Select Committee on European Union Minutes of Evidence


Memorandum by the Association of Chief Police Officers Computer Crime Working Group

INDEX OF CONTENTS:

  Paragraphs  1-8  Background information on the Group making the submission.

  Paragraphs  9-20  Electronic crime—issues and concerns of law enforcement.

  Paragraphs  21-28  Legislative shortfalls.

  Paragraphs  29-33  International issues.

  Paragraphs  34-51  The UK response.

  Paragraphs  52-60  Conclusions.

  1.  The background to the formation of the Association of Chief Police Officers (ACPO) Computer Crime Working Group (CCWG) is that the involvement of the Police in Computer Crime can be divided into two distinct areas, namely computer crime investigation and computer forensics. There has been and still remains much confusion amongst those not involved on a daily basis with either or both of these disciplines, of the differences and the relevance of the distinction between the two.

  2.  The police service as a whole, historically did not comprehend the nature of computer-based evidence and the difficulties created by the international nature of computer crime. The Association of Chief Police Officers in 1996 identified a need to be advised on matters relating to computer crime and computer forensics. They instructed that a working group be formed to carry out this function. As a result of this need, the policing regions of England and Wales made nominations and appointments were made to the group. There have been additions since then and there are now some 25 members. The current chairman is Detective Chief Superintendent Keith Akerman, the head of Hampshire CID. It is fair to say that the group is made up of practitioners rather than managers and most if not all of the members have experience in computer crime investigation, computer forensics or both.

  3.  The Group is formed under the auspices of the ACPO Crime Committee and reports directly to the Committee's Working Group on Economic Crime. The Group's purpose is to act as a focal point for the Police Service to determine policy and to circulate advice and good practice and identify training needs in relation to the following:

    (a)  the investigation of offences under the Computer Misuse Act 1990;

    (b)  the use of computers to produce and circulate pornographic material;

    (c)  the forensic examination of computers;

    (d)  the use of the Internet for criminal purposes;

    (e)  software theft and copyright abuse; and

    (f)  the identification of stolen computers, components and communications equipment.

  The Group chairman will bring resources together from each of the Regional Heads of CID Conferences and specialists from other agencies as considered appropriate.

  4.  The CCWG has been involved in a number of initiatives in the hi-tech crime arena, including:

    (a)  the production of a good practice guide for computer based evidence that has been accepted as the standard in the UK and has been circulated and accepted in a number of countries;

    (b)  the preparation and presentation of a business case for the formation of a National High-tech Crime Unit for the UK; and

    (c)  the organisation and presentation of the International Hi-Tech Crime and Forensics Conference and Workshops (IHCFC) held in London in 1999 and attended by 250 predominantly law enforcement delegates from 26 countries. This conference was to draw together initiatives being undertaken in order to harmonise good practice. The G8 Countries sub group on high-tech crime is now considering several of the outcomes.

  5.  The most significant contribution has been the formation of the Internet Crime Forum (ICF) (formerly the ACPO/ISP/Government forum). This was an initiative of the CCWG in 1997 in an attempt to bring together parties interested in public safety on the Internet. The first meeting was held in November 1997 with the purpose of identifying and ratifying the processes by which the aims of the industry and the police may be achieved. More recently the forum has attracted the interest of the European Commission, a member of which attended the latest meeting as an observer. This led to a request for a presentation of the work of the group at a meeting called by the EC Directorates-General of Justice and Home Affairs and Information Society. The presentation was received positively and the UK initiative is being seen as a possible model for ultimate recommendation to member states.

  6.  Membership of the ICF includes the ACPO CCWG, the Home Office, the Department of Trade and Industry, service providers and their associations, communications providers, prosecutors and investigators, the computer industry, lawyers and other law enforcement agencies.

  7.  The forum has agreed terms of reference for its work as detailed below:

OVERALL AIM

  To develop and maintain a working relationship between the Internet Service Providers Industry and Law Enforcement Agencies in the UK, such that criminal investigations are carried out lawfully, quickly and efficiently while protecting the confidentiality of legitimate communications and with minimum impact on the business of the industry.

