ISPs shun anti-virus responsibility

British ISPs have rejected calls for them to take a more pro-active line in the fight against viruses, saying they can only do it if the consumer is willing to pay.

ISP representatives were reacting to calls yesterday on silicon.com for providers to protect users from the ever-increasing number of viruses bombarding computer systems every day.

Tim Snape, council member of the ISP Association (ISPA), said: "Users have to realise that if they want these added value services then they will have to pay for them. If the consumers are happy to live with receiving "dirty" emails from their ISPs and refuse to pay more to clean it up, then that is the choice they make."

Speaking to silicon.com, David Perry, director of public education at security firm Trend Micro, said ISPs should deliver users "clean water at the tap" if the industry was going to deal with the soaring virus scourge.

ISPA's Snape responded by saying: "In the analogy of ISPs with water companies, we would say we are more concerned with the management of the piping, than the actual water itself. It is not an ISP's responsibility to monitor content."

Other ISPs went further, saying not only is it not their responsibility to monitor content, it is actually inherently wrong and could be illegal. A spokeswoman for AOL UK said: "We regard the integrity of our users' data as our top priority, and as such do not monitor or interfere with messages. We feel there are potentially unacceptable data protection issues with scanning users' messages."

The word from the government is that, although a somewhat murky issue, scanning emails for viruses is entirely legal in the UK, but may not be overseas.

A spokeswoman for ISP Claranet said it would not be technically practical for it to filter for viruses.

Security experts estimate about 80 per cent of viruses come via ISPs. Many small business users and home users don't use or regularly update virus software, allowing viruses to flourish. Some are now saying the ISPs should be doing that job for them.

Currently most ISPs, including AOL, simply offer users advice on viruses, and links to download anti-virus software to their desktop.

Hellen Omwando, associate analyst for Forrester Research, said: "There will be a huge outcry from ISPs on this, as most of them can barely afford to sustain their business at the moment - and filtering for viruses would require a heavy investment.

"Technically it's feasible - but it's simply a matter of cost," she said.

Virus guru lays security blame at ISPs' door
http://www.silicon.com/a47434
Magistr.b hits the screen
http://www.silicon.com/a47139
Top ten viruses: Old pretender still number one
http://www.silicon.com47054