The UK government has announced a ban on all cold calls selling financial products:

… last summer, 41 million people were targeted by suspicious calls and texts, according to media regulator Ofcom. 

UK to ban all cold calls selling financial products. BBC News, 3 May 2023.

41m people targeted in just one summer? Ouch. And yet I suspect that’s only a fraction of the real scale of the problem.

The government’s new proposal is that:

Cold-calling will be banned for all financial products as part of a national strategy to tackle the £7 billion-a-year cost of fraud in Britain.

The ban will include unsolicited phone calls from those trying to sell any type of insurance or cryptocurrency schemes as they are seen as the most common scams used against victims, particularly older people.

Cold calling ban to fight financial fraudsters. The Times, 3 May 2023.

While it’s good to finally see action, if the reports are accurate it seems odd to cherry pick only a few communications channels—calls and texts—rather than all (including emails for example). And why just “financial products”? After all:

… most fraud now has an online element, data suggests.

UK to ban all cold calls selling financial products. BBC News, 3 May 2023.

Part of the problem is the lack of a secure, consistent way of verifying who’s contacting us when our bank, for example, calls us to discuss a problem with our account. “Well, you say you’re my bank, but how do I know that?” This broken “system” also needs fixing.

A more comprehensive and integrated approach to identifying, reporting, and responding to scams has long been needed. But it needs to be channel agnostic, and not narrowly focused on cold calls and text messages.

As I write in my new book, Fracture:

It might seem self-evident and uncontroversial to state the same rights, rules, and regulations should apply equally online and offline. Yet the victims of crime are often treated inconsistently. Governments sometimes adopt laws for the online world that contradict those they create for the offline world. The inclusion of online crimes in national crime statistics only happened as recently as 2015 in England and Wales, as if somehow online crimes before that date were not “real” crime. Try telling that to the victims.

Treating cybercrimes as if they’re different from other crimes isn’t a recent phenomenon. In 2007, in evidence to the UK House of Lords Science and Technology Committee, I pointed out that “reporting cybercrime is extremely difficult, and the public are confused as to how they should go about it.” Nothing much has changed. Although ActionFraud acts as a single point for the reporting of fraud and cybercrime, their website points users at another eight organisations that might be relevant depending upon the type of crime, as well as the potential need to report the incident to the UK regulator, the Information Commissioner’s Office. No wonder “computer crime” is escalating. Calls for a clearer, consistent, and integrated reporting structure, one that consumers can easily understand, and which integrates handling of all crimes, remain unheeded.

These irrational and systemic inconsistencies erode trust in our public institutions. It’s also perverse: technology makes it easier to report, record, and analyse suspected offences quickly and effectively regardless of where they happen. Governments need to ensure consistency: crime is crime wherever and however it happens. The fact this doesn’t hold true equally across digital and physical environments (still) needs fixing.

Fracture. The collision between technology and democracy—and how we fix it.

The news reports suggest that “a new fraud squad will also be set up with 500 staff, up from 120 now”, which is a step in the right direction. But we also need a consistent set of legislation for all forms of scam and crime regardless of the channel or medium used, alongside a streamlined, effective and well-resourced reporting, investigation, and enforcement regime.