EURIM Subgroup on Electronic Impersonation, Brand Protection Domain Names etc.

Back to main E-Crime page

One result of the current reviews of EURIM plans for 2011-12 has been agreement to create a cross-cutting sub-group to bring together those wishing to take direct action against current and emerging predators, including the methods and channels they use and those who assist them. The group is expected to have very different perspective on the longer term issues as well as identifying where we do not need anything new, "only" to make effective use of what already exists.

Background

It is commonly said by those seeking support for new electronic identity systems or legislative initiatives that electronic impersonation is at the heart of tens of billions of pounds of fraud.

Much less attention is paid to how existing systems and legislation could and should be used to take action when evidence is found, whether or not those being impersonated are aware and the implications this has for new proposals.

EURIM is looking at the practicality of organising a major top-down exercise to look at how to reconcile the many conflicting agendas in the area of Information and Identity Governance but, meanwhile, we have found support for a more immediate action-oriented exercise to look at the issues from the perspective of the victims, corporate as well as personal.

Issues to be addressed

What happens when you have been impersonated? Who could/should help and how?

What happens when there is evidence that you might be impersonated: e.g. your personal data and/or control of your computer systems are available for sale?

What should an organisation do when it learns that customers may have been compromised, whether or not it has any evidence of a breach in its own systems?

What are the lessons learned from those who have taken action to obtain civil redress against those responsible (negligence as well as criminal action) for the losses they suffered?