OBJECTIVE

  To develop good practice guidelines between Law Enforcement Agencies and the Internet Service Providers Industry describing what information can lawfully and reasonably be provided to Law Enforcement Agencies, under what circumstances it can be provided, and the procedures to be followed.

TASKS

  

    (a)  identify and review the legal requirements to be met to provide information;

    (b)  identify information that can be provided from a technical perspective;

    (c)  to research and identify areas of legal uncertainty relating to the use of information from the Internet as evidence and to make recommendations to resolve any ambiguities;

    (d)  develop an accepted procedure for requesting and providing information;

    (e)  put in place procedures for paying for resources used; and

    (f)  co-ordinate with and demonstrate leadership towards similar activities internationally.

  8.  The main achievements of the forum have been created through multi-discipline sub groups. These include:

    (a)  an agreed Data Protection Act request form;

    (b)  London Internet Exchange (LINX) best current practice document on Traceability;

    (c)  an industry capability document for the provision of information;

    (d)  good practice guide for industry and Law Enforcement Agencies;

    (e)  crime prevention and reduction advice guide;

    (f)  24/7 Contact Points List;

    (g)  Legislative Proposals;

    (h)  Seminars for Industry, Academia and Law Enforcement Agencies; and

    (i)  the Internet Crime Forum Web Site (www.internetcrimeforum.org.uk).

ELECTRONIC CRIME—ISSUES AND CONCERNS OF LAW ENFORCEMENT

  9.  The Internet offers unparalleled opportunities for socially beneficial activity in the areas of education, research and entertainment as well as the ability to conduct business across computer networks. The introduction of the Electronic Communications Bill demonstrates the level of support for such activity by the Government. The growth in electronic commerce, in particular, presents new opportunities for criminals to abuse the systems that allow electronic transactions to take place. This abuse comes in many forms including denial of service attacks, the hacking of websites and servers and distribution of viruses. Each of these activities has the potential to undermine the confidence that is necessary for electronic commerce to succeed. In order to protect public safety it is necessary to ensure that those who commit such crimes have an expectation of detection. This supports the contention that e-commerce without e-crime facilitates e-confidence.

  10.  The power and speed of communications presents new challenges for the police service in combating hi-tech crime. The commission of offences such as hacking, Internet fraud, money laundering and the use of the Internet to aid more traditional offences require innovative counter measures. There will be a requirement for police officers to be trained in the investigation of such offences and to gain a much better understanding of the uses to which technology may be put in crime reduction and detection.

  11.  There are significant advantages to the criminals when comparing those who commit crime by using technology with those using traditional methods. Some examples of these advantages are:

    (a)  low financial/manpower requirements;

    (b)  no physical presence required at the crime scene;

    (c)  there are no physical boundaries;

    (d)  encryption is better than a good disguise;

    (e)  there is a greater ability to wipe out evidence of the crime;

    (f)  fewer ethical constraints;

    (g)  there are no live witnesses; and

    (h)  it is easier to create a trail between the crime and the criminal.

  12.  There are a number of identified recurring obstacles to effective law enforcement efforts to combat national and trans-national organised crime. One of these is the inability to share information and intelligence consistently and in a timely fashion, both within and between countries. This is frequently described as being "due to data protection constraints".

  13.  The role of law enforcement agencies is to prevent and detect crime, to enhance public safety. We fully support the need for data protection and acknowledge our responsibility as guardians of individual rights, including privacy. The activities of criminals threaten individual rights and damage the quality of life of individuals and our society. The increasingly international nature of organised crime requires enhanced co-operation and co-ordination between law enforcement agencies, not least in the exchange of relevant information.

  14.  The sharing of case specific information is not usually a problem although there is concern about emerging technological developments impacting upon the accessibility of data. To tackle crime effectively, intelligence driven activity by law enforcement agencies is necessary to prevent, disrupt or detect it. This requires the exchange of criminal (not only crime) specific data both within and between countries.

