Businesses argue for national e-crime unit

BCC report shows three-quarters of firms want dedicated unit

Almost 75 per cent of businesses want a national body set up to deal with e-crime, according to a new report by industry body The British Chambers of Commerce (BCC).

The report entitled, The Invisible Crime: A Business Crime Survey, surveyed 3,900 businesses nationwide to ascertain the extent of crime against business.

Most respondents believe that because e-crime is not location specific, the issue can only be properly combated with a national e-crime body.

The report found that 94 per cent of organisations have suffered from spam emails in the last year, while 31 per cent have experienced phishing attempts, 23 per cent have found themselves at risk from spyware and 19 per cent of businesses reported data loss because of viruses.

In addition, credit card fraud hit 11 per cent of the survey respondents and 8 per cent said they had laptops stolen.

Author of the report and policy advisor for the BCC, Gareth Elliott, said “There is a clear evolution of cyber crime and noticeable doubling of credit card fraud.”

Elliot argued that there needs to be more commitment from government to fight e-crime targeted at businesses. The fact that the National High Tech Crime Unit has now been subsumed into the Serious Organised Crime Agency means its original purpose has been defeated, he added.

But Jamie Cowper, European director of marketing at encryption firm PGP Corporation, argued a centralised e-crime unit might not be the answer to firms' problems.

“While an e-crime unit can certainly help, it’s unrealistic to expect a dedicated ‘e-bobby’ for every computer in every home and business,” he said.

The BCC report also took a look at the steps businesses have taken to prevent online fraud: four-fifths of respondents said they use anti-virus software, 77 per cent use spam filters, 74 per cent use a back-up data system and 70 per cent store data off site. Only 40 per cent of those surveyed set ‘strong’ password policies.

In related news, an independent European advisory body to the European Commision, the Article 29 Data Protection Working Party, has just published a report noting a clear set of responsibilities under the Data Protection Directive for search engines.

The report argues for search engine providers to delete personal data if it no longer serves the legitimate purpose it was collected for. Search providers must also be able to justify why they are holding individual’s data at all times, it said.