Europe and US split over curbs on hacking

The American Association for the Advancement of Science 14 point strap across widthy
The US and Europe are split over how to protect the information superhighway - a world network of computers that will supersede the Internet - from hacking and maintain privacy.

The rift could undermine attempts to protect privacy when the superhighway offers services such as banking and health care; some of the most sensitive personal data will then be transmitted between systems.

Marc Rotenberg, director of the Electronic Privacy Information Centre, a Washington think-tank, told the annual conference of the the American Association for the Advancement of Science in Atlanta, Georgia, at the weekend that cases like that of Kevin Mitnick, 31, the American hacker who stole details of more than 20,000 credit cards, could become common unless the US and Europe agree on a global system of privacy protection.

"That kind of vulnerability [exposed by Mitnick] is a very real threat not only to consumers but to businesses that are considering the Internet as a platform for offering commercial services. It is partly with that in mind that Europe has adopted the approach that we need to have privacy protection," Mr Rotenberg said.

The European Commission wants governments to enforce privacy by law, whereas the US government prefers voluntary controls. "That approach is simply not going to meet the test of the European Commission in terms of satisfying the requirement that privacy should be built into the global information superhighway," he said.

"The US is not yet ready to endorse legal safeguards in the private sector and we think that is a necessary requirement, whereas the European Commission believes it's an essential precondition." Privacy and the need to protect computer data by encryption will be discussed this weekend at a meeting of the G7 nations in Brussels, Mr Rotenberg said.

Although new methods of encrypting data could make personal data secure against hackers, the US government fears the spread of the technology will make it more difficult for police and national security agents to monitor the superhighway for evidence of crime.

"There's been a dramatic change in the past 10 years brought about as a result of the availability of encryption and other techniques for protecting privacy and that is the recognition that technologies can be designed both for surveillance and for protecting privacy. This creates the perfect challenge: how do you design systems to maximise privacy while minimising surveillance?"

Mr Rotenberg said the US passed a law last year making it easier for law enforcement agents to tap digital telephone exchanges. However, this would also make it easier for hackers to gain illegal access to the Internet.

The global information superhighway will raise other fundamental issues on privacy, he said. "In the next decade we are going to see an enormous debate over the control of individual identity - the right to know who someone is and the right for you to control the disclosure of your identity.

"The second key issue is the right to sell personal data about others . . . complete medical history, psychological profiles and educational records. A third critical issue is going to be the right to privately possess the technology that gives privacy, such as encryption."