[LINK] Consumer computer security

Alan L Tyree alan at austlii.edu.au
Tue Jan 23 11:57:52 AEDT 2007 

On Tue, 23 Jan 2007 09:22:47 +1100
Roger Clarke <Roger.Clarke at xamax.com.au> wrote:

> At 6:50 +1100 14/1/07, Alan L Tyree wrote:
> >I'm looking for some help here. I'm writing a submission to ASIC on
> >the review of the EFT Code of Conduct. One of the things that
> >Industry has been pushing for is to make consumers liable for losses
> >caused by computers infected with malware.
> >The argument I wish to make is that consumers are hopelessly ill
> >equipped to secure their (Windows) computers. ...
> 
> 
> [Just as I'm nearing finalisation of a draft paper on the topic - 
> I'll post an RFC shortly - up bobs this useful article.  Comments 
> interspersed]

Thanks Roger, although I'm still not sure how this got on Link. I
was looking for some guidance from the SLUG list. Oh, well, I need all
the help I can get.

<SNIP>

> 
> ['Plausible deniability' usually hinges on setting up a straw man 
> accusation and then denying the straw man.  'We haven't made any such 
> submission' = 'we've lobbied for it, we've even made the mistake of 
> mentioning it in writing a couple of times, but we've not [yet] made 
> a 'submission' to that effect, at least not to ASIC']

Agree. The Telegraph yesterday said that the proposal was part of a
submission by a law firm that represents banks. Could be any or all of
the large law firms. One thing I have noticed is how little lawyers at
these firms understand even the basics of consumer protection policy.
They simply consider it as an obstacle to their client which can, and
should, be circumvented.

A speaker at a recent meeting of the Banking Law Association even
railed at the whole idea of consumer protection, even saying "What
about freedom of contract?" A perfect 19th century concept for the 21st
century, but very indicative of the thinking in the large City firms.




> 
<SNIP>
> 
> "It's important to have a debate about it but the debate should be in 
> the context of: 'This is the issue that has been raised'. It's not a 
> question of just shoving liability for fraud, including credit card 
> fraud or anything else, on to consumers."

The hell it isn't. Having chosen to use the immense free resource
(consumers' PCs) instead of putting in dedicated equipment, the
proposal is definately to shift the ensuing losses onto the consumer.

<SNIP>
> 
> "The EFT code is old," Mr Coates said. "It's ageing and it's 
> struggling to stay up with the developments in modern banking 
> technology. There's no question it needs upgrading."

Not too much, actually. The basic structure of the EFT Code is very
good, and its interpretation by the Banking Ombudsman has made it even
more so. Part B needs to be expanded to cover all payment mechanisms
which are not based on a traditional account, but the allocation of
liabilities generally is very fair - assuming, of course, that the
recent initiatives don't go through.

Alan

> 
> -- 
> Roger Clarke
> http://www.anu.edu.au/people/Roger.Clarke/ 
> Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611
> AUSTRALIA Tel: +61 2 6288 1472, and 6288 6916
> mailto:Roger.Clarke at xamax.com.au
> http://www.xamax.com.au/
> 
> Visiting Professor in Info Science & Eng  Australian National
> University Visiting Professor in the eCommerce Program
> University of Hong Kong Visiting Professor in the Cyberspace Law &
> Policy Centre      Uni of NSW
> _______________________________________________ Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
> 


-- 
Alan L Tyree                    http://www2.austlii.edu.au/~alan
Tel: +61 2 4782 2670            Mobile: +61 427 486 206
Fax: +61 2 4782 7092            FWD: 615662

More information about the Link mailing list