organised crime and recent legislation in the UK

This week we look at organised crime: a type of crime which is often able to use physical violence and economic power to obstruct the criminal justice agencies in various ways. In addition, new varieties of organised crime making use of global computer networks and malicious software programs (cybercrime) can frustrate the criminal justice agencies by virtue of the complexity and secrecy of the criminal activity in which they engage.

Firstly we shall deal with organised crime in general and focus on the exercise of physical and economic power. Then we shall focus on some of the issues arising from cybercrime

Organised crime

We won't go into detailed discussion of nature of 'organised crime' as here we are interested in its effect on criminal justice (there is a whole course on organised crime on my website) but we can give a rough and ready definition of organised crime as 'organised groups of individuals engaged in continuous criminal activity over time whose aim is some combination of monetary profit and political power.

Obviously the type of organised crime varies between different countries. The type of organisation is, for example, very dependent on the strength of the state and its law enforcement agencies and their capacity to combat criminal organisation in a country as a whole or in some of its regions and cities.

Where these are weak then organised crime may be relatively well organised, operate in the open in the sense that many of its members will be known and feared or 'respected' more that the state authorities. This was the case with the old Sicilian Mafia. It was also true of the American Mafia until relatively recently in some of the big cities of the US

In countries with strong states and law enforcement agencies - such as the UK and Northern Europe - then organised crime tends to keep a low profile. It's leaders are less likely to seek political power and social status and more likely to concentrate on making money and remaining in the shadows. Much organised crime also has a network character. For example the global trade in drugs trafficking may involve, in a country like the UK where illegal drugs are consumed rather than manufactured, relatively small groups of people importing and selling drugs in a relatively decentralised way. Their connections with each other are more likely to be mobile phones and encrypted emails rather than any regular meetings of a 'mafia council' where the 'boss' will give out instructions

Nevertheless, even such relatively decentralised networks of criminals will have an interest in protecting their drug sales pitches and therefore at a local level will be interested in making sure that the public and local community do not create 'problems' by giving information to the police. Meanwhile more powerful criminals who import and store illegal drugs from clandestine contacts abroad may have the resources and the incentive to attempt to corrupt or even intimidate law enforcement officials to 'look the other way' when important shipments of drugs are arriving.

2. make a lot of money as a result of their criminal activities

Broadly speaking we can consider two types of organised criminals who make money

- predatory criminals: bank robbers, fraudsters and other skilled violent professionals who basically engage in sophisticated high value theft

- traffickers: in such activities as illegal drugs and people smuggling and the smuggling of many other illegal or stolen substances

The profitability of such crime raises issues such as money laundering (global electronic transmission of funds through numerous bank accounts to disguise their criminal origins. From the standpoint of the criminal justice system crucial evidence of criminal activity can be erased by such means.

Additionally, some of the profits of organised crime can be channelled into the bribery and corruption of police and criminal justice agencies.

3. have access to clandestine networks, including the increasing use of computers and information technology,

These will be used to make their activities - particularly the storage of the proceeds of crime, such as the money from drugs sales - as invisible and as hard to trace as possible by the law enforcement agencies

So lets look at how some of this impacts on criminal justice.

The willingness to use or threaten violence and the profitability from robberies or illegal drugs (or other types of) trafficking- can be regarded as resources at the disposal of organised crime some of which can be used to 'protect' their activities against the public, against victims, and against the criminal justice system and law enforcement agencies

I. Obstructing the participants

Lets look first at how these resources can be used to obstruct the criminal justice system firstly, by influencing the behaviour of key participants in the criminal justice process (remember our discussion of the 'square of crime')

Let's look at three groups of people whose participation is essential to the criminal justice process

1. witnesses and victims crucial in giving information to the police or evidence in court

To understand the impact of some of the issues here we must be clear about the nature of the criminal trial process, especially in the English criminal justice system. Firstly there are several elements (some of them shared by all jurisdictions) which are held to be crucial guarantees of a fair trial

The jury plays the role of key audience for the adversarial process: convincing 12 ordinary people like yourself of your guild has been historically held to be one of the fundamental bases of a fair trial and fundamental to civil liberties because it:

