Chapter 15 – The Public Policing of Cybercrime

What does 'policing' mean in this chapter?

The regulation of social behavior to enforce laws and norms, often carried out by state-directed police but also including other institutions.

What are the main challenges facing police in tackling cybercrime?

Under-reporting, anonymizing technologies, jurisdictional issues, large case volumes, limited expertise/resources, police culture, and secondary trauma.

What is under-reporting in cybercrime?

When victims fail to report incidents due to embarrassment, viewing it as trivial, believing police cannot help, or reporting instead to non-police entities.

What role do anonymizing technologies play in cybercrime?

They allow offenders to hide identities (via Tor, VPNs, bulletproof hosting, cryptocurrencies), making investigations difficult and requiring digital forensics.

What jurisdictional challenges exist for policing cybercrime?

Cybercrimes cross local/national boundaries, laws differ across countries, and agencies may prioritize cases differently, complicating cooperation.

What is meant by the ‘de minimis trap’?

Most online offences cause minimal harm to many victims, so they fall below the threshold for police involvement.

Why is case volume a problem in cybercrime policing?

Police face overwhelming numbers of cyber offences and huge amounts of digital evidence, creating backlogs.

What resource and expertise issues affect cybercrime policing?

Many officers lack cyber skills; specialized units are unevenly distributed, with larger agencies more likely to have them.

How does police culture impact cybercrime response?

Policing subcultures prioritize street crimes; many officers see cybercrime as low-priority unless it involves children or severe harm.

What is secondary trauma in cybercrime policing?

Emotional/psychological harm to investigators exposed to disturbing content, especially child exploitation material, leading to stress, PTSD, or burnout.

How has the US structured cybercrime policing?

Through specialized units and task forces (e.g., FBI, USSS, DHS, ICAC) with most resources devoted to child exploitation cases.

How has the UK structured cybercrime policing?

Agencies like the National Crime Agency (NCA), National Cyber Crime Unit, and CEOP, along with regional police cyber units.

How has Canada structured cybercrime policing?

RCMP’s Integrated Technological Crime Units and Technical Investigation Services, plus development of the NC3 to centralize coordination.

How has Australia structured cybercrime policing?

AFP Cybercrime Operations, state-level Cybercrime Squads, digital forensics units, and national coordination centers like JPC3.

What is the general cybercrime investigative process?

Receive report → triage → gather evidence → issue warrants → analyze data → identify suspects → arrest/interrogate → prepare case for prosecution.

What role do sting operations play in cybercrime policing?

Large, coordinated international operations (e.g., Operation H) that disrupt networks, rescue victims, and arrest many offenders.

What is digital forensics?

The collection, analysis, and reporting of digital evidence in a legally admissible way, often involving specialized tools (e.g., Cellebrite, PhotoDNA).

What tools are used in digital forensics?

Cellebrite UFED, Microsoft PhotoDNA, FieldSearch, OSForensics, write-blockers, Faraday bags, among others.

What is the main takeaway of Chapter 15?

Despite progress in training, international cooperation, and digital forensics, public policing still struggles with resources, priorities, and the scale of cybercrime.