BBC defends botnet acquisition

The BBC have responded to suggestions that the acquisition and use of a botnet as part of a programme on internet security could have been illegal. The H asked if any costs were involved in acquiring the botnet; a BBC spokesperson replied "We would never discuss costs, but this demonstration was very much in the public interest". As suggested by other sources, the public interest defence is incorporated in the OFCOM regulations on how broadcasters should deal with criminals. Rule 3.3 states

No payment, promise of payment, or payment in kind, may be made to convicted or confessed criminals whether directly or indirectly for a programme contribution by the criminal (or any other person) relating to his/her crime/s. The only exception is where it is in the public interest.

The H asked if the programme in question was created in compliance with this rule and was told "The BBC takes the view that the demonstration of the vulnerability of PCs to malicious software is in the strong public interest, and the experiment should be seen in this context". The H agrees that the demonstration was in the public interest, but would have hoped for a little more transparency in answering the question over payments.

With reference to OFCOM rules, the BBC spokesman said that they have not included technical details which could be used by a member of the audience "as an instruction manual" and again pointed to "a strong editorial justification in alerting computer users – especially those unaware they were already infected – to the dangers of organised cyber crime".

The full version of the programme, one of the >Click series, is due to be broadcast on Saturday 14th March at 11:30am and repeated over the weekend on the BBC News channel.

(djwm)