Tech Industry

Federal agent raps ISPs over cybercrime

An FBI agent says that British Internet service providers are hindering the international fight against cybercrime.

An FBI special agent has hit out at U.K.-based units of large global ISPs and the role they play in allowing the perpetuation of cybercrime through a lack of cooperation with law enforcement.

Speaking at the Computer and Internet Crime Conference in London, FBI agent Ed Gibson, who is an assistant legal attache to the U.S. Embassy, expressed concerns that national boundaries are still too much of an obstacle to law enforcement.

Gibson said such obstacles can delay law enforcement efforts by months at a time, and he criticized the Internet service providers and their regulations for doing too little to ease the process.

Many large U.S.-based ISPs are hiding behind domestic laws and distancing themselves from their U.K. responsibilities, he said.

"Why on earth do we not require that ISPs conform with the laws of this country?" asked Gibson, who said U.K. law enforcement agencies are unable to go into businesses registered in the United States and make use of the Regulation of Investigatory Powers Act to access information that could aid an investigation.

According to Gibson, 80 percent of global e-mail traffic, including the majority of the spam scams that circulate, is sent via the Web mail services of providers such as America Online, Microsoft's MSN and Yahoo, so finding a way to tap into the relevant data they could provide would prove invaluable.

But he said law enforcement officers often hit a brick wall when dealing with such companies. The businesses can insist on due judicial process--the equivalent of an online search warrant, which can take four to six months to obtain--before they will comply with providing data for investigations.

Gibson said the policies of Web hosting companies are also to blame for high levels of online crime.

"Why do we allow hosting companies to take credit card details from an individual and let that person put up a Web site without knowing who they are or what they are doing?"

Gibson urged companies to adopt a "know your customer" policy. He said such an approach would eliminate a lot of the anonymity which facilitates many forms of cybercrime and would likely prove an important move in combating it.

Will Sturgeon of reported from London.