The Home Office is running a consultation on unauthorised access to online accounts and personal data.
It is exploring ways to reduce the burden of responsibility on individuals for cyber security and achieve a big reduction in cyber crime.
This has prompted it to ask for views on the risks that come with unauthorised access, current actions and those that should be taken to address the problem, and who should be responsible for them.
The consultation document says there is a need to consider new proposals on the issue under the government’s Cyber Duty to Protect programme.
It identifies including unauthorised access to computers, the hacking of online accounts, the availability of personal data on online marketplaces, and the regulatory requirements on organisations that provide online accounts.
It says the Home Office intends to work with stakeholders including the tech industry, cyber security industry, victim support groups and the business sector to develop proposals on appropriate security measures and compliance with them.
Secure by default
The document's foreword says: “This work will explore measures to reduce the burden on citizens for cyber security, including the application by organisations of ‘secure by default’ principles to protect user accounts and information.
“It will also examine whether to supplement requirements in data protection legislation to ensure that providers of online services and accounts, as well as processors and holders of UK citizens’ personal data, exercise an appropriate and proportionate degree of responsibility for the protection required of the data and access to it.”
It adds: “We will not implement further regulation or legislation without a clear case, but we have a responsibility to consider how to better protect citizens from cyber crime and facilitated offences.”
The consultation is set to run until 27 October.