(a) forces the prosecution to state its case in simple terms so ordinary people can understand it
(b) prevents collusion by the various branches of the state - the judges, police and government - to fit people up

From time to time there is criticism that juries are ineffective and come to 'wrong' decisions. Recent research sponsored by the Ministry of Justice refutes this and emphasises that juries are fair

Two main threats to this from powerful offenders are:

Witness intimidation

Organised crime groups and even quite localised criminal gangs may commit serious crime and subsequently intimidate or threaten both the victims and potential witnesses such that the investigating police officers meet with a 'wall of silence' when they try to get information, yet alone persuade members of the local community to appear in court as witnesses for the prosecution

Read my essay on Powerful Offenders - particularly the section on 'witness protection programmes' which gives some general details on witness protection and slso gives links to newspaper archives which discuss a very well known case in Leicester in 2005 of a drive-by shooting of Birmingham teenagers Charlene Ellis and Letisha Shakespeare, Four men were convicted on basis of testimony by 'Mark Brown'. But it was only possible to get him into the witness box under the following conditions:

- his name was changed to protect him

- he gave evidence from behind a screen, his identity not revealed to the defendants or their barristers.

-his voice was electronically distorted and had a 15-second time delay set up so that his testimony could be broken off if he said anything which might have identified him.

The police and CPS were encouraged and hoped that the case 'set a precedent' and would encourage more people to come forwared who were otherwise terrified of reprisals

But defence lawyers protested at the measures, claiming they meant they could not cross-examine Brown properly (and by implication, how could the jury come to a correct decision if had not heard proper cross-examination

In June 2008 the convicted started an appeal after the House of Lords had ruled that a killer convicted through anonymous evidence did not receive a fair trial

Here is a more recent press report of a situation where the police and prosecution failed to protect a witness. The result was that he and his family had to move out of the area to avoid reprisals by a criminal gang. The police and CPS paid the family £550,000 in compensation

2. jurors, whose job it is to listen to the presentation of evidence by prosecution and defence in court and arrive at a decision, guilty or not guilty

Intimidation of - or attempts to bribe - jurors are not new. Bribery of jurors (ordinary members of the public summoned by the courts to form the jury which hears the evidence and decides whether the accused is guilty 'beyond reasonable doubt' in Crown Court trials. Some criminals may be able to discover the home addresses, addresses of family and relatives of members of the jury and either issue threats or attempt bribery

Attempts to intimidate jurors led to the introduction of majority verdicts in the Criminal Justice Act 1967, so that there could be a conviction even if one or two jurors disagreed.

During the 1980s, several trials had to be stopped, one after seven months. In 1983 eight people were convicted of trying to bribe jurors and were jailed for between 18 months and seven years. One of them, a certain George Francis is alleged to have offered £100,000 to nobble the jurors while another defendent, John Goodwin, was found guilty of approaching at least four and up to eight jurors in his trial on £1.25 million burglary charges

The Criminal Justice and Public Order Act 1994 created an offence of intimidating or causing, or threatening to cause, harm to a juror or witness, punishable by up to five years in prison.

There was concern, however, particularly in cases of organised crime that sophisticated criminals were able to intimidate or bribe jurors

The Criminal Justice Act 2003, which made judge-only trials possible. Section 44 allows a trial without jury to be applied for if there is evidence of a 'real and present danger' that interference with the jury would occur and other security measures, such as jury protection, would not prevent criminals exercising pressure.

But at the Old Bailey in June 2009 we saw the beginning of the first judge-only trial for about 400 years

The context is that four alleged serious criminal are accused of conspiracy to rob a cargo warehouse at Heathrow airport in 2004. There have already been three trials - the last collapsed in 2008 after a serious attempt at jury tampering. So the Lord Chief Justice allowed a judge-only trial to proceed. It was considered that jury protection was just too expensive

The defendents lawyers claimed this was a 'fit up' and the so-called evidence of jury tampering was given by police to judges behind close doors so it couldn't be challenged

This shows the problem - how do you challenge the evidence of a 'clear and present danger' of jury tampering properly without a jury?

To add some colour to this case a few days back (on 18th February 2010), one of the key defendents, Peter Blake, absconded from the Old Bailey. He left the court after getting permission to consult his lawyers!

