Top EU security agency calls for policing of social network

Europe's top Internet security agency, ENISA, called Tuesday for new legislation to police social networking sites such as Facebook and MySpace.

"Social networking sites are very useful social tools but we must make recommendations for how to better protect people from the risks these sites create," said Andreas Pirotti, executive director of ENISA (European Network and Information Security Agency).

He suggested that EU legislation be expanded "to cover the taking of photos of people and posting them on the internet," he said, adding that currently there is no need to get a person's consent in order to post a photo of them.

He also said there is a "crucial need" to raise awareness about how social networking sites work. Few people realize that they can be offered up as friends to people they don't know. Also, many people don't realize that it's almost impossible to erase material once it has appeared on the internet, Pirotti said.

ENISA was created in 2004 as a temporary body to oversee online security measures across the 27 countries of the E.U. It was supposed to finish its mandate in 2009 but the European Commission wants to extend its tenure up to 2011.

The Commission is also proposing beefing up ENISA by merging it with an EU-wide telecom regulator. This idea is one of the more controversial proposals in a broad revamping of EU telecom rules that is currently being debated by national governments and the European Parliament.

Pirotti said network security is constantly under threat from spammers and criminals. An estimated 6 million computers around the world are believed to be infected and used as part of so-called botnet networks by criminals without the computer's owners realizing, he said.

"Internet security is extremely important, considering how much business takes place online now. We don't want infrastructures to be disrupted, we don't want a digital 9/11 to happen," he said.

While the bulk of spam has disappeared from email in-boxes, it still costs Internet service providers a lot of money. ENISA estimates that spam which is caught by the ISP before it is forwarded to people's e-mail boxes accounts for 94 percent of all e-mail sent.

"Because you don't see so much spam anymore you may think the problem is limited, but it isn't. The spam problem is growing and ISPs are paying for it," Pirotti said.