Advocacy group supports US authorities in deterring cybercrime
VPN providers should adhere to a minimum standard of ethics to deter cybercriminals from taking advantage of their privacy-enhancing software.
That is the stance taken by industry group the i2Coalition, which has declared its support of a government takedown of illegitimate Virtual Private Network services.
The US-based i2Coalition – also known as the Internet Infrastructure Coalition – was formed in 2011 to advocate for public policy on the behalf of technology companies.
Its members include web hosting companies, data centers, domain registrars and registries, cloud infrastructure providers, managed services providers, and others.
The coalition has thrown its weight behind the US government in the drive to clamp down on cybercriminals using IP address-masking services to evade authorities.
Working for the clampdown
The announcement came after the US Department of Justice (DoJ) announced it had shut down three VPN services that it said were used to facilitate criminal activity.
The international coordinated operation saw three domains, which offered “bulletproof hosting services”, a term the DoJ described as being “intentionally designed to provide web hosting or VPN services for criminal activity”.
RELATED Safe-Inet: VPN service for cybercriminals taken down in law enforcement bust
A statement from the VPN Trust Initiative (VTI) – a subgroup of the i2Coalition – reads: “The members of the VTI, which include the world’s leading VPN providers, work diligently every day to deter criminal activity.
“Any technology can be misused, and the overwhelming majority of VPN usage is for legal and legitimate purposes, and millions of consumers and businesses rely on VPNs for essential online protection.”
Best practices
The VPN Trust Initiative, which was formed in September 2020, developed a set of best practices for vendors to ensure they promote safety and privacy within the online community.
Guidelines include having an open approach to transparency regarding the companies’ practices, protecting users’ privacy, and abiding by valid legal requests.
Christian Dawson, executive director of the i2Coalition, told The Daily Swig: “One of the reasons we put together this framework for VPN providers is that we realized that not every provider was approaching these problems with the same level of professionalism as well as sensible business and technical practices.
Read more of the latest cybersecurity policy and legislation news
“The members of our VPN group set out to create a floor, and not a ceiling, that outlined the minimum requirements for being considered a responsible member of the VPN community.
“Some of our providers are well above the bar we set, but not every provider out there is above it.”
Good people, smart policy
Last year “solidified” the coalition’s beliefs that cybersecurity issues do not start and end with technical dilemmas, said Dawson.
Multiple risks were highlighted in 2020 that could have had profound consequences on US policy, such as the fears surrounding hacking during the Presidential election race and multiple frauds associated with the Covid-19 pandemic.
“In the past year we’ve seen continued increases in ransomware, phishing, social hacking, and many other issues that wreak havoc with people’s lives,” Dawson told The Daily Swig.
He added: “Over the course of 2020, our belief that cybersecurity isn’t just a technical problem was further solidified.
“Effective cybersecurity responses are managed by good people and smart policy. They preface their reactive responses with proactive planning.
“Our work has been centered on building trust [with] the parts of the industry that earn it – but make no mistake, that trust must be earned. That does, and will always, start with good people and smart policy.”
YOU MAY ALSO LIKE Biden administration looks to shake up US cybersecurity policy
