January 25, 2005 9:55 AM PST
Federal agent raps ISPs over cybercrime
- Related Stories
Webcam virus writer arrested in SpainJanuary 19, 2005
Computer, physical security expected to mergeJanuary 12, 2005
Court: No warrant needed to search your work PCJanuary 5, 2005
Scam trapsDecember 14, 2004
Antivirus firm says organized crime growing onlineDecember 9, 2004
Speaking at the Computer and Internet Crime Conference in London, FBI agent Ed Gibson, who is an assistant legal attache to the U.S. Embassy, expressed concerns that national boundaries are still too much of an obstacle to law enforcement.
Gibson said such obstacles can delay law enforcement efforts by months at a time, and he criticized the Internet service providers and their regulations for doing too little to ease the process.
Many large U.S.-based ISPs are hiding behind domestic laws and distancing themselves from their U.K. responsibilities, he said.
"Why on earth do we not require that ISPs conform with the laws of this country?" asked Gibson, who said U.K. law enforcement agencies are unable to go into businesses registered in the United States and make use of the Regulation of Investigatory Powers Act to access information that could aid an investigation.
According to Gibson, 80 percent of global e-mail traffic, including the majority of the spam scams that circulate, is sent via the Web mail services of providers such as America Online, Microsoft's MSN and Yahoo, so finding a way to tap into the relevant data they could provide would prove invaluable.
But he said law enforcement officers often hit a brick wall when dealing with such companies. The businesses can insist on due judicial process--the equivalent of an online search warrant, which can take four to six months to obtain--before they will comply with providing data for investigations.
Gibson said the policies of Web hosting companies are also to blame for high levels of online crime.
"Why do we allow hosting companies to take credit card details from an individual and let that person put up a Web site without knowing who they are or what they are doing?"
Gibson urged companies to adopt a "know your customer" policy. He said such an approach would eliminate a lot of the anonymity which facilitates many forms of cybercrime and would likely prove an important move in combating it.
Will Sturgeon of Silicon.com reported from London.
4 commentsJoin the conversation! Add your comment