It has to be said finally, that governments in recent years have had a generally negative attitude to the jury system, regarding it as costly. There have been numerous attempts to restrict the role of the jury (e.g. by reducing the range of offences for which the defendand can elect for jury trial from the Magistrates Court)

3. police officers, usually detectives, and prosecutors, trying to track down organised criminals and bring them to trial.

police corruption

In some countries organised crime will think little of assasinating police or judges (often including their families and relatives) who get in its way. In the UK we think of this type of threat as applying mainly to civilians - witnesses and jurors - rather than police or judges.

As regards police officers the issue in the UK is generally, to the extent that it exists, a matter of enticement, or positive encouragement through bribery rather than intimidation, to 'look the other way' or provide information about how far the police are on the tail of criminals or even to share in the proceeds of criminal activities

Police corruption of this type in the UK is generally confined to the lower levels of the organisation. It concerns individual detectives rather than Chief Constables. It is not a new phenomenon. In the late 1970s Sir Robert Mark, Commissioner of the Metropolitan Police removed almost 400 officers from his force. In the late 1990s, Sir Paul Condon, the Commissioner at the time, initiated a similar operation against corrupt detectives colluding with organised crime

Just recently the specialist police organisation the Serious Organised Crime Agency (SOCA) has turned its attention to issues of police corruption. A recent report on this from the Guadian newspaper contains the alarming conjecture that:

"Anti-corruption investigators are becoming increasingly alive to evidence that organised criminals have planted associates with no criminal background into police forces to provide influence and information."

This brings into mind similar suggestions that organised crime groups are now so sophisticated and wealthy that they are sending young people to university to study computer science so as to be better able to build computer software for such purposes as identity theft.

- increasingly stringent vetting of applicants at the recruitment stage, both into the police force itself and at entry to the detective branch

- the use of elite specialist squads of 'uncorruptibles' within the detective branch for certain areas of work

- an effective internal anti-corruption squad within the police tasked to investigate and gather evidence on suspected officers

supergrasses and informants

Police and prosecutors can of course attempt to counter organised crime by trying to recruit members of these groups to become agents and informants.

Basically there are two varieties: either members of the criminal organisation volunteer information to the law enforcement agencies or the latter send in their own members as 'undercover' agents into the criminal organisation. These methods are quite traditional and do not of themselves compromise civil liberties or directly interfere with the process of court trials

There has been much in the news recently (February 2012) about the work of police undercover officers, not so much in connection with organised crime but with police infiltration of political groups. Nevertheless cases such as that of Mark Kennedy illustrate the sorts of things that can go wrong with police undercover operations

The 'supergrass' is someone who originates from the ranks of the criminal organisation itself. Hence the origin of the term lies in 'grassing' or betraying your associates. The Italian term pentiti literally refers to the 'penitent' or someone who has decided to repent for his criminal activities by offering a service to the law enforcement agencies. The supergrass is one of a number of types of informants from the criminal (or terrorist) underworld who gives information to the law enforcement agencies.

motives vary - might have 'had enough' or post-arrest decision to collaborate in return for expectation of a reduced sentence

informants do this secretly and remain active inside criminal organisations undercover agents in a more or less identical way to a member of the law enforcement agencies entering the criminal organisation in disguise. Here the problem is always that in order not to 'blow their cover' such individuals may have to commit crime

The use of supergrasses and informants do not directly change the working of the trial system. Their evidence can still be cross-examined by defence in open court in front of a jury - though there may well be issues of protecting identity against later reprisals.

One issue is however the reluctance of juries to believe the evidence of individuals from the same criminal subculture or organisation as the accused. Such individuals might be assumed as having scores to settle, or simply distorting the truth in return for a lighter sentence. The defence will try to stress these issues to discredit the testimony of such witnesses

Recently (February 2012) , there has been some considerable discussion of the problems in using supergrass evidence. The issues have concerned the reliability of evidence from such sources and also the combination of the reliability of supergrass evidence in relation to the costs involved in cultivating supergrasses to collaborate with police and prosecutors

II. Destroying the evidence

In the present period governments and criminal justice agencies in most jurisdictions consider that measures to impede the 'laundering' of the proceeds of crime - to be of the utmost importance. Once criminal profits have been effectively laundered - their precise origins have been disguised through transmission through various bank accounts around the world - then it is impossible to use their existence as evidence of criminal activity. Criminals aim to make their wealth appear as legitimate income and their are some very sophisticated ways of achieving this. In court trials it may be very difficult for prosecution to prove beyond reasonable doubt that such assets are the proceeds of crime.