  15.  Emerging technological and industry developments in the handling of data is damaging the capabilities of law enforcement agencies. Examples (not exhaustive) include:

    —  increasing difficulty in accessing data;

    —  increasing anonymity of data; and

    —  increasing destruction and purging of data.

  16.  The preservation of data and its timely accessibility is essential to effective law enforcement, both in terms of collecting evidence and developing intelligence on organised criminal activity. The growth of pre-paid mobile phones and cards, increase in anonymous and free accounts, reduction in call line identification (CLI) capability, merging of voice and data, spread of encryption, reduction in the need to retain data and increasing charges for accessing data are all impacting adversely on law enforcement capability.

  17.  It is necessary for government and legislators to acknowledge that data protection and privacy issues require a balanced approach to both protect individual rights and to promote public safety. Striking that balance is a real challenge, but one that must be addressed to enable the pernicious effects of organised crime to be tackled.

  18.  There is a need to improve the understanding of all sectors of society (including the private sector, public sector and law enforcement personnel) that lawful access to relevant data, both nationally and internationally, is essential for the development of a safer world and will provide benefits to the law abiding public.

  19.  Law enforcement cannot provide the solution to the challenges of hi-tech crime without the support of government, industry and legislators both in the UK and in other fora such as the European Union, the United Nations and the countries of the G8. Each of these groups is working to provide solutions to the challenges. It is important that the UK provide sufficient resources for us to play our full part.

  20.  At present it is impossible to tell how much criminal activity in the UK involves the use of computers or the Internet. There is no requirement placed by the Home Office upon the police in recording crime to identify those committed using such technology. This has two main effects, firstly it is not possible to identify any general trends and secondly, our inability to be able to retrieve statistical information about these types of crime mean that it is impossible to analyse the crime data and provide an effective response to the challenges. It is important that in the future, crimes committed using the Internet are recorded as such.

LEGISLATIVE SHORTFALLS

  21.  Legislation has not kept up to date with the advances in technology and this has impacted on the ability of the police to combat hi-tech crime as well as to use technology in carrying out other policing tasks.

  22.  One particularly important area in terms of online transactions is the fact that in law it is not possible to deceive a machine. Transactions involving stolen or compromised credit cards where the entire process is automated do not require human intervention. It is therefore doubtful if the "offender" would commit any crime in these circumstances. Legislation to ensure that misuse of credit cards in online transactions is necessary.

  23.  In UK criminal law the definition of property does not include data. It is therefore not possible to steal data. There are many examples where individuals "stealing" data from employers or business partners have caused substantial financial losses. No offence has been committed under the Computer Misuse Act where the "offender" has had legitimate access to the computer system. Changes in criminal legislation may be necessary in the future to close this loophole.

  24.  Denial of service attacks on computer systems as have recently occurred in the USA and other countries may not constitute a criminal offence in the UK. It is possible for these attacks to bring down entire computer systems with relative ease and no criminal liability. The only possible legislation that could be considered is the 1971 Criminal Damage Act. This was used most unsatisfactorily prior to the introduction of the Computer Misuse Act. These attacks are now becoming more prevalent in the UK with no apparent recourse to the criminal law. The potential damage to the national infrastructure from such activity is beyond calculation and could have a devastating effect on e-commerce and the use of the Internet to conduct business.

  25.  The international nature of communications has led to prosecutions failing in circumstances where all of the "illegal" activities have taken place in the UK but the inter relationship of communications companies mean that there are no victims in the UK and any criminal offence is not capable of completion. This has proved to be a particular problem where hackers have misused services provided by UK telecommunications companies. Losses amount to many tens of thousands of pounds. In order to resolve these issues it is necessary for legislation to recognise the international scope of communications and to criminalise their misuse.

  26.  The proposals in the Regulatory of Investigatory Powers Bill regarding access to encryption keys by law enforcement do not impose sufficient penalty. Examples of cases where encryption has hampered criminal investigations will increase in line with the availability of encryption facilities. The maximum sentence of two years' imprisonment for failure to reveal an encryption key will have little effect on criminals who face more substantial sentences.

