How can we address the under-reporting of cyber-crime?
So what can be done to address under-reporting?
The police and government have worked hard and had some success in addressing this issue in other crime areas and it would be sensible to apply those lessons here. Raising awareness about why reporting is important is a good first step. The higher the number of incidents we know about, the greater our understanding becomes of the nature and scale of the problem. It can help inform policy makers, enabling them to develop effective responses to new and emerging threats. Higher reporting rates can also help us better understand the effect cyber-crime has on victims.
Raising awareness is also important in terms of managing the expectations of the public, particularly in relation to the role of Action Fraud, the centralised reporting centre for fraud across England, Wales and Northern Ireland. As a reporting body, it has no investigative capability – yet this distinction is often misunderstood. Public dissatisfaction with Action Fraud is clearly a factor in the low number of incidents reported to them. A rebranding of Action Fraud to become a ‘National Fraud and Cyber-Crime Reporting Centre’ is one suggestion that might help overcome confusion about its role.
There’s also more we can do about victim care. While the investigation of every allegation of fraud and cyber-crime isn’t operationally feasible (which may be due to the complexity of the crime or the location of the offender), there are some big gaps in victim support at a local level, with much of the investigative capacity focused at a regional or national level. A recent study by the Institute of Criminal Justice Studies at the University of Portsmouth, found that ‘computer misuse crime has similar, and in some cases a worse impact, than comparable traditional crimes such as burglary’. A review of the current landscape, including the training given to frontline officers would help build confidence and encourage a greater numbers of victims to report cyber-crime to the police.
Finally, the private sector also has an important role in encouraging people to report crime. The banking community and insurance sector in particular have worked hard to promote the importance of good cyber security among their customers. Taking this one stage further in helping their customers understand the importance of reporting incidents would help engender a cultural shift in reporting.
In summary, the growth in cyber-crime and the evolving threat from criminals seeking to exploit new technology means that it will continue to be among the top two or three crime types for the foreseeable future. While much of the focus is rightly on prevention by encouraging individuals and businesses to take responsibility in reducing their vulnerability, the police must be more joined up and work closely in partnership with others to improve the experience for victims of cyber-crime. If it doesn’t, to use a phrase from the Home Affairs Select Committee Policing the Future report (2018), ‘Policing is at risk of becoming irrelevant’.