The government's "slow" and "disappointing" progress on tackling e-crime has been lambasted by committee peers in a report.
The promise is an about-face for the government after it previously rejected a series of recommendations made by the committee, and follows on from an apology from the Home Office for having been "over-defensive".
Home Office minister Vernon Coaker recently said the government intends to fund an e-crime unit, which will form part of the forthcoming National Fraud Reporting Centre, but he has not announced a budget or a date for action.
Speaking recently to Computerworld UK, business and IT industry figures said they wanted the e-crime unit to reflect proposals made by the Metropolitan Police, by making visible arrests of cybercriminals and not just acting as a reporting centre.
In interviews for the Lords committee's new ‘Personal Internet Security’ report, Coaker said he would be “very happy” to “drop a note” every two months on government progress.
The committee said “we particularly welcome” the offer. “We accept this offer and look forward to the Minister’s first report in July.” It added: “We like to think of our reports as, from time to time, a wakeup call.”
It also vowed to regularly return to the topic, to follow up on action taken. The government was only starting to take action, it said, after serious data breaches including the loss of 25 million personal records from HM Revenue and Customs.
“We acknowledge that, following the government’s disappointing response to our [previous] report, they have reflected further and, with regard to some of the issues we raised, there has been some progress towards meeting our concerns,” it said.
But it said any progress has been “slow”. The government has “at last started to take the risks seriously”, it said, but “a level of indifference on the government has now been dispelled only as a result of recent incidents involving serious losses of personal data”.
Lord Sutherland, chairman of the committee, said it is vital that e-crime victims can report fraud directly to the police. “If you were robbed in the street you would expect the police to recognise it as a crime and try to catch the person responsible,” he said. “If you are a victim of online fraud, you should be entitled to the same protection."
The committee also renewed strong calls for legislation that would hold banks responsible for customer losses incurred by e-crime, saying that banks often blamed customers for not protecting their PIN details. It warned that customers can only notify the police of fraud after informing their banks, but banks often have the commercial incentive not to support customer reports made to the police.
It called for the introduction of a data security breach notification law that would force the government and businesses to notify customers immediately of any losses to their data.