  27.  An example of the way in which the police could use technology in their work is for conducting prisoner reviews under the Police and Criminal Evidence Act using video conferencing. This has been held to be unlawful at present. Changes in legislation to allow for such activity together with, for example, the use of remote viewing technology for identity parades would allow for a more beneficial use of police resources without diminishing the effect of the existing safeguards in such circumstances.

  28.  Perhaps the greatest challenge to law enforcement in combating hi-tech crime is the issue of data retention. Investigations into offences where the offender uses telecommunications and the Internet rely upon caller line identification (CLI) and other traffic data in order to have any chance of detection. EU Data Protection directives prevent the storage of data outside of given circumstances. The effect of this is that investigators are often thwarted by the lack of available data. It will not matter what procedures are put in place for the rapid exchange of evidence between organisations and countries if data retention is not made mandatory.

INTERNATIONAL ISSUES

  29.  One of the most important international initiatives of recent years is the G8 Communique on Hi-tech crime that was endorsed by Heads of State at the Birmingham summit in May 1998. This set out a set of principles and an action plan.

  30.  The principles are:

    (a)  there must be no safe havens for those who abuse information technologies;

    (b)  investigation and prosecution of international high-tech crimes must be co-ordinated among all concerned States, regardless of where harm has occurred;

    (c)  law enforcement personnel must be trained and equipped to address high-tech crimes;

    (d)  legal systems must protect the confidentiality, integrity, and availability of data and systems from unauthorised impairment and ensure that serious abuse is penalised;

    (e)  legal systems should permit the preservation of and quick access to electronic data, which are often critical to the successful investigation of crime;

    (f)  mutual assistance regimes must ensure the timely gathering and exchange of evidence in cases involving international high-tech crime;

    (g)  trans-border electronic access by law enforcement to publicly available (open source) information does not require authorisation from the State where the data resides;

    (h)  forensic standards for retrieving and authenticating electronic data for use in criminal investigations and prosecutions must be developed and employed;

    (i)  to the extent practicable, information and telecommunications systems should be designed to help prevent and detect network abuse, and should also facilitate the tracing of criminals and the collection of evidence; and

    (j)  work in this area should be co-ordinated with the work of other relevant international fora to ensure against duplication of efforts.

  31.  In support of these principles the following actions are to be undertaken:

    (a)  use our established network of knowledgeable personnel to ensure a timely, effective response to trans-national high-tech cases and designate a point-of-contact who is available on a 24 hour basis;

    (b)  take appropriate steps to ensure that a sufficient number of trained and equipped law enforcement personnel are allocated to the task of combating high-tech crime and assisting law enforcement agencies of other States;

    (c)  review our legal systems to ensure that they appropriately criminalise abuses of telecommunications and computer systems and promote the investigation of high-tech crimes;

    (d)  consider issues raised by high-tech crimes, where relevant, when negotiating mutual assistance agreements or arrangements;

    (e)  continue to examine and develop workable solutions regarding; the preservation of evidence prior to the execution of a request for mutual assistance; trans-border searches; and computer searches of data where the location of that data is unknown;

    (f)  develop expedited procedures for obtaining traffic data from all communications carriers in the chain of a communication and to study ways to expedite the passing of this data internationally;

    (g)  work jointly with industry to ensure that new technologies facilitate our effort to combat high-tech crime by preserving and collecting critical evidence;

    (h)  ensure that we can, in urgent and appropriate cases, accept and respond to mutual assistance requests relating to high-tech crime by expedited but reliable means of communications, including voice, fax, or e-mail, with written confirmation to follow where required;

    (i)  encourage internationally recognised standards making bodies in the fields of telecommunications and information technologies to continue providing the public and private sectors with standards for reliable and secure telecommunications and data processing technologies; and

    (j)  develop and employ compatible forensic standards for retrieving and authenticating electronic data for use in criminal investigations and prosecutions.

  32.  A considerable amount has been achieved in support of the principles including the establishment of 24-hour, 7-day point of contacts. Further work is in hand regarding forensic computing standards and cross-border traceability. Support for the G8 principles and action plan has been expressed within Europe and the Council of Europe Cyber-crime convention, due for completion in October 2000, is expected to further this support.

