ISPs raise the bar on Net privacy

NEWS At the second quarterly meeting of the Internet Users Privacy Forum (IUPF) last week, Internet service providers (ISPs) and civil liberties groups redoubled their efforts to establish standards on Internet privacy above current government guidelines. Part of the meeting, the minutes of which will be published at http://www.iupf.org.uk , was given over to rubber-stamping best common practice documents published by the London Internet Exchange (Linx) relating to traceability, illegal material and spam email. Other privacy issues were also on the agenda. Speaking afterwards about encryption policy, Keith Mitchell, chairman of Linx, said he was glad the UK government has "abandoned this broken idea of key escrow", but said there is more work to be done. Mitchell said it is up to the fledgling Internet industry to regulate itself, with standards higher than the Data Protection Act. "We want to go beyond the letter of the law," he said. However, he said a kite mark on the sites of ISPs that operate an acceptable privacy policy (including being anti-spam), is unlikely. One fear is that such a scheme will need policing - a task that could increase ISP overheads, he said. But Mitchell said ISPs must realise they have a duty to safeguard their users' privacy and confidentiality. Yaman Akdeniz, UK director of Cyber-Rights & Cyber-Liberties (C&C), said: "The good ISPs are acting, for the sake of the industry and users. It's important for users to know individual privacy policies." He added: "Those without a privacy policy will lose customers in the long term." Nicholas Bohm, spokesman for the Foundation for Information Policy Research, said the event - which was without a government or law enforcement presence - led to "no great areas of discord", but claimed it will be "easy for ISPs& not to want to bother with these extraneous demands". Similarly, C&C's Akdeniz warned that not all of the 300-plus ISPs in the UK have equal access to legal expertise on these issues, and it will be important to have common middle ground for all ISPs to agree on. The next IUPF meeting is on 2 September. The BCP documents can be found at http://www.linx.net/noncore/bcp/ .