IT regulation likely by 2015, says analyst Gartner

So says analyst Gartner, which forecasts widespread regulation of the IT industry, and Richard Hunter, vice president and analyst at Gartner, suggests that many vendors and most corporate IT organisations are unprepared. "Three years ago Gartner published research predicting that either catastrophe from IT failure, or a continuing history of lower-level failures would provoke either governmental regulation or industry self-regulation of IT products and services in the US by 2015 and in the EU by 2015 to 2018," says Hunter. "Although the exact date of arrival for regulation is difficult to predict, we believe that, in recent months, the tempo and intensity of the indications of such an event have increased," he adds. His view: software vendors need to be aware that increased liability will drive generic software out of the market, and they should prepare for transparency and product/price differentiation based on quality and certified fitness for purpose. Meanwhile, IT service providers, he says, should do the same and mitigate risks by incorporating strong documentation, audit right provisions and legal compliance terminology into outsourcing deals. Hunter points to recent articles describing the growth and scale of criminal hacking networks aimed at governmental and industry targets, as well as statements by representatives of the US and UK governments. These, he believes, indicate that the state of IT security is now viewed as unacceptably dangerous – not helped by the rise of social networks such as Facebook, MySpace and Twitter, leading to increased concerns over the safety of personal data. "All these events are taking place within a global climate that is shifting towards regulation on many fronts," says Hunter. "The public is wary of cascading risks and would seem to be supportive of legislation and litigation aimed at reducing those risks, including those posed by IT."