A response of governments which has been regarded as in many ways a dangerous precedent is to change the nature of criminal proof in trials in which the financial proceeds of crime are at issues

The consequence of this type of thinking can be a frontal assault on due process. This may involve a number of things such as:

Some of developments have been in existence for some time (in the specific area of anti-drugs trafficking legislation). These are matters of concern to civil libertarians and lawyers who see classic principles of due process being undermined. The most recent important legislation, the Proceeds of Crime Act 2002 strengthens and generalises these developments.

Proceeds of Crime Act 2002

1. criminal lifestyle

Normally, after a criminal conviction for, say, drug dealing, the prosecution can apply for a court order to seize the assets of the convicted criminal. Since the 1980s it has been possible for prosecutors to regard the entire assets of the convicted person as having been derived from crime. The 2002 Act extends this for all offences for which a convicted person might be seen to benefit economically (e.g. bank robbery) if it can be established that they have a 'criminal lifestyle'. A criminal lifestyle can be acquired in various ways including by having had certain previous convictions of a similar nature. Critics argue that this introduces the principle of allowing previous criminality, for which the individual has already been punished, impinge on the current offence (by making it possible to confiscate all assets). This principle, you may recall from our discusssion of rape trials, was conceded in the case of rape in the specific form of similar fact evidence.

2. civil recovery

The second principle introduced by the Act is called civil recovery. This refers to the fact that the prosecution can now apply for a confiscation order from the criminal courts while only having to argue that on the civil law standard of balance of probabilities the assets in the possession of an individual are the proceeds of crime. It is up to the individual concerned to demonstrate that they are not the proceeds of crime. This both lowers and reverses the standard of proof. But, here is the sting in the tail, this procedure is quite independent of any actual criminal conviction in the courts. Thus in one case in Scotland, soon after the passing of the Act, an individual who had been acquitted of drugs trafficking because the prosecution could not provide evidence to convict him beyond reasonable doubt in the criminal court, nevertheless had his assets confiscated because the Procurator Fiscal (the Scottish prosecutor) argued successfully that on the balance of probabilities his assets were the proceeds of crime.

3. a duty to report and observe

The third process that the Act introduces, and again it is extending and consolidating practices that date from the 1980s, in the duty of people who work in the Financial Services sector (which includes not only banks but exchange bureau, estate agents, solicitors etc.) to report 'suspicious' financial transactions. What is new is that they are liable to criminal prosecution if they do not.

Serious Crime Act 2007

The idea of criminal lifestyle we find embodied in a more recent piece of legislation, the Serious Crime Act of 2007. This Act enables the imposition of serious crime prevention orders in which the High Court if it is satisfied that the person has been involved in serious crime and has reasonable grounds to believe that such an order would protect the public, These grounds are formulated in terms of the lower, civil standard of proof 'on the balance of probabilities' rather than the criminal standard of 'beyond reasonable doubt' and the criteria for having been involved (on the balance of probabilities) in serious crime includes that the person has "conducted himself in a way that was likely to facilitate the commission by himself or another person of a serious offence, whether or not such an offence was committed."

The order imposed by the court may include restrictions on your property and financial activities, premesis to which you have access and other restricitions.

These orders should be seen in the context of Anti-social behaviour orders (ASBOs) under the 1998 Crime and Disorder Act and subsequent legislation and also Anti-Terrorist Control Orders under the 2005 Terrorism Act. We shall deal with these in the next session. What these forms of restriction do is not only introduce the lower standard of civil proof into criminal jurisdiction, and, as we have seen in the case of the proceeds of crime, the reverse burden of proof, they also arguably introduce as principle of 'pre-emptive criminalisation' that restrictions may be imposed on you not as the result of having been convicted of a crime in the courts (beyond reasonable doubt) but in order to prevent you committing an offence, the grounds being that in terms of your previous behaviour you are likely to do so.

It is not difficult to see why civil libertarians are concerned about these developments

conclusions

What we are looking at are some of the ways in which the criminal justice system seems dragged away from due process when the priority becomes that of making the system an 'effective weapon' in the fight against powerful criminals. This, critics argue, can easily compromise the other fundamental task of the criminal justice system: to deliver justice.

Critics do not usually deny the gravity of the activities of organised crime but rather urge us to consider other ways of dealing with the problems

In the case of drugs trafficking we should rather concentrate on being 'tough on the causes of crime' and tackle the poverty in poor countries which makes it so profitable to grow heroin and cocaine. Also many urge the legalisation of drugs. This debate is well known and we need not consider it further here.

Another argument is that trying to separate out the proceeds of crime from other funds is so fraught with difficulty that, despite all the legislation mentioned above, little will be achieved. But it is much easier to identify untaxed income. This is the Al Capone issue. People like the Canadian economist Tom Naylor argue that energy would be better spent tracking down income undeclared for tax and then issuing stiff tax-arreas order. This would net in a lot of criminal money but would not have the bad effects on the criminal justice system noted above.

You can read more about these issues in my specialised organised crime lecture here

The problem of cybercrime, to which we now turn, is very much a problem of the illusive and difficult nature of the gathering of evidence sufficient to secure a conviction rather than being a problem of witness intimidation or police corruption

The Problem of Cybercrime

In criminology 'cybercrime' is becoming very much a separate topic to organised crime but essentially we are talking about groups of criminals whose main form of organisation is the computer network and whose main weapon is also the computer program. It is useful to distinguish three types of usage of computers and computer networks in criminal activity.

1. computer as accessory:

To a certain extent 'cybercrime' is a meaningless term or rather it is trivial, referring to the fact that quite orthodox forms of theft and crime use computers and the internet just as they might use firearms or safe-cracking equipment

Thus existing criminal groups - drugs traffickers (who buy in computer expertise) use encrypted email, and closed underground virtual networks to hide their activities; online pornography groups use secret servers to store illegal material. Secret websites and torrent sites may enable P2P illegal file sharing as mechanisms for communicating data

But even with classic forms of crime such as fraud and theft, the use of computers has created new forms of criminal organisation and new problems for the criminal justice system. Also computer technology has changed the relationship between victim and offender. We are becoming increasingly dependent on computuerised systems the working of which the average citizen and potential victim may know increasingly little.

2. computer as target:

The earliest types of computer crime that came to the attention of the authorities were forms of 'vandalism' or damage to property. The weapon was the computer virus, a malevolent program which, when introduced into a network or a single computer, would render them inoperative by, for example, distorting the monitor image, trashing the files on the hard disk and a variety of other disruptions. The writers of virus programes were less likely to be anything to do with organised crime (or terrorist) groups than simply 'rogue programmers', frequently in their teens, showing off their programming abilities. But of course in the hands of serious criminals the virus could become a device for extortion and blackmail: "pay us a large sum of money to avoid having a virus introduced into your system which will erase all your files..." Such a threat can be very real to a bank or large company, an electricty power grid or air traffic control system - all of which rely heavily on computer technology for their operation.

Another early form of computer crime was Hacking, that is, the unauthorised entry into some-one elses computer system or network. Many early hackers were pranksters who got past the various security firewalls and password protected sites just to show that it could be done. They were sometimes then hired by the companies they had hacked into to show how it could be done and so help to improve the security systems. One of the most celebrated early computer hackers was Kevin Mitnik whose exploits included unauthorised access to the computer system of large corporations. Although guilty of several criminal offences, Mitnik was in no way associated with systematic organised crime. But again, in the hands of the serious criminal or terrorist or espionage agent, breaking into someone elses secure computer system can be the basis important criminal activity ranging from theft of information, theft of finance, to disruption and breakdown of systems similar to the effects of a virus.

Another form of attack on computer systems about which we have heard a lot recently is the Distributed Denial of Service Attack (DDoS) This is a sophisticated method whereby the attacker is able to take over or 'capture' a number of computer systems from almost anywhere, and use part of their processing power to sent internet communications, usually requests for information, in such quantity that the target computer becomes overloaded and collapses under the strain. Again, terrorists would have a potential interest in using this method to disable electricity grids, radar systems and even the computerised regulation systems of nuclear power stations. There is much discussion of the threat of 'cyberterrorism' and 'cyberwarfare' which we shall ignore here. Organised crime, aims rather at money making. There is very little money to be made from disabling systems as such. But the threat of such disablement can be a major source of extortion in which criminal gangs may see as lucrative. Banks and e-commerce sites (think Amazon or any of the big online retailers) may pay be persuaded to pay 'protection' to cybercriminals to avoid the risk of having their entire database of confidential customer information wiped out, or maybe put to some other use.

Actually, it seems that as far as DDoS attacks are concerned, according to the statistics, political activists are currently (February 2012) more important than organised criminals or terrorists. We saw, for example, the Wiki-leaks website which has revealed thousands of documents of secret information, much of it US diplomatic dispatches. The highly embarrassed US government has an interest in closing down the Wiki-leaks website and in the bringing of criminal charges against it's organiser Julian Assange. Various important on-line commercial and banking websites including Amazon, Visa, Mastercard and PayPal, obligingly refused to accept donations from supporters around the world to be forwarded to Wiki-leaks. A group of activists known as Anonymous effectively mounted DDoS attacks on these sites and rendered them useless for up to 24 hours. Anonymous is part of a new generation of 'hacktivist' radical movements using computer technology for radical political purposes. Anonymous recently hacked a security conference between the London Metropolitan Police and the American CIA and uploaded it to Youtube!

But we digress, our focus here is on criminal, not political or other activities using computer networks

3. the computer as an instrument of crime:

It is this aspect of computer crime which has now become increasingly identified as the focus of cybercrime. Traditional organised crime groups turning to new methods are being joined by entirely new criminal groups and individuals dedicated to making money through the use of computers as an instrument of theft and fraud.

There is a rough continuum of methods of committing such computer-assisted theft. At one end is the direct approach to the central computer systems of banks and e-commerce organisations such as Amazon and e-bay and at the other end is the approach to the individual customer or user of those systems

Hacking directly into banks and financial organisations

At one end of the continuum is the method of directly hacking into the computers of banks or other financial institutions and moving money out of accounts and transmitting them to another on-line bank account controlled by the criminals. The individual user or customer is entirely outside the process which is one of direct robbery of funds from the organisation through hacking methods.

The theft of credit card or customer account details is next along the continuum. If a hacker penetrates the organisation's central computers they may not be able to directly divert funds but they may be able to steal details of customer accounts. They are then in a position to perform transactions by impersonating individual users. The individual user will then find to their surprise that there are records of transactions on their credit cards or customer accounts which they did not in fact make. Occasionally, as we know all too well, employees of the organisation may lose laptops or CD ROMs which contain sensitive data on individual accounts.

These days bank and e-commerce sites spend a lot of time on security. The more secure the central computing systems of the banks, financial and e-commerce institutions the more the criminals move further along the continuum towards you the user. The focus moves towards stealing your details from you or your personal computer so that the criminals don't need to worry about hacking into the central computer systems. They can simply pretend to be you. The criminals are aiming to steal all or some of the following

Approaching your computer

This, in many ways, is the opposite of virus writing - modern cybercriminals do not want to wreck your computer, on the contrary they want it to work so that you think everything is working normally only it's not! You are, without being aware working for them. The form of malware (malevolent program) deployed is usually called a trojan or trojan horse. To take a simple example. You download a file to your PC (maybe a music or video file) or you visit a website - the more dubious the website the more likely this is to happen - and in fact you have downloaded without knowing it a program which was included 'free' in your download! This free program is not visible to you. It is a 'key logger', that is to say a program which secretly records every key press you make on your computer keyboard. It then periodically send this record to a website which will be run by, or to which the cybercriminals have ready access. One day, as you log into your on-line banking facility with your password or type your credit card details into a perfectly honest e-commerce website to make an on-line purchase it will all be recorded and sent to the criminal website. They will then be able to log on later and pretend to be you.

Approaching you directly

Finally, at the end of our continuum, the approach is made directly to you in the sense that rather than installing some secret trojan on your PC, the criminals rely on your own actions to give them the information about your that they want.

They may for example set up a website which has a front page identical to that of your bank. They will intercept and divert to this new page internet calls to the bank they have selected. You think you are logging on to your bank but in fact you are logging on to a completely different website, run by the criminals. You are giving them your password and other details

A variant of this is known as phishing. You may receive an email which looks as though it comes from your bank or credit card company. It may say something like 'due to upgrading our systems you are required to re-register your account details. We apologise for this inconvenience. Please click here.' The whole thing rests on your being stupid enough to believe this is an actual email from your bank. In fact, as you should know, your bank would never send such an email asking you to re-enter your password, date of birth and heaven knows what else. The bank would write to you first and inform you of the situation.

Even when you are not using your PC directly, you may be typing in your debit card PIN when you take cash from an ATM (automatic teller machine). Criminals may set up surveillance so that they can see the PIN number that you type in and then use this to 'clone' your debit card and steal money from your account

This is simply a rough approximate outline of the varieties of cyber crime which focus on theft or fraud. But our main focus here is on the problems this type of cybercrime poses for the law enforcement and criminal justice agencies

Problems of policing and prosecuting cybercrime

Although a variety of organised crime, the type of cybercrime we have been discussing is in many ways quite different from, say, drugs trafficking or protection rackets. As we noted, even the most amorphous trafficking network needs 'boots on the ground' at various points in its operation. Illegal drugs like heroin and cocaine are physical goods, they must be refined and manufactured in laboritories, stored and tranported and eventually sold to addicts on the streets. The most easily arrestable, from the police point of view, are the street level dealers and workers who are "socially embedded" in their communities. In these communities ordinary people will see something of the criminal acitivity and hence need to be deterred from giving information to the criminal justice agencies.

The activity of penetrating computers, stealing money from online bank accounts and transferring it to other online bank accounts has no aspects which cannot, in principle, be conducted at the computer screen in some well hidden and protected location. As David Wall, a criminologist concerned with cybercrime puts it"

"internet crime is by nature largely individualistic and, despite what many commentators say, resists the clutches of traditional organised crime as much as it does the state (police). Instead, we experience new forms of organised crime that is networked rather than socially embedded." (more here)

Cybercriminals can be collections of individuals linked only by internet connections and the various types of computer technologies available for making those connections as invisible as possible. Some may specialised in programming - writing the programs for trojans or setting up websites for phishing. Others may specialise in hacking into secure networks. There is specialisation and individuals will sell their services to one another. Cybercriminals may link up with networks already in use by drugs traffickers. Money stolen by cybercrime may be laundered through the same channels as drugs money. They may form groups and meet occasionally. But the cybercriminals do not normally have to show their faces in public as criminals. A person on the train carrying a laptop does not appear out of the ordinary.

This poses severe problems for the law enforcement agencies. If we look at the problem in terms of the four participants in the 'square of crime' we can say that in cybercrime, the square hardly functions: the offender is almost invisible except to the most skilled detective trained to pay attention to computer network traffick; the victim is often unaware of the offence being committed until well after the damage has been done; the surrounding public or community has virtually no information to given to the police. Occasionally an attentive computer network manager in a bank or other organisation may notice that something odd is happening but rarely ordinary members of the public. To cap it all many key victims, especially large commercial organisations, may be very reluctant to report the crime or collaborate with police. We can elaborate further the most important aspects of this

The invisibility of the offender

The invisibility of the offender in cybercrime is in fact a combination of two things. Firstly, as we have just noted, the cybercriminal is less likely to have to show his face in public - unlike for example the drugs trafficker. But an additional consequence of the global networks within which cybercrime operates is the phenomenon of being location in one area of the globe while committing the crime in another.

In drugs trafficking for example, the growers and refiners of illegal cocaine or heroin will be located well outside the UK. Traffickers usually transport the drugs through a number of states before reaches street sellers in London or Brighton. But the point is that in each of the countries involved drugs will be sold, there will be drug dependency and although they may differ in how far they criminalise the individual user, the criminal justice systems of those countries will have criminalised trafficking and the production of drugs. Thus there will be no legal problems in police forces and prosecutors collaborating between, say, Colombia, Italy, The Netherlands and the UK. Such global police operations do indeed take place on the basis of information gathered from penetrating the drug traffickers communication networks.

But with cybercrime things are different. Firstly, computer networks are sufficiently recent developments that legal harmonisation between countries has still not yet occurred. In some jurisdiction the mere act of hacking - of gaining uninvited access to a computer network - is a criminal offence while in others an offence is only committed if some actual destructive activity - such as deleting files or stealing information - can be shown. This impedes international collaboration between different countries each with their own criminal jurisdiction.

Secondly, if you are located in the UK and you commit an act of hacking a computer located in the US (we'll give an example of this below) then you have committed a crime in the UK (under the Computer Misuse Act 1990 - this approach is also urged on member states of the European Union by the EU Convention on Cybercrime 2001). But this is not true in many parts of the world. If you do no local damage then the law enforcement agencies may not be very interested. This is beginning to change as some of the examples in the yellow boxes below illustrate

Much of the expertise in hacking and designing trojans, devices for obtaining credit card information and similar programs, originated in Eastern Europe in the last decades of Soviet rule. As long as cybercriminals were committing their offences against computer systems in Western Europe and the US the KGB (the feared Russian security services) were not particularly bothered. That is less the case today as Eastern European countries are developing relations with, or have become members of, the European Union.

But what is an issue is that many companies which provide financial or media services and who store your bank details when you enter into a direct debit agreement have, for reasons of cost, outsourced many of their help lines and account management services to countries such as India or other states in the global south. So, for example, if you want to change your cable TV subscription in Brighton you phone the help line and you are put through to a call centre in India. the operator can change your subscription (e.g. to a faster broadband package) and will make the adjustments to your direct debit. In other words your direct debit details with a UK bank are, in theory, accessible to someone in India, or another state, who has not been vetted by either your bank or your cable TV provider. From time to time this situation gives rise to concerns about security

The difficulty of attributing the offence to the offender

A further problem quite unique to cybercrime is that one of the techniques used is to take over someone else's computer and use it for criminal purposes without their knowledge. If your PC is not particularly secure (you do have up-to-date anti-virus software on your PC don't you? And these days you need one for your Mac as well!) you may inadvertently download a trojan horse program (see above) which takes over part of your computer and uses it, when you go online, to download illegal pornography and then send it somewhere else. This is a good way for the porn merchants to cover their tracks but may render you liable to prosecution as the police trace the original download to your computer. Your defence will be that it all happened without your knowledge and intervention: it must have been the work of a trojan program. But the police computer forensics people can find no evidence of a trojan on your PC. But some trojans are programmed to self-destruct after a certain period of time... You get the picture? The actual attribution of criminal responsibility beyond reasonable doubt become very difficult. Read the material in the box below about two UK cases in recent years. Don't worry about the technical details. But if you can grasp the basic issues then you have a good understanding of the general obstacles to successful convictions in cybercrime cases

Reluctance of the victim to collaborate

The final obstacle to successful prosecution in many cybercrime cases is the reluctance of the victim to report the offence to the criminal justice agencies and collaborate in investigation. But this is not due to fear of reprisals from the offender but a fear of loss of customer base. In terms of the 'square of crime' we are talking about the victim's belief that they will be penalised by the public if they report the offence. The issue is simple. You bank does not want you to know that it has been the victim of several recent hacking attacks which have stolen your account details or simply moved money out of your account. If customers know this they may conclude that this bank simply does not take security seriously and will be minded to transfer their accounts elsewhere. The bank would rather put the money back into your account at it's own cost and leave it at that. The last thing it wants is the police electronic crime unit - and the journalists not far behind, looking into the bank security system.

For this reason collaboration between police and financial institutions in such cases is quite a recent development. In the UK not until 2009 was the first major collaboration between the financial institutions and the London Metropolitan Police electronic crime unit. In a major case involving collaboration with US and Dutch law enforcement agencies several members of a gang based in Eastern Europe and using trojan programs to siphon money out of UK banks. There have been other cases, and you can read something about them in the box below

notes on organised crime and cybercrime

Introduction