Going back to the future to fight cybercrime
16 Aug 2022|

Over the past decade, Australia’s law enforcement community has increasingly taken the driver’s seat in developing new thinking for policing. While that’s likely to be challenged by officials from Dubai to London, Australia’s law enforcement agencies have invested heavily in research and futures thinking. While doing so, they’ve committed to a strict focus on leveraging new technology to protect and serve communities.

These agencies have been thinking about the future and technology to ensure they anticipate and prepare for emerging challenges. This investment is delivering new capabilities and increasingly qualified law enforcement officers. But does the digital age require a reimagining of policing itself, rather than a focus on simply integrating new technology?

In London in 1829, Robert Peel established the first police force. He instructed the Metropolitan Police of the day that ‘the principal object to be obtained is the prevention of crime’. Policing has, of course, changed a lot since those early days.

In autocratic states, police are, for the most part, primarily focused on protecting the state. In contrast, most police forces in democratic states are, at least in theory, focused on protecting the community.

The indicators to measure police performance tell a somewhat different story. For most Western law enforcement agencies, there’s a focus on seizures of illicit goods, arrests and prosecutions. For those law enforcement agencies with a direct community policing role, reported crime statistics trends are also important.

In practice, then, whether a police officer is dealing with an armed robbery or an importation of an illicit substance, the investigative process is relatively similar. Find or receive evidence of a crime within a specific, legally defined jurisdiction. Then collect evidence to prove the guilt of an offender that meets the burden of proof required by the relevant court: in Australia, that is beyond reasonable doubt.

Many law enforcement agencies have been innovative in finding new ways to follow this process. For example, the Australian Federal Police works offshore with its international partners to disrupt criminal networks, primarily through activities like intelligence-sharing, joint operations and capacity development. Police and law enforcement agencies also often undertake additional work to prevent crime, but that is a lower priority activity.

Digital policing presents a challenge to this paradigm.

A range of new and emerging technologies are making digital policing more difficult. From encryption and anonymisation to virtual reality and artificial intelligence, there are continuous and evolving challenges to law enforcement’s ability to collect information in an evidentiary form.

When cybercrime is detected or reported, it’s often a challenge to ascertain which jurisdiction the crime occurred in. In many cases, the location of the crime is not in the same jurisdiction as the victim and offender. This makes collecting admissible evidence increasingly more legally complex and resource intensive.

These are not altogether new challenges. However, investigations for even minor digital offences are increasingly complex and require the kind of international cooperation necessary for more serious offences.

Of course, criminals understand these challenges and identify them as vulnerabilities to be exploited.

A simple vignette illustrates the practical problems. If, in the real world, a person in a Canberra suburb witnesses someone walking up to their mailbox and stealing their mail, they can ring the Australian Capital Territory police. Subject to the availability of resources, officers will attend the house and take a witness statement. The victim will, if possible, provide a description of the alleged offender. The officers will collect evidence to identify an offender and then charge them or perhaps provide a warning.

In contrast, it’s often difficult for an individual to identify that they have even been a victim of a cybercrime. The victim usually has few details of the offender. Local police often can’t collect digital evidence and will require access to specialist investigative capabilities. These capabilities are finite, so the investigation is unlikely to proceed if the crime isn’t serious. In many cases, if the offender can be located, they don’t reside in Australia. Because of the costs associated with undertaking international police-to-police cooperation with a foreign jurisdiction, further investigation may be deemed not in the public interest.

While a simplified example, it does illustrate the scale of the issue. An obvious problem emerges when this is laid against the rapidly increasing rate of cybercrime. The problem is more than a question of resources. Increasing the number of successful prosecutions will mean more offenders face consequences for their actions. But will it prevent crime and make for a safer community?

I would argue that digital policing requires a focus on preventing cybercrime. And that the principal metric for measuring success ought to be crime statistics. In digital policing, agencies must look to achieve a bigger outcome than arrests; they must seek risk reduction and need to consider all new methods to pursue it. More broadly, governments and law enforcement agencies must look to redefine how they frame policing success in the digital age.

Of course, prosecutions should still be a tool for digital policing. Because of the cooperation required, police diplomacy and mutual legal assistance will also be necessary. However, the more significant focus should be on collecting victim-sourced information and intelligence that enhances our understanding of cybercrime and cyber vulnerabilities.

The central focus of a new digital policing paradigm should be on preventing crime through risk-, intelligence- and data-informed education and training. Police could then use investigative and disruptive techniques to achieve strategic effects rather than arrests. This more strategic digital policing model could be used to deliberately affect crime trends, such as by removing key facilitators in order to stop or delay the exploitation of specific vulnerabilities.

This new paradigm will be troubling for many victims of crime. But it should be no less upsetting than empty promises of retributive justice. However, it does suggest that communities will have to be heavily engaged in any paradigm shift in thinking.

For criminals, the message isn’t that cybercrime won’t be investigated or pursued. Instead, our digital police are taking a more holistic approach to cybercrime. Criminals should understand that a knock on the door from the police is still possible.

There’s no argument here that other parts of government should subsume digital policing roles. Instead, digital police should focus more on preventing and disrupting cybercrime than investigating and prosecuting offenders. Ironically, returning to an 1829 paradigm might be the key to digital policing.