Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

TalkTalk attack: UK digi minister recommends security badges for websites

Foolishly suggests kitemark to, er, reassure customers

The UK's digital minister Ed Vaizey has floated the idea of adding kitemarks to websites that have strong security measures in place, following the attack on TalkTalk's business last week.

Speaking in Parliament on Monday in response to an urgent question on data breaches and consumer protection, following the ransack of TalkTalk's sensitive customer details, Vaizey said:

In many cases, businesses set out extremely detailed terms and conditions, but the idea that they are consumer-friendly is wide of the mark.

If I can take, as it were, the spirit of her question [Labour MP, Gisela Stuart], some kind of kitemark to denote companies that have robust cyber-security procedures in place would be something worth exploring.

Vaizey, a politico who is big on self-regulation, seemed to be suggesting that such a badge would allow customers to think that the website they are using poses no or little security risk.

But offering Brits such a false sense of security, as the fallout from the TalkTalk attack continues, is at best naive and at worst a total failure to adequately jump to the defence of consumers – the real victims in this whole mess.

'Misinformation' on government views on encryption? Fancy that!

During the debate, Vaizey also responded to questions about encryption, after he was asked if companies should use such technical safeguards to help secure customer data.

"It has to be said that companies should encrypt their information. There has been some misinformation that the government are somehow against encryption," the minister said, without elaborating further.

Over the weekend, TalkTalk boss Dido Harding stated that her company was under no legal obligation to encrypt customer data, much to the chagrin of the budget telco's customers.

The Information Commissioner's Office told The Register on Monday that current UK data protection law spelled out clear rules to companies handling customer info.

“All organisations must have appropriate security measures in place to prevent the personal data they hold being accidentally or deliberately compromised. Any measures put in place should prevent security breaches or limit the damage if they do occur," we were told by the data watchdog.

The ICO added: “As one single product cannot guarantee security, we would advise a combination of different tools and techniques. Encryption is just one way of doing this.” ®

The Register has created a timeline of TalkTalk's contradictory comments following on from the initial announcement of a website outage.

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like