Survey Shows Cyber Crime Concerns Rise

Two thirds of Americans are concerned about "cyber crime" and more than 60 percent are less likely to do business over the Internet because of it, according to a new survey released at a "Cyber Crime Summit" in Herndon this morning.

"We are very dependent on cyber technology ; we have not kept up with cyber security," said Attorney General Janet Reno in opening remarks to the meeting, which brought together law enforcement officials and information technology companies for a day of discussion.

The two groups have had a rocky relationship over time. The companies have long been reluctant to share too much information about cyber attacks with government out of fear of embarrassment and possible legal liability if a company's vulnerability is exposed. Many companies have also said that criminal investigations disrupt business as invaded computers are confiscated for evidence and employees are hauled before grand juries to testify about attacks.

"What can the Department of Justice; what can I, as Attorney General – do to build trust and confidence between law enforcement and industry so we can work together as partners to respond to the growing challenge of cyber crime?" Reno asked the group.

She said that the government was still learning how to investigate cyber crime without disrupting companies, but said that investigation was nonetheless necessary. Comparing the situation to a home burglary, she said the cops need to be able to get to work right away after any crime. "If the crime scene is messed up . . . clues and pieces of evidence are vacuumed up, police are going to have a hard time solving your burglary," Reno said.

Reno said that any solution to the cyber crime problem would have to come from industry with the cooperation of government. "While law enforcement alone cannot fix the cyber crime problem, we can't be left out," Reno said. She announced that she was asking U.S. attorneys in 93 federal districts "to sit down with" local officials of banks and major businesses to build better relationships.

"This poll underscores the fact that Americans are not satisfied with existing protections from computer criminals," said EDS Chairman Dick Brown. The day's events were hosted by EDS and a leading industry trade group, the Information Technology Association of America (ITAA); EDS and ITAA also commissioned the survey.

Harris Miller, president of the ITAA, said cooperation with law enforcement is key. "While industry must lead, at the end of the day, law enforcement must enforce the law."

Asked whether the day's event might not seem a little like an advertisement for EDS and its computer security services, Brown bristled. "Clearly, it's a big industry and a growing industry," he said. "Clearly, EDS is in this line of work and our business is exploding," he said, but added, "We don't need this kind of exposure" to build an information security business.

Speaking to concerns that have often been raised by privacy and civil liberties advocates about the hidden costs to Americans' rights in the name of security, Reno insisted that the cooperative effort could ensure public safety while supporting "the privacy and civil liberties of all involved." "That is the great balancing act of our democracy," Reno said.

E-signatures bill: Fraud made easy? 
June 20, 2000 Robert Lemos

The digital signatures bill passed by Congress this week threatens to cause identity theft to skyrocket and leave consumers liable for large-ticket purchases, consumer advocates said on Friday. 

The legislation -- called the Millennium Digital Commerce Act -- will endow electronic documents and contracts with as much validity as the pen-and-paper kind, but it does not establish significant consumer protections against fraudulent use or forgery of electronic
signatures, they said. 

"It is as easy to steal an electronic signature, or easier, than it is to steal a credit card," said Margot Saunders, managing attorney for the National Consumer Law Center. "With a credit card, however, you are only liable for the first $50. Under this act, the consumer will have to prove the signature is not theirs (to escape liability). But how do you do that?" 

Saunders worries that insecure signature methods could be adopted, saddling consumers with not only the loss of their digital identity, but also the cost for damages caused by any technological failure. 

Unfair balance of power 

While some protections do exist in the bill, Saunders and other consumer advocates worried that the electronic signature legislation shifts the balance in the New Economy unfairly towards businesses. 

'It is as easy to steal an electronic signature, or easier, than to steal a credit card. With a credit card, however, you are only liable for the first $50.'|Margot Saunders, National Consumer Law Center "It raises a lot of concerns," Saunders said. 

The e-signatures bill -- which breezed through both the House and Senate, and only awaits President Clinton's expected signature -- could affect consumers in other ways, as well. 

While the bill guarantees the consumer a choice between digital and pen-and-paper contracts, businesses could unfairly penalize those buyers who insisted on physical documents, Saunders said.