Select Committee on Science and Technology Minutes of Evidence

Supplementary letter from Andrew Cormack

  Thank you for an interesting and stimulating afternoon at the inquiry on Wednesday. Apologies for my confusion over Lord Harris' question on Internet regulation. I had thought of the issue in much more general terms so the specific focus of the question on Ofcom threw me. I hope I may take up the Committee's invitation to submit follow-up observations to say now what I had intended to say in my witness evidence.

  We already have a number of pieces of legislation that could be used to regulate Internet activity but, as yet, very little use of these by the authorities or the courts. I believe there have been fewer than 100 cases in 17 years of the Computer Misuse Act 1990, a handful of civil cases against spam under the Data Protection Act 1999, just two that I know of under the Regulation of Investigatory Powers Act 2000, and the provisions of the new Fraud Act and Police and Justice Act are untried. So I would like to have more experience of the use and effect of these existing regulatory powers before considering what, if any, additional regulation might be needed.

  This seems particularly important because the balance of regulatory incentives is so delicate and the risk of unintended consequences so high. The current notice and takedown regime for content (implemented as the Electronic Commerce (EC Directive) Regulations 2002) was criticised by the Law Commission in December 2002 for encouraging ISPs to remove without question any and all material that was the subject of a complaint. Current regulation makes it legally hazardous for the ISP to act in any other way and a Dutch study did, indeed, discover that the majority of ISPs responded to bogus copyright assertions by removing the material from publication without question. As the Law Commission commented, this is an unhelpful power to restrict freedom of speech on line.

  Any imposition of liability for unusual traffic would have to be drafted extremely carefully to avoid creating a similarly one-sided incentive to cut off the Internet any device that deviated in any way from the normal pattern of traffic. On JANET we are currently struggling with a research platform called Planet Lab which allows researchers to experiment with new ways to use and measure the Internet. Planet Lab hosts frequently trigger our "hostile traffic" alarms and we spend a great deal of time investigating what almost always turn out to be beneficial, but innovative, experiments. A year ago we would have had the same issues with Skype traffic; some time before that it was the emergence of peer-to-peer and grid applications that was `unusual, maybe hostile'. As a Research and Education Network we feel a moral duty to support innovative use by fully investigating any anomalies and only disconnecting once they are clearly harmful, but if this duty were set against a potential legal liability then it would be very hard to sustain our current practice. "Mere conduit" status protects experimental applications as well as ISPs.

  Sudden changes in traffic patterns, known as "flash crowds", have always been a feature of the Internet and are often a sign of healthy innovation. Regulation that presumed, by imposing one-sided liability, that all flash crowds were hostile would run a serious risk of freezing patterns of Internet use as they are today and making the Internet inimical to the innovative developments required to create the applications of tomorrow.

20 April 2007

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007