  33.  The resource provided by each country in support of the principles and action plan varies considerably. In the UK for example, no funding has been provided and the support given has relied upon individuals and the CCWG producing initiatives. In contrast the United States has embarked on an extensive training programme that has been fully funded. In the UK some computer crime units have to rely on the courts confiscating equipment used by criminals, in order to carry out their tasks effectively.

THE UK RESPONSE

  34.  The UK response to the threat of hi-tech crime has been rather fragmented. The Metropolitan Police Computer Crime Unit has borne the brunt of major investigations between 1984 and the recent past. Other police forces have over the past three to four years formed computer crime units, usually with responsibility for forensic computing as well as investigations. There are still some forces that have no capability to investigate hi-tech crime or to recover evidence from computers.

  35.  The formation of the ACPO CCWG in 1996 sought to establish consistency in the practices of UK police forces and to a certain extent this has been achieved. The requirement for training for police officers at all levels within the service has not yet been adequately addressed. At present there are two specialist investigation courses available through National Police Training but these are always oversubscribed and are the responsibility of the only person allocated in the UK to design and deliver this type of training and this is on a part time basis. There is currently a whole generation of police officers who at the very minimum require awareness training.

  36.  ACPO has tasked the National Criminal Intelligence Service with designing a nationally co-ordinated high-tech crime strategy that will, subject to government funding, lead to the formation of a national high tech crime unit by April 2001.

  37.  There are a number of issues that have not yet been addressed, some of which are:

    (a)  Internet Gambling—Crime always follows money and the opportunities here are substantial—for example in money laundering. There are current estimates that Internet gambling is a $2.86 billion dollar industry. There are also associated social risks (under-age gambling for example) and the usual cross-jurisdictional problems with financial transactions.

    (b)  Cyberstalking—Stalking is growing problem (eg Jill Dando) and the Internet offers wonderful opportunities for this. It is linked with other existing crimes, for example animal extremism—personal details such as phone and fax numbers of work/home are often published of people involved in vivisection and then net users are invited to inundate the "victim" with messages etc. Another example is a publication called "The Scum Directory"—this supplies the freepost addresses and free call numbers of Companies, Organisations and Individuals with links to the Dairy, Meat and Fish industries and readers are invited to "send" heavy parcels and letters at their expense, stating their opposition/feelings. Much potential for public disorder and the economy/cash flow of the companies concerned. Although the 1997 Protection from Harassment Act may well apply to some of this activity, there is no specific mention of computers in the Act.

    (c)  Race/Hate—There is the possibility of incitement to serious public disorder and the alienation of ethnic groups, especially bearing in mind the McPherson report. Events such as the J18 day of action last year emphasise the requirement for quality, actionable intelligence. Our ability to be intelligence led is being denigrated by the lack of information available to law enforcement from technology sources.

  38.  The lack of strategic planning for resources, training and for awareness of the problems and issues presented by the Internet and the development of e-commerce is a serious issue. A co-ordinated approach to IT crime will and must involve both national and international "partnerships". Issues relating to different legal systems, different investigative procedures and techniques, and different forensic standards are also practical problems to be faced. All of this is a threat to public safety. Some but not all of these may be addressed by the work being carried out by NCIS. Even if a national unit is formed, the need for a local capability in each police force will be necessary to deal with the local issues that will not be taken over.

  39.  The conference mentioned at paragraph 4(c) above led to a number of internationally agreed findings and suggestions for action. Some of these are:

    (a)  the way to combat global crimes includes the need to reach an agreement on a format for international principles for forensic computing. It is suggested these should:

      (i)  be consistent with all legal systems;
      (ii)  allow for the use of a common language;
      (iii)  be durable;
      (iv)  cross international boundaries;
      (v)  lead to the confidence in the integrity of evidence; and
      (vi)  be applicable to all levels, from the individual through agencies to countries.

