IT, software and computer services should be excluded because they fit better with Engineering than with the Creative  industries

IT, software and computer services

470

33.2

 

62.01

Computer programming activities

 

 

 

62.02

Computer consultancy activities

 

 

 

Consultation issue 5: Do the SIC and SOC codes adequately and accurately capture the full range of economic activity within the creative industries. If not, how would you better define the SIC and SOC codes?

The inclusion of  computer programming and consultancy extends the definition of creative industries well beyond those which depend on individual creativity and where Skillset, NESTA and DCMS have relevant expertise and experience.

Consultation issue 6: What indicators do you find to be of value in your work? Do you collect data against these indicators on a regular basis and, if so, how do you do so?

I tracked employment and demand for IT related skills to provide advice and  guidance for employers from 1982 until e-Skills set up its own monitoring operations.

The SIC Codes were of limited value save at the macro level. Changes in structure gave me serious problems with regard to putting short term fluctuations into long term context.

An example of my work, which was used to help employers and also government to plan ahead for the Y2K crisis was the 1996 IT Skills Trends Report  http://www.eurim.org.uk/activities/skills/96SKILLS.pdf

Enhanced by Zemanta


June 10, 2013  10:48 AM

How often is it now more expensive on-line – except for tax avoidance?

Philip Virgo Profile: Philip Virgo
Luxembourg, Malta, VAT

The latest BRC Cost of Collection Survey coming on top of the attacks of high street retailers on the way their on-line competitors avoid business rates as well as VAT and of recent personal experiences comparing on-line prices to those in local shops which also offer efficient maintenence and repair services, has called me to take a more critical look at some of the accepted wisdom regarding the competitiveness of the on-line world. The BRC survey indicates that while we are all making more use of credit and debit cards these are significantly more expensive for the retailer than when we pay by cash (despite the cost of handling). Also I blogged early in the New Year on the cost of delivery which can wipe out any savings to customers who live outside “free” delivery areas.

I consequently suspect that the growth of on-line sales would slow sharply were the European Union to get its act together and copy the new United States Stream Lined Sales Tax routines to create a level playing field betwen on-line and off-line retailers. It might stop altogether, or even reverse, were they to be subject to levies akin to the cost of business rates on physical premises

However, the definition of on-line and off-line is blurring. Our local book shop is excellent at finding what I want (on-line searches including sources for out of print works to which I do not have access). They also tell me it is delivered so that I can walk down and collect it without the risk that it will be stolen from my doorstep or that I will have to visit a parcel depot miles away. For white goods I routinely check prices and reviews before visiting shops in easy reach to which I can return expensive items or obtain service if they break down. Unfortunately I was recently caught out when one of these (established for over 50 years and apparently thriving) suddenly went out of business (rent review on top of business rates).

Given the pressures on finance ministers around the world to balance their books, or at least reduce the rate at which they are increasing their debts, it is only a matter of time before “net neutrality” will be “redefined” by them to include fiscal neutrality as well as legal neutrality and neutrality of access. If so, the effect on some economies within the EU, such as Ireland, Luxembourg and Malta, will be even more dramatic than those on the Cayman or Channel Islands. We can also expect to see several US stock market valuations collapse.

Enhanced by Zemanta


June 9, 2013  6:57 PM

Is redefinition of Systems Development anything more than a role grab by officials facing the chop?

Philip Virgo Profile: Philip Virgo
DCMS, Olympic

Karl Flinders posting on the consultation regarding the redefinition of systems development as a “creative industry”, so that it can be taken away from e-Skills (one of the Governments success stories, despite its under-funding) and given to ????, raises serious questions as to the motivation and implications.

The current attempts to hatchet Maria Miller, not just the department she is trying to turn round, raise similar questions. It appears to more than just sour grapes on the part of the Daily Telegraph. Is it because she is actually getting to grips with the fall out from decisions made while Ministers were totally focussed on ensuring, at almost any cost, the success of the Olympic games? Those decisions include, of course, the “mythical” strategy followed by BDUK during the run-up to the Olympics which delayed broadband to businesses in the Prime Ministers own constituency (as well as a hundred others) by years, because BT could not do both. Note that you only have until the 14th June. 

