[ISN] Cybercrime code ready

From: InfoSec News (isnat_private)
Date: Wed Sep 25 2002 - 00:23:47 PDT

  • Next message: InfoSec News: "[ISN] At least 100 countries building cyber weapons - expert"

    Kate Mackenzie
    INTERNET service providers are preparing for a new cybercrime code of
    conduct that will detail how much data they should keep on subscribers
    in order to co-operate with police and other law enforcement agencies.
    The Internet Industry Association (IIA) is about to release the draft
    of its Cybercrime code of conduct, chairman Justin Milne said.  The
    draft code is the result of more than a year of collaboration between
    the internet industry and representatives from police and crime
    It represents an apparently successful attempt by the internet
    industry to avoid specific new laws being introduced to specify
    compliance with authorities.
    "What the code does is it ties the legislation into the practicalities
    of everyday life," Mr Milne said.
    "The legislation is framed in general terms and doesn't get down to
    the specifics.
    "If we put that in place, I think we'll be the first country in the
    world to do that."
    Mr Milne, who is chief executive of second-ranked ISP OzEmail, said
    the code tried to strike a balance between law enforcement agencies'
    preference for indefinite archiving, and ISPs' desire to minimise
    resources spent on archiving.
    The length of time agreed on for ISPs to keep data would vary between
    six and 12 months, depending the type of information.
    "If we kept all of the information for all the time, we wouldn't be
    able to build data centres fast enough to hold all the data," he said.
    Mr Milne said he did not believe compliance with warranties placed an
    undue burden on ISPs, although he said OzEmail employed a full-time
    compliance person.
    Electronic Frontiers Australia chairman Kim Heitman said he believed
    most ISPs with more than 100,000 subscribers would employ a full-time
    staff member to comply with requests by police and agencies for user
    data and intercepts.
    Much of the Cybercrime Code was developed to head off calls by law
    enforcement agencies for a legislative approach to ensure ISPs keep
    data on users and cooperated with investigations.
    Law enforcement agencies appearing before a Joint Parliamentary
    Committee on the National Crime Authority last year raised the issue
    of record keeping by ISPs as one of the key issues it wanted addressed
    in order to improve the ability of law enforcers to keep up with
    changing technology.
    The IIA's legal representative argued that a self-regulatory approach,
    such as the Cybercrime task force, should be taken, rather than
    legislating new compliance requirements for ISPs.
    The code will also cover caller-line identification (CLI).
    The launch of the code will come soon after it was revealed that
    Australian intercept warrants had tripled in four years, and outranked
    the US by 20 to 1 on a per capita basis.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Sep 25 2002 - 03:04:35 PDT