E-crime - Home Affairs Committee Contents


5  Effectiveness of public awareness campaigns

Promoting public awareness

113. Witnesses from the police emphasised the importance of prevention through increasing peoples' awareness of the threats and what they can do to protect themselves.

    "The goal in cyber has to be around prevention activity and developing prevention activity."[95]

Deputy Assistant Commissioner Martin Hewitt, ACPO e-crime lead, told us that we had to get to a point where "as citizens, organisations and businesses, are not, effectively, leaving the windows and the doors open when we leave the office or when we leave the house".[96]

114. Whilst we have heard evidence that a great deal of the responsibility of holding data securely lies with the organisations who hold that information and who develop the software used, it is a fact that criminals often use social engineering methods to target victims. Users are not without responsibility for their own data and can take steps to protect their personal information online. Recent work by Nominet showed that 43% of smartphone and tablet users did not have security measures such as anti-virus software, remote wipe facilities in the case their device is lost or stolen, or the latest version of their operating system installed on their device. The Police e-Crime unit told us that improving awareness about the amount of data that people put in the public domain and what criminals can use it for was key to preventing crime.

    There is a real opportunity, as you have just heard, about public awareness with that. There is freedom of speech, and people put all sorts of information on the internet without realising how vulnerable that makes them. Our information is out there on 500 to 600 different databases at any one time, and the criminal groups run automated programmes harnessing all that data around us, day in, day out, and then they will utilise it to their advantage[97]

ASSESSING THE SUCCESS OF PREVENTION ACTIVITY IN THE UK

115. Some of our witnesses have told us about successful public awareness campaigns that have been carried out such as The National Fraud Authority's 'The Devil's in your Details' Facebook campaign. However they also highlighted the difficulties in reaching internet users with information about both staying secure online and also about how to recognise and report fraud if they have been a victim. Adrian Leppard, Commissioner of the City of London Police, told us of the work in prevention going on under the Cyber Security Strategy. However he acknowledged that educating the public was a challenge, noting "We do have to push that out in better campaigning and much more public messaging about it".[98]

116. In the Commissioner's view, prevention work would be more effective if it:

  • Involved stronger partnership with the private sector;
  • Used platforms such as television that reached a wide audience;
  • Had specific campaigns targeted at different segments of society, particularly vulnerable ones;
  • Had more funding from the Government.

The lack of funding for prevention activity was raised as an issue by other witnesses who were concerned that the only prevention work which had specifically been allocated funding by the National Cyber Security Programme-Get Safe Online received £395,000, only 0.06% of the total budget.

117. Other witnesses have argued that prevention has limited utility. Professor Ross Anderson has told us that it put too greater onus on consumers:

    I am not quite as enthusiastic about public education as some other people, because of the simple fact that computers and mobile phones and social networking sites tend to ship with unsafe defaults because it is better for selling advertising.[99]

118. He also argued that since a lot of economic damage is done by a small number of cyber criminals it would be more efficient to arrest and prosecute them.

119. We recommend that guidance about keeping personal data secure should be incorporated into all online services that request personal data from their users.

120. It is as important that children learn about staying safe online as it is that they learn about crossing the road safely. We welcome teaching about online safety and security taking place in schools and initiatives such as 'safer internet week'.

121. The children we spoke to believed an important part of learning to stay safe online was being taught to respect others online and not to say things that you wouldn't say to their face and we agree.



95   Q 378 Back

96   Q 378 Back

97   Q 101 Back

98   Q 74 Back

99   Q 130 Back


 
previous page contents next page


© Parliamentary copyright 2013
Prepared 30 July 2013