As anyone who has kept an eye on the news in the past few years will know, there has been a massive recent increase in cases of the law being broken in the online space – a phenomenon otherwise known as cybercrime.
While this hasn’t, unfortunately, also signalled a corresponding fall in the number of incidents taking place outside of the virtual realm, it has nonetheless required that the police start to redefine the very notion of crime itself, and ‘volume crime’ in particular. Hence – without wanting to state the blindingly obvious – the bringing into existence of the National Cyber Crime Unit, as operated by the National Crime Agency (NCA). Hence too observations such as those made in last year’s NCA National and Strategic Assessment of Serious and Organised Crime that “UK cybercrime continues to rise in scale and complexity”.
When it comes to cybercrime, the focus of attention is invariably, and probably quite rightly, that which takes place in the economic space. The perpetration of fraud is by no means the only way to make life a misery online, however, with the anonymity afforded by social media apps, private messaging platforms and so on facilitating wholly new ways to violate someone’s personal life without criminals even having to leave the house.
This is something which has been labelled ‘cyberstalking’ and – if the accounts of those who have suffered it are to be believed – it is deeply insidious and traumatic.
Operational parameters
As indicated, the operational parameters of what constitutes economic crime have been well and truly redrawn over the past few years, in the light of such charming innovations as phishing, denial of service, ‘man in the middle’ attacks and so on. The same probably can’t be said for procedures around harassment as it relates to online stalking, however, not because of a lack of interest on the part of the criminal justice system so much as it being such an incredibly tricky crime to prosecute (and, to a degree, even conceptualise).
With that in mind, a team from the University of Bedfordshire has recently developed an app (known as CybHAPP) specifically designed to help the police collect evidence, straight – with their knowledge and permission – from the devices of those claiming to be the victim of online stalking. Supported by the Police Innovation Fