Criminal Code: policing in the digital era

The digital age has re-shaped the meaning of crime. What once was one-to-one has become one-to-many, with the internet breaking down geographical borders, eroding ethical boundaries, and removing the physical trace that once made the take-down of criminals more straightforward.

Technology has outpaced traditional systems, leaving agencies facing new complex issues in an arena where the veil of digital anonymity has led many to believe they can commit the perfect crime.

Yet while it poses a difficult challenge, it also holds the power to enhance authorities’ capabilities, unlocking vast amounts of data and speeding up the push for global cooperation.

Holyrood’s managing editor Mandy Rhodes sat down with policymakers and senior policing leaders at the inaugural International Law Enforcement in a Digital Age two-day event, hosted by the magazine to coincide with the Interpol general assembly in Glasgow last week, to discuss how to navigate the balance between the challenges and opportunities.

Chair of the Scottish Police Authority Martyn Evans highlighted that Police Scotland was “behind the curve on technology”.

Brian Plastow, Scottish Biometrics Commissioner, pointed out that despite sparking privacy concerns, it was a “national embarrassment” that body-worn cameras had not been widely deployed across Scotland, while Evans added that not having them “puts more people through trauma, including police officers” and “clogs up the courts.”

Panellists emphasised how new cutting-edge technology, such as artificial intelligence, could revolutionise policing, enhancing the force’s ability to quickly sift through vast amounts of data to identify patterns and trends.

And as the nature of crime changes, so do the skills that are required to tackle it. Yet, perhaps unsurprisingly, the pay gap between private and public sector organisations has made the fight for recruitment even harder. Lord Walney, the UK government’s independent adviser on political violence and disruption, said offering better salaries had been his “overriding” recommendation in his Protecting Our Democracy from Coercion report, published in May, but suggested excessive red tape will delay any change.

“You have pay restraint within government that requires a very bureaucratic level of sign off at very high levels to pay anyone, typically, more than the prime minister … But in the tech world, it means that [when recruiting] tech experts, which you need to be an integral part of your law enforcement, you are negotiating with people who can literally offer 10 times the salary.”

To put that in perspective, the Treasury was looking for a head of cyber security last year, offering a salary of £57,000 a year. The average median yearly salary for a similar role in the private sector is almost £100,000.

If we have a collective effort here, we might actually achieve something, because no one agency can do something on its own

However, for Interpol’s executive director for police services, Stephen Kavanagh, law enforcement needs a “shift” in its mindset, whereby it sees the private sector as an ally rather than an enemy.

He said: “We are no longer alone in the fight against crime. We do it with the tech providers. We do it with the NGOs… More than ever, senior police leadership is about convening skills, convening insights, and that's the way that we are becoming more effective. If we think we can do it on our own, we'll fall flat on our faces.”

Richard Chambers, Interpol’s director of organised and emerging crime, admitted the involvement of Facebook in the investigation of the 2019 terroristic attack in Christchurch, where the murder of 51 people was live-streamed, was “critical”.  

He added it had led to the establishment of the Christchurch call, a multistakeholder initiative which called for law enforcement, industry, governments, academia and big tech companies “to come together better to share information”.

“If we have a collective effort here, we might actually achieve something, because no one agency can do something on its own,” Chambers said.

This push for co-operation was reinforced by Starmer, who at Interpol’s general assembly announced an additional £75m for border security, pledging to increase international collaboration to help meet the challenge of people smuggling.

However, while the internet has seen a shift in power from policymakers to social media giants highlighting their role in the fight against online crime, these firms have often been criticised for punching below their weight when controlling the content in their platforms.

Criminals are moving at the speed of the internet, and we are moving at the speed of international law

Graeme Biggar, director of the National Crime Agency (NCA) said: “What we all see in our phones is the extent to which algorithms radicalise you and feed more and more of the same [content]… We have to put the onus on the tech companies to stop the harm”.

And the lack of physical trace behind tech-enabled crimes often means they become “victimless”, Jude McCorry, chief executive of the Cyber and Fraud Centre, pointed out, as those targeted report feeling stressed or anxious and blame themselves for the harm done.

She continued: “We don't treat the victims of cybercrime, or cyber-enabled crime, the same way as we would treat somebody who was a kidnapped or assaulted on a street.

“We had a fraud [case] for £2.5m, and the woman blamed herself on every single thing that she did… It's not your fault. We have to make sure that people do realise that they are victims of crime, and also that they do report it. Just because it hasn't physically happened to them, it doesn't mean that it shouldn't be reported to police. If it's not reported, we don't have the intelligence, we don't have the proper reports into the police, and we don’t know how big this problem is.”

Another major issue raised across panels was the divide between regulation and technology – a race where the slow pace of lawmaking struggles to match with the evolution of technology. And while some legislation might be attempting to keep up, such as the Online Safety Act which was passed a year ago, others need a “massive rewrite”, Biggar said, namely the Computing Misuse Act, which he described as “woefully out of date”.

The bill, which criminalises unauthorised access to computer systems and data, and the damaging or destroying of these, was passed in 1989, and has since not been updated, despite the world witnessing an “unprecedented surge” in cybercrime, as put by Interpol’s cybercrime director Neal Jetton. In Scotland alone, according to an exclusive poll by Holyrood, almost half of public sector technology leaders have suffered a cyber-attack in their workplace.

Biggar said: “Criminals are moving at the speed of the internet, and we are moving at the speed of international law… At the moment, we are still stuck, and forever will be, I think, in our sovereign state jurisdictions, and we’ve got to find a way to move away from this. Just to give an example, so often we [the NCA] come across crimes where the victim is in one jurisdiction, the suspect is another, the data is in a third, and it's then moved from a server in one country to a server in a fourth, and then the money that has been extracted is laundered through three different countries before ending up somewhere else. And that all happens at the touch of a button. And we actually go through bylaws and other mechanisms to tackle the matter, and it just doesn't work.”

On the lack of consistency across borders, former chief constable of Police Scotland Iain Livingston added: “We know, in a threat such as human slavery or human trafficking that is by definition pan-border, having nuances or differences simply for the sake of differences really doesn't protect victims and really doesn't protect the interests of communities. So that need for alignment and that need for consistency is crucial.”

We are therefore calling for it [online child abuse] to be treated as a global health pandemic similar to Covid

Former chair of the Independent Inquiry into Child Sexual Abuse Alexis Jay called out the government for failing to adopt the recommendations set out in her report into wide-scale abuse of children in Rotherham, which advocated the adoption of mandatory reporting of child sexual exploitation and abuse concerns.

She said that while there was some support for this from the previous Conservative government, and Labour had expressed support prior to the election, the report was yet to be implemented. Jay criticised the provisions in the Criminal Justice Bill, which fell due to the timing of the general election, saying it did not go far enough, but added there was “an opportunity here for Scotland to do this”.

The urgency to bridge the gap was echoed by Paul Stanfield, head of Edinburgh-based global child safety institute Childlight, who compared online child sexual exploitation and abuse to Covid, saying it "it mutates and adapts to our efforts to stop and prevent it".

However, adding to Jay’s point he said a law enforcement response alone was “not the solution". "It requires a more holistic, global approach and demands a level of investment similar to a global pandemic such as Covid. We are therefore calling for it to be treated as a global health pandemic similar to Covid."