Time to clarify IT law

The government has many issues on its technological agenda, but before embarking on projects involving smartcards or online voting, it ought to tackle internet security and privacy.

The government is clearly aware that there is much work to be done in this area, and part of this work involves updating laws or creating new legislation. Laws such as the Data Protection Act, the Regulation of Investigatory Powers (RIP) Act and the Computer Misuse Act have been introduced to provide safeguards for data.

But this legislation has yet to prove effective. The Data Protection Act and RIP Act still cause difficulties that have yet to be tackled.

Indeed, the problem remains for organisations that compliance with one piece of legislation could mean a breach of the other.

And there have been many calls for an update to the Computer Misuse Act, to provide harsher penalties for offences such as virus creation and hacking.

One thing missing from the process of producing new laws is meaningful consultation with the private sector, and in particular with IT professionals. Legislators themselves often lack technical knowledge needed to create appropriate and effective laws.

Perhaps it is time for user organisations and IT-savvy representatives of the business community to join forces to propose helpful reforms to existing legislation, and to offer their input to the government's policy-making and revision process.