Policing Cybercrime
The future for the policing of cybercrime

https://doi.org/10.1016/S1361-3723(04)00017-XGet rights and content

Abstract

What can we reasonably expect from law enforcement in terms of policing high tech crime? What can the police reasonably expect from us in terms of adequacy of prevention and co-operation when a suspected crime occurs? Cyber Crime Policing can only be understood within the broader issues facing the criminal justice system. It seems to me that both sides may be expecting too much of each other and a more realistic approach might be more productive. In this presentation I will concentrate on the situation here in the UK; however similar patterns occur in many other countries.

Section snippets

History of UK response to “computer crime”

The UK was one of the first countries to have its own specialist squad of computer crime cops. In 1985 John Austen set up the Metropolitan Police's Computer Crime Unit (CCU) within the Met's Fraud Squad. In 1996 the National Criminal Intelligence Service (NCIS) started Project Trawler to scope out the range of “computer crime”; the result was published in 1999. Following on from that, and after protracted law enforcement lobbying, since April 2001 we have had a national structure – the National

We want “more”

And yet almost everyone believes that this response is somehow not “enough”. There are a number of large UK-based companies who say that their own individual information security staff out-number the total of full-time police officers engaged in this sector. The comparison is a little unfair as corporate information security staff are mostly not investigators but work in technical and administrative roles – but the accusation remains. Almost everyone in IT security can be induced to say that

Police priorities

At the moment there are some 130 000 police officers in the 43 police forces of England and Wales, provided at an overall annual cost of approximately £9000 million. For so long as UK citizens wish to keep tax payments down and also expect the Government to deliver services for education, health, social welfare, transport infrastructure, the arts, agriculture, industry and so on, we are unlikely to see more than minor adjustments in that figure.

Within the broad crime reduction/law enforcement

Definitions of cybercrime

For almost as long as people have been aware of a category called “computer crime” – the first books with relevant titles came out 30 years ago – there have been arguments about what to include. Most analysts draw a distinction between those situations where computer technology suffuses everything about the crime – the scene of crime, the nature of the offence, the type of evidence, the perpetrator – and “ordinary” non-virtual crimes where some of the critical evidence is in digital form. The

Measures of effectiveness

The cost of police investigations must, on the whole, be proportionate to the likely outcome in terms of eventual punishment. Here we can run into difficulties. The maximum penalty under sections 2 and 3 of the 1990 Computer Misuse Act is five years. For simple unauthorized access under section one the current maximum is six months. It is highly unusual to have any actual custodial punishment in excess of three years. But costs for contested cases, particularly if these have an international

Law reform

Perhaps for those who want “more” but recognize the limits on police resources, we can turn to law reform. There are a few areas which merit attention. In the area of substantive law there are some important issues: the 1990 Computer Misuse Act pre-dates the Internet and is based, at least in sections 1 and 2, on the concept of “unauthorised access”. In 1990 people knew when they were making an unauthorized access to a computer because they usually had to input a username and password to which

Conclusions

The UK has a solid cadre of highly motivated, skilled cyber-cops. It has in place a series of training schemes to increase their number but also to ensure that their line managers and all investigators get a measure of “awareness sessions” so that they understand digital evidence.

At the moment the best standards apply to disk and network forensics; law enforcement understanding of corporate networks, how they work and where evidence might be located, is however relatively weak.

Currently the

References (0)

Cited by (13)

  • Can we continue to effectively police digital crime?

    2017, Science and Justice
    Citation Excerpt :

    These perceptions are largely due to societal and technological developments, brought into public consciousness through mounting media coverage, coinciding with increasing computer usage and volumes of digital crime [65]. Since the turn of the millennium, DF has played a major role in digital crime detection and prevention despite being in existence since the 1980′s, when the first incidences of computer crime were witnessed [57]. When quantified, the field of DF is around 30 years old and is now a well-established branch of forensic science, embedded into criminal and civil legal practices worldwide where the acquisition and interpretation of digital evidence is often required.

  • Cybercrime: Understanding and addressing the concerns of stakeholders

    2011, Computers and Security
    Citation Excerpt :

    A candid dialogue acknowledging the role of domain name registrars, service providers, law enforcement, social networking providers, monetary wiring services and others in fighting cybercrime is key”. In contrast, several studies in the area of criminal justice and policing suggest that law enforcement agencies are maturing slowly in their attempts to address cybercrime (Bhaskar, 2006; Burns et al., 2004; Carter, 2004; Sommer, 2004; Speer, 2000; Thomas and Loader, 2003). The research argues that law enforcement agencies must ultimately be better prepared and trained to deal with cybercriminals and their activities; must treat cybercrime and identity theft as a serious and dangerous criminal matter; must work cooperatively within and across national boundaries; and, must disseminate and share critical theft intelligence and fraud information.

View all citing articles on Scopus
1

Peter Sommer is a Research Fellow at the London School of Economics where his main interest is the reliability of digital evidence and he teaches a Master's course on information security. He has been acting as an expert witness in the courts involving computers since 1985 and has been involved in a number of headline-grabbing trials. He is an external examiner at the Royal Military College of Science, an advisor to the National Specialist Law Enforcement Centre and has run training for the Crown Prosecution Service. In the last Parliament he was a Specialist Advisor to the Commons Trade & Industry Select Committee. Research assignments have include activities for the European Commission and the Financial Services Authority.

View full text