Whatever the future of DCMS, I have more faith in the personal ability of Maria Miller to sort out UK Communications policy, including content regulation, than any likely replacement. Much depends, however, on the choice of Permanent Secretary to replace one of the last of the Blairite appointees and of the officials who will help him reinvigorate delivery. I happen, however, to believe that DCMS should be merged with DECC (a department in similar deep trouble because of policies inherited from the last government) rather than with BIS. I also believe that a woman is more likely than a man to make genuine progress with sorting out the policies needed to help create world class 21st century instructures. But that is my prejudice showing: based on my experience with the Women into IT campaign, in 1988 – 92.

Men make speaches and win unnecessary battles. Women get things done.     

Meanwhile Karl’s article indicates that the mice are playing games. It would be ludicrous were the stakes not so high. Science, technology and engineering skills, including those for systems and communications engineering, are critical to the futue of the UK. They are far too important for the overdue actions that are under way (contracts finally awarded by UKCES on the last day of March!) because bureaucrats whose departments and agencies are in trouble have seen a successful bandwagon to try to hijack.  

Please respond to the e-Skills consultation, (sending a copy to your constituency MP, along with your comments) otherwise you and your children will have to live with the consquences.


June 4, 2013  2:07 PM

Caught between the Communications Bill, the Patriot Act and Anglo-US “mutual assistance” agreements

Philip Virgo Profile: Philip Virgo
Facebook, Google, Home Office, Intellectual property, Microsoft, twitter, Yahoo

Press cover for the supposed letter from Google, Microsoft, Facebook, Yahoo and Twitter to Theresa May needs to be placed in context. “Highly contentious” puts their position mildly. They are “between a rock and a hard place” when it comes to the Communications Bill as drafted. The interplay between UK and US surveillance legislation needs to be seen in the context of mutual assistance agreements which go back to the early days of Bletchley Park as well as the evolving structure both of the Internet and of the physical communications infrastructures over which it runs.

Hence my comments on the need for a serious review of what it is that we really do wish to achieve and the means of doing so. That means cutting across a number of agendas: from the cyber warfare and defence responsibilities of the MoD and Foreign Office through the “defence of the realm” and the law enforcement agendas of the Home Office and Ministry of Justice and the Intellectual Property rights agendas of BIS and DCMS to whether the Treasury really does want the tax revenues that should be generated were the UK to become a natural “home” for globally trusted on-line operations.

We should also be aware that other nations will be only too delighted for us to fail – while mouthing weasel words of support. 

Where and how will those agendas be brought together, given the short term vested interests of the various players?  Hmmmm ?   

Enhanced by Zemanta


June 4, 2013  7:33 AM

Are our regulators the main obstacle to investment in joined up 21st century infrastructure?

Philip Virgo Profile: Philip Virgo
bskyb, Ofcom

One of the submissions to the Ofcom call for inputs to the Joint Regulators Group consultation on how to handle infrastructure sharing calls into question the use of rentals and return on investment as a basis, as opposed to the quality and price of service that should be the prime concern of a regulator. This is yet another example of the “intellectual capture” of the UK regulatory system, not just Ofcom, by an alliance of believers in central government planning (“renationalisation without the cost of buy back”) and the dominant players. It may also be why Rupert Murdoch appears to have written the UK off as an investment opportunity

The quiet delisting of News Corp is not a “technical decision”. It has profound implications. It was not the reaction I expected when I blogged on the implications of BT’s declaration of war on Sky but it makes very sense from the perspective of the investors.

If Ofcom is going to help wreck the business case to invest in alternative broadband infrastructures as the same time as BT triggers a price war for the discretionary spend of sports enthusiasts and the dead-tree press launches an assault on the way multinationals take their profits off-shore …

If the coalition government is serious about wanting to use investment in 21st century infrastructure to help pull through economic recovery, it has to return our regulatory structures to the objectives and principles behind their creation and followed by players like Sir Bryan Carsberg and Clare Spottiswoode.

The current cartel, of those sitting “cosy regulatory armchairs” negotiating deals with incumbent players which block innovation and choice, condemns the UK the same future of austerity and decline as the the rest of Europe – whether or not we leave.

