E-commerce security misses bill

E-commerce security misses bill
Richard Ball The issue of electronic commerce security will not be resolved in time for inclusion in the government’s bill promoting Internet business in the UK. That was the conclusion of a conference on e-commerce at the IEE in London. A government document released earlier this month said that any legislation on electronic commerce must include the facility for legal access to encrypted data. However, key-escrow, where independent agencies are trusted to look after copies of encryption keys, is highly unpopular and is perceived as leading to a ‘big brother’ society. “Clearly one of the big issues was key escrow,” said conference chairman John O’Reilly, chair of telecommunications at University College London. “At short notice, Tony Blair said key escrow won’t work, so industry should make some suggestions, and there’s a task force looking into this.” Attendees concluded that while the UK is moving in the right direction, issues such as key-escrow and law enforcement are being given too much importance. They must not become a ‘ball and chain’ to development of e-commerce in the UK. The time needed to find alternatives means the issue of law enforcement should not be addressed in the coming bill. “Anything in this bill cannot be definitive. It is unreasonable for key-escrow and law enforcement to be fixed in a few weeks by a small task force,” O’Reilly said. The first bill will therefore set up a framework, to which secondary legislation will add details. This will include how to maintain security while allowing legal access to information. “The environment in the UK must be the best that is available,” said O’Reilly. “I think this is possible.”


Leave a Reply

Your email address will not be published. Required fields are marked *

*