  40.  A total of 26 countries were represented at the Conference and all contributed to the preparation of these principles which we suggest may be as follows:

    (a)  upon seizing digital evidence, actions taken should not change that evidence;

    (b)  when it is necessary for a person to access original digital evidence, that person must be forensically competent;

    (c)  all activity relating to the seizure, access, storage or transfer of digital evidence must be fully documented, preserved and available for review;

    (d)  an individual is responsible for all actions taken with respect to digital evidence whilst the digital evidence is in their possession; and

    (e)  any agency, which is responsible for seizing, accessing, storing or transferring digital evidence is responsible for compliance with these principles.

  41.  Whilst agreement has been reached in relation to these principles it is clear that further work is needed in respect of:

    (a)  a definition for "forensic competency";

    (b)  should we provide international accreditation and validation of tools, techniques and training;

    (c)  clarification of issues relating to practices and procedures for the examination of digital evidence; and

    (d)  an agreement for the sharing of information relating to high-tech crime and forensic computing, such as events, tools and techniques.

  42.  The conference recommended that an international workshop be formed to establish further detailed guidelines to be submitted with the principles. This should include or be formed by the International Organisation on Computer Evidence (IOCE) which has the mandate from G8 to address these issues.

  43.  Having covered the forensic side of hi-tech crime investigation it is equally important to examine the issues relating to Internet investigations. Not unnaturally the first consideration is for tools and techniques:

    (a)  there is a definite need for the continued exchange of information between investigators utilising existing technology;

    (b)  a need to identify Internet investigative contacts and resources and make this available to investigators;

    (c)  promote joint training initiatives and the exchange of training material;

    (d)  closer liaison with ISP's and the industry to develop new tools and techniques;

    (e)  the creation of a secure web site to be made available to all investigators; and

    (f)  tools and techniques must evolve with the criminal cyber threat.

  44.  Another key issue relates to procedures and the important points emerging here were:

    (a)  common standards necessary for cross-jurisdictional investigations;

    (b)  an international legislative framework is required; and

    (c)  a very useful precedent and guide can be found in the current money laundering protocols.

  45.  If we are to have internationally agreed principles and guidelines, it must automatically follow that we also require agreement over forensic computer training. The basis of such an agreement was reached by broadly discussing:

    (a)  the production of a guide containing a collation of information on Training Courses containing:

    (i)  a simple definition of jobs or functions that are performed within the forensic computing discipline;
    (ii)  a simple outline of skill sets needed by each of those defined to carry out their work; and
    (iii)  a director of known courses.

  46.  Linked to all of the above is the issue of accreditation of Tools and Techniques. It was strongly believed that accreditation is essential to provide standards that will survive challenges in courts in all countries. International technical standards are both essential and achievable. Once again there was unanimous agreement about this:

    (a)  imaging tools should be accredited;

    (b)  a reputable/agreed internationally-regarded organisation to identify accrediting authorities;

    (c)  the development of an international Good Practice Guide;

    (d)  a recommendation that ISO 9002 should be the accreditation standard for the forensic examination methodology;

    (e)  training is clearly required at all levels—(basic entrant to hi-tech crime staff);

    (f)  content will range from basic Internet awareness to specialised knowledge;

    (g)  courses to be delivered by Law Enforcement in-house training at basic levels;

    (h)  outside training by Universities and industry for specialised posts; and

    (i)  it is suggested that these courses should start as soon as possible now.

  47.  None of the issues discussed at the Conference is capable of a successful resolution unless management awareness is addressed. No matter what the Law Enforcement Organisation it is generally perceived that management lack awareness and in some cases interest in the problems presented by hi-tech crime.

  48.  It is therefore crystal clear that there needs to be a clear management strategy in relation to the investigation of hi-tech crime. Such a strategy should take account of:

    (a)  international perspectives;

    (b)  a policy statement;

    (c)  seizure strategies and policies;

    (d)  common standards and forensic techniques;

    (e)  reacting to Case Law;

    (f)  evidence presentation; and

    (g)  tools and equipment for the task.