P..S. Thank you to Ian Grant and Br0kenTeleph0n3 for drawing my attention to the PNS submission.


June 3, 2013  7:57 PM

Doing nothing is not an option: What should be in the new Communications Bill ?

Philip Virgo Profile: Philip Virgo
Eurim, IGF, information society, law, police, terrorism, Yahoo

The press and media cover linking the deaths of April Jones and Tia Sharpe to computer pornography, coming on top of the murder of Lee Rigby means that the political pressures on HMG to do “something” to control access to “unacceptable” material on the Internet and identify those attempting to access it are probably unstoppable. So how do we ensure that the “something” helps achieve the “objective” at acceptable (democratic accountability and civil liberties as well as financial) cost. 

This puts the onus on those who believe that the measures proposed in the Communications Bill are a counter-productive waste of time and resource, to devote their skills to suggesting what would be effective in helping break the progression from fantasy through delusion to action, whether we are dealing with potential perverts or terrorists. It would be even better if the suggestions also helped rebuild confidence among the 25% of on-line users who have already suffered from on-line fraud and impersonation. Most will have had their financial losses reimbursed but the dent in their trust in the on-line world can be seen in recent surveys of the obstacles to take up (such as those I recently quoted regarding the attitudes of SMEs). BT’s dropping of Yahoo as an e-mail provider should help concentrate the minds of others. But what could/should they do – individually or collectively?

I grappled with such issues for over over a decade when I was Secretary General of EURIM and some of our recommendations are finally being implemented. I am also delighted with the approach being taken by my successors with EURIM’s relaunch as the Digital Policy Alliance and also their support for the competition to get younger and fresher minds to look at the issues throuigh the other end of the telescope. That idea has gathered pace over time . The websites for the pilot were announced last week and students in the 15 participating universities can now register.

I am told the first to show interest included four students at one of the UK’s leading schools of journalism. I look forward to seeing if any of them choose to address the question of whether publicity for monitoring and censorship enhances or reduces “trust” and “confidence”. We also have students at two of the UK leading law schools interested. I look forward to their views as to whether clarity or change with regard to legal responsibilities and liabilities might help change reality. However, the real impact will come as employers agree to sponsor prizes on the topics of interest to them and their customers and support the entrants with a view to harvesting their ideas as well as evaluating them as potential employees. 

ln the mean time my personal view is that the review of the Communications Bill should focus on making it very much easier for those who wish to protect their customers to co-operate with each other and with law enforcement at the operational level: exchanging information on attacks, including as they happen, so that malpractice can be blocked and perpetrators (and those aiding and abetting them along the Internet supply chain) can be identified and held to account (whether under civil or criminal law). The perpetrators, and their allies, can normally outspend legitimate business, let alone law enforcement, when it comes to regulatory obfuscation. Success therefore entails means greatly simplifying guidance as to what is legal so that those co-operating on a voluntary basis can do so without fear of interference from compliance officers and other jobsworths with foot thick ISO 270001 manuals.

One of the most useful single tasks that  EURIM (now the Digital Policy Alliance) did while I was Secretary General was to help re-write the Statutory Instrument concerning the Lawful Interception of Business Communications. We need a similar approach to enabling “Partnership Policing for the Information Society” – allowing organisations to report the possible use of their networks by perverts and terrorists without fear of legal action. I also believe that the follow up should include making full use of specialist constables and military reservists working in industry, perhaps within the organisation making the reports.

I am delighted to note that action is finally planned on this as part of the HMG cyber security strategy but am concerned at both the limited resources allocate to this approach and the apparent failure to look at the issues of governance and accountability, including from the perspective of industry. These were raised in the final section of  the last report of the EURIM – IPPR study . The suggested way forward was ideal and was intended to start the debate that we might have had, but did not, in the  Internet Governance Forum. The stakes are now much higher. The time has come for those who think they understand the problems to start putting forward effective solutions, not just snipe at those who advocate that which it impractical or counter-productive because they know no better.

