Policing Digital Crime
Editors: Robin Bryant and Sarah Bryant
Publisher: Farnham, Surrey, UK; Burlington, VT: Ashgate Publishing, 2014. 258p.
Reviewer: Peter Grabosky | July 2014
Controlling the abuse of 21st century technologies, and responding to digital crime in particular, loom large as challenges to industry, civil society, and to the state. As digital technologies become pervasive and increasingly interconnected, their vulnerability to criminal exploitation is even more evident. One now anticipates the time when many, if not most, crime scenes will contain some digital evidence.
This book provides an introductory overview of digital crime and the means for its prevention and its control. It is aimed at a UK readership, particularly at those working (or aspiring to work) in law enforcement professions. Some of the chapters, particularly those relating to law, deal almost exclusively with UK content. But most will be of interest to a wider market.
The book is an edited work of ten chapters, its contributors drawn largely from Canterbury Christ Church University. The senior editor’s significant contributions to content (author of two chapters and co-author of an additional four) assure the work’s coherence. By and large, it is clearly written.
The introductory chapter is a wide-ranging overview of digital crime and its basic elements. In addition to an inventory of crime types, among the issues canvassed are the nature of digital data, the hyper-connectivity that characterises digital life in the new millennium, and the technologies of concealment such as encryption and steganography. For good measure, the chapter includes a table providing a chronology of digital crime from initial hacking exploits in the 1950s to the 2013 allegations of hacking on behalf of the Chinese government. The chapter discusses the difficulty inherent in measuring the incidence and prevalence of digital crime, including a good explanation of under-reporting, and perhaps ironically, the tendency of some to overestimate the risk of victimization.
The following chapter on criminological and psychological explanations deal with such issues as anonymity, disinhibition and impulsivity, and contains a good discussion of criminological theories, in particular, routine activity theory. The chapter on prevention dwells extensively on the hindrance of access-based crimes through technologies of authentication. One is reminded that information security has become a global, billion dollar industry; the authors recall the contention of Anderson and other UK colleagues that more resources be devoted to pursuing cyber criminals than to preventing crime in the first instance. This debate seems likely to endure.
Chapter Four provides the fundamentals of criminal law, starting with the concepts of actus reus and mens rea. It gives a good overview of UK cybercrime legislation and the landmark cases deciding what constitutes, inter alia, tangible property, access, and possession. The following chapter on policing organizations and international issues acknowledges that much digital crime occurs across jurisdictional boundaries, necessitating a degree of international cooperation. To this end, it describes a variety of international frameworks for mutual assistance, including those established under the auspices of the Council of Europe, the G8, and the Organization of American States, among others. The fabric of international cooperation is by no means seamless, however; divergent priorities and capacities may still inhibit effective cooperation. The “alphabet soup” of agencies that exist within single jurisdictions constitutes a further challenge to concerted efforts at cybercrime control.
The following four chapters deal with investigations generally, crime scenes, forensic analysis, and network forensics. Efforts at standardization by the UK Association of Chief Police Officers (ACPO) are reflected in the detailed discussions of investigative doctrine, undercover operations, crime scenes, the location and preservation of evidence, the “nuts and bolts” of data imaging, etc. The pervasiveness and connectivity of digital technology, noted earlier, is reflected in a detailed discussion of methods for the isolation of mobile phones.
The concluding chapter touches upon some of the more recent developments in digital technology, including cloud computing and challenges posed to investigators by the “Deep Web” and other anti-forensic tools. Suffice it to say that every new digital technology and every new application will be vulnerable to criminal exploitation.
The book does suffer from a few minor editorial or typographical shortcomings: The names Sheptycki, Rustock, and Merrill Dow are misspelled. At one point, the reader is advised that “there can never be an ambiguous ‘yes’ or ‘no’ answer.”
Nevertheless, with its extensive references and a useful index, the book should serve as a helpful resource to those seeking a basic overview of the subjects covered. As intended, it should be of considerable value to law enforcement practitioners as an introduction to the field.
Peter Grabosky, Australian National University