  49.  What has emerged is our apparent strength (relatively speaking) in relation to Computer Forensics and our weakness in relation to Internet investigations. It therefore follows that our goal should be to substantially improve our ability on Internet investigations.

  50.  How all of this is developed is a question, for law enforcement, The Council of Europe and G8 but to be promulgated further internationally. One idea is the formulation of a small task force by G8 to take all the issues and to develop practical acceptable solutions. However, in our view further work is required to develop a clear strategy for the way ahead and we see this being achieved by concentrating in the following areas:

    (a)  internet investigations;

    (b)  international principles;

    (c)  training development and accreditation;

    (d)  tools and technique development;

    (e)  product accreditation;

    (f)  evidential protocols;

    (g)  involvement in development of new technology;

    (h)  co-ordination of effort between fora;

    (i)  crime prevention/reduction strategies;

    (j)  co-operation with industry; and

    (k)  development of international co-operation.

  51.  This activity must be a joint enterprise with all relevant agencies and in certain (if not all) instances with the private sector. We believe we probably missed our opportunity for serious development by not involving the private sector enough in the Conference.

CONCLUSIONS

  52.  There is a growing emphasis on police information systems mainly, but not exclusively, under the NSPIS banner. Topical subjects range from setting strategy at the Service level to operator skills. Crucial broader issues also involve the Police Services: examples are CJS information systems (such as IBIS).

  53.  The Police Service wishes to adopt a digital radio system (PSRCP), which, once introduced, should bring substantial technical and operational opportunities as well as an increase in managerial complexity. As with information systems generally, this needs to be addressed at a number of levels from force strategy through middle management activity to the training of equipment operators. Operators include all police officers and many members of the civilian staff, with relationships with other emergency services. Operator skills, though bringing a problem of scale, should be straightforward to identify and train. More difficult will be to provide senior and middle rank officers with the knowledge and understanding to be able to use the flexibility of the system to best operational advantage

  54.  Without doubt there are a number of difficult issues facing Law Enforcement in the immediate future. One immediate example is the work being done in connection with Crime and Disorder. Where Hi-tech Crime is currently different, is that it does not feature as a Ministerial priority.

  55.  The importance of a well-structured training regime is paramount to ensure the professional expertise of all our staff, not just members of the proposed new unit. Such training is critical and must cover a broader content because of:

    (a)  advancing technology;

    (b)  the increasing use of technology by business and society, in particular the growth of electronic commerce;

    (c)  the increased reliance on information systems by the police, with those systems offering opportunities for police managers to adopt a more flexible and imaginative approach to policing;

    (d)  this will be matched by a need to ensure that expenditure on the gathering, storage and processing of data to meet information requirements is truly cost effective;

    (e)  progress towards the integration of CJS systems; and

    (f)  a likely increase in hi-tech crime, both in quantity and variety, and including international crime.

  56.  It is desirable to encourage inter-agency co-operation in investigator training. It seems sensible, possibly necessary, that the police seek to co-operate with Customs and Excise, the SFO and others in training. There is always likely to be a shortage of training expertise and resources and it would be negligent not to seek to maximise the use of a scarce national resource.

  57.  There is a need to develop the best possible links with Government and international bodies that could support investigator training either directly by exchanging information relevant to training. Examples are DERA and GCHQ in the UK, the Secret Service and the FBI in the USA, Interpol and European countries whose police forces are advanced in hi-tech crime investigation such as The Netherlands, Belgium and Germany.

  58.  There is a need to hold a body of professional knowledge. This particularly applies to hi-tech crime, including both investigative and criminal techniques. It requires a capability to carry out some research.

  59.  There is also a need for hi-tech crime investigators to be provided with a stream of up-dating information on criminal techniques, investigative techniques, investigative software tools, etc. This should include published material (probably in a variety of formats) and seminars/workshops.

  60.  The police service has to increase its capability to combat hi-tech crime in the immediate future and this involves adequate training and equipment being made available in order to build upon the work that has been started by the ACPO CCWG. The risk of not doing this is that technology will be so far advanced that the law enforcement effort will never catch up.

6 March 2000


 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2000