Enhanced by Zemanta


May 27, 2013  8:00 AM

Removing the media megaphone for terrorism: May moves forward while predecessors stuck in the past

Philip Virgo Profile: Philip Virgo
Al-Qaeda, BBC, Big Data, Crusade, Muhammad, Ofcom, RIPA, Surveillance

I was delighted to hear this morning that Theresa May is to look at new powers for Ofcom in the light of the BBC decision to compound the propaganda coup that it gave to terrorism by broadcasting an interview with one of the murderers’ mentors – on top of its cover for the killer’s testimony.

I was, however,  dismayed to read the Michael Howard has joined John Reid and Alan Johnson in calling for the Communications Bill to be revived. This attempt to expensively return to the world of 1979, (the heart of the solution proposed entails spending £billions to recreate a BT stranglehold over the UK communications infrastructure), is irrelevant to the challenges of today. There is an undoubted need to update the surveillance capabilities of the UK security services but the communications world has moved on since the Post Office monitored the activities of the IRA and its sympathisers and the approach behind the bill is a decade or more behind the curve.

I have blogged before on the dangers of basing future surveillance policy on a return to a mythical past . The modern equivalent requires the co-operation of Facebook, Google, Microsoft and Yahoo. However, the symbiotic relationship between UK and US intercept capability (dating back to 1941 when the secrets of Bletchley Park were first given to the Americans to help bring them into the war) greatly complicates such co-operation if it is to be based other than on court orders, akin to the US process. More-over the bulk of terrorist communications which do not pass over their services or over University and Education  networks (the original communications networks of both the Tamil Tigers and Al Qaeda were run from well-respected American and UK Universities) will use Internet Cafe access to operations like Cyberbunker and its peers.

That does not mean that the problems of surveillance are intractable. “Merely” that the Big Data “solution” predicated in the thinking behind the Communications Bill is not the most practical or cost-effective way forward. And when it comes to dealing with those like the killers of Lee Rigby it is all but irrelevant. Hence my welcome for the way that Theresa  May is looking at the present and future, including the role of Ofcom, not the past – like her predecessors.

In looking at the future, the role of the BBC may be paramount, not just as a broadcaster but as the UK’s premier on-line brand. In the war against Fascism it was far from neutral. To quote Sir Robert Renwick (one of those at the heart of World War 2 who got his peerage for not writing his memoirs): “the BBC and the Times were world class propaganda machines, beside which the Germans were mere amateurs”. His precise words, like he himself, were airbrushed out of history – but do license fee payers expect the BBC to be neutral in “the war against terror”? or do they expect it to deploy its talents on “their” side – helping “take out” the intellectual breeding grounds that link extremism to violence.

If so we get into “interesting” areas because it was pointed out to me over the week-end that Muhammad copied the justification for Holy War from St Augustine.      

Enhanced by Zemanta


May 25, 2013  8:19 AM

Giving a cyber-megaphone to global terrorism: a new twist to internet censorship debate

Philip Virgo Profile: Philip Virgo
BBC, IS, Murderers, RIPA, Woolwich

I recently heard it said that terrorists were unsophisticated in their use of the Internet and the real threats lay elsewhere. This week we have seen that they do not need to be sophisticated. The BBC handed them an unprecedented propaganda coup when its website hosted a two minute video clip of the “testament” of one of Gunner Lee’s murderers. It then compounded that “triumph” by hosting a seven minute interview with his mentor. Other media outlets may have done similar but none had the authority, reach and influence of the BBC. We can argue what should have happened, such as a court order to ban publication of the clip as evidence, and therefor sub judice, pending the trial. But the bigger question is what to do now.

One “something” that should not be done is to waste more effort on the Communications (Surveillance) bill, as was called for by a retired Home Secretary within hours of the atrocity. Its irrelevance to such cases is demonstrated by what is emerging about the build up to the very public murder of a squaddy within sight of his barracks by perpetrators who were not only known to MI5 but seen as potential recruits.

I doubt, however, that “Keep calm and carry on” is a serious option, unless it is accompanied by effective action to deter, not just detect, those who might wish to obtain equivalent media cover for similar acts (whether their motives are racial, religious, animal rights or …).

