The e-Crime problem
At a strategic level, industry research and law-enforcement intelligence analysis indicates that e-Crime is a large and growing problem in the UK. Although the difficulties involved in gathering accurate data on eCrime are widely acknowledged, ACPO is committed to developing more reliable and consistent measures of e-Crime.
There are a number of barriers that will need to be overcome to accurately assess the level of e-Crime being committed on UK victims. One of the most significant challenges is under-reporting. Victims of e-Crime are often reluctant to report incidents to the police, either through embarrassment (for
example, having been deceived by an advance fee fraud) or through fear of damage to their
commercial reputation (for example, having suffered a data breach or a DDoS attack). In some cases, victims are genuinely unaware that an offence has been committed (for example, when their computer has been compromised to form part of a BotNet). Of particular concern is the belief by some victims that the police will not act if they report computer-related crime. Although forces can record and investigate eCrime, the nature of e-Crime and the structure of existing recording frameworks
make analysis at a national level difficult. There is currently no central reporting point for e-Crime. It is proposed that the National Fraud Reporting Centre (NFRC) should take national responsibility for the reporting of eCrime alongside fraud. Changes are also required to ensure that e-Crime is included as
a separate category within overall measures of crime and public confidence in the police, such as the British Crime Survey
Law enforcement challenges of e-Crime
Investigation and prosecution of criminals involved in e-Crime presents some unique challenges to the law enforcement community. The Internet allows criminals to target potential victims from anywhere in the world, and enables mass victimisation to be attempted with relative ease – a single e-mail infected with malware can be sent to millions of recipients. The Internet provides the criminal with a high degree of perceived anonymity, as well as creating jurisdictional issues that may impede rapid pursuit and prosecution of offenders. In addition there is not yet a clear distinction between issues that are best dealt with through better regulation and those that require law enforcement action. The technical nature of the methods used by those perpetrating e-Crime creates additional complexity throughout the criminal justice process – from capturing appropriate details when the crime is reported, through the complex regulatory processes required to obtain data on internet activity, to securing and preserving potentially volatile evidence in a way that ensures legal compliance. When a prosecution is brought before the courts, a jury may be faced with complex technical evidence that they need to understand to make a decision on the guilt or innocence of the defendant. The pace of technological development provides criminals with a continuing stream of new opportunities and methods of attack, as well as challenging the Police Service and other law enforcement agencies to ensure their own knowledge and expertise are kept up to date. The need for a better understanding of e-Crime applies across the Criminal Justice Sector, including not only the Police Service, law enforcement agencies but also the Crown Prosecution Service and the Courts.
Benefits• More timely and accurate recording of e-Crime allegations
• Quicker response to live-time incidents
• More structured and professional response to serious e-Crime incidents
• Improved communication flow between agencies with regard to intelligence, best practice and emerging technologies and threats
• Increased intelligence led enforcement opportunities, in particular the ability to disrupt criminal networks
• More efficient and effective forensic and legal response to e-Crime
• Reduced 2012 Olympics e-Crime threat and increased law enforcement capabilities
• A more consistent approach to e-Crime across forces
• Efficiency improvements through economies of scale
• Increased skill of specialist officers across all forces and law enforcement agencies
• Mainstreaming of e-Crime into every day policing and law enforcement activities
Principles: That e-Crime can only be effectively tackled through partnership working, on intelligence, prevention and enforcement
o That the Police Service needs to respond in a co-ordinated manner as e-Crime is a nongeographical problem
o That building specialist e-Crime capability is not enough – all police officers need to have an
understanding of e-Crime
o That prevention has a key role to play in reducing opportunity for e-Crime
o That police resources are finite, and should be focused on activities that maximise harm reduction and increase public confidence