We will soon see demands for effective action to deny terrorists the oxygen of publicity and to drown their voices with messages which cause their current and would be allies and protectors to excommunicate and exile them (and their mentors) so that they can be “quarantined” and “detoxified”. At this stage I will leave others to consider what those actions might be and how effective they would be – but many might regard Media and Internet censorship as preferable to the risk of mounting pressure for “ethnic/religious cleansing” after a series of copycat killings and reprisals, at all.

Meanwhile the Guardian carries an article on how propaganda techniques are being used in the Corporate world to drown our criticism, in parallel with an article that begins “The killers got their bloody hands on the front page first, but they struggled to keep the media’s attention” – as though the target audiences the terrorists are seeking to reach are as flibbertigibbet as the media or share the values of the average Guardian reader.

The ancient Greeks probably had the right approach when they sought to ban the use of the name of the man who burned down the Temple of Artemis in order to be famous . They ultimately failed because the historian Theopompus recorded his name – but their approach may well have detered a generation or two copycat arsonists.

I suspect than one effect of this incident will be to accelerate the rate at which we move into an age of increasing Internet censorship and propaganda. I only hope that “our” side will be more effective than “their” side. I also hope that the funds available for cybersecurity are spend on that which is effective and relevant to the world of today and tomorrow – not that of the late 20th Century. 


May 24, 2013  8:44 AM

Tell UKIP that it holds the key to the future of EU Network, Information and Cyber security

Philip Virgo Profile: Philip Virgo
Conservative, Cyber security, European Commission, European Union, Information security, UKIP

Let me explain why UKIP MEPs (and their allies in other member states) may well determine the future of EU Internet regulation and what is at stake if they do. 

I have attended a number of recent meetings on the EU Cyber Security strategy. There is almost unanimous agreement with the objectives and almost unanimous condemnation of the means. For example, we need to make it much easier to report attacks, whether or not they are successful, in formats which enable rapid collation and response, as well as intelligence. The reporting of breaches, which may not be actually known until long after the event, is of historic interest only and diverts effort. Mandatory public reporting, as opposed to personally warning those known to be at risk via channels they can trust, is worse than useless. It is not merely a job creation programme for lawyers and compliance officers. It actively gets in the way of good practice in tackling threats as they emerge. More-over it penalises well run organisations which know what has happened, while protecting those which are unaware that their customer and personel files are in use by fraudsters.

Yesterday BIS issued a Call for Evidence on the EU Directive on Network and Information Security this is important – VERY important. You should read and respond.

The timing of the consultation is also very important. This Directive is unlikely to be scrutinised by the current crop of MEPs. We are moving into a period of interregnum when Commission initiatives will gather momentum while the politicians are away. There is nothing quite so dangerous as ignorance in motion and this Directive will be up to speed when the new crop of MEPs arrives, to be manipulated at will: save that half the new crop from the UK are likely to be members of UKIP or will have have done deals with them. Many other member states will have elected members of similar “a plague on all your houses” parties. In looking to educate those MEPs who will scrutinise this Directive we need to intercept the selection processes of the parties to educate the candidates, including those of UKIP. This may also be the type of cause which will appeal to those UKIP members who wish to do something useful while they are in Brussells or Strasbourg. 

In educating them we will, hopefully, also educate the Commission officals as to the changes they need to make for the European Union to survive the pressures for “democratisation not bureaucratisation”. This directive could be the touchstone because the vast majority of Internet users appear to agree that something must be done to improve on-line security. Unfortunately this is not the “something” that should be done. In the meantime make sure you respond to the BIS call for evidence so that, with luck, we can get the Directive re-written before the start of the inter-regnum.

You do not have much time. The Call will close on 21st June. Evidence can be submitted anonymously but the more public you are and the more channels you use, including direct to the Commission and via allies and partners in other member states, the louder your voice will be heard.

Also make sure to join and use the Digital Policy Alliance working groups to help the follow through, including that on the Digital Single Market which Malcolm Harbour MEP chairs and those on the Data Protection and Electonic ID Regulations. If they did not already exist this would be the cause to invent them. Lord Erroll is in the process of restructuring the Alliance to handle the issues of the future. This is one of them and I anticipate a coming together of the above groups to try to bring about a similar coming together of the EU initiatives. But first we have to kill off the Commission plans to fight the electronic equivalent of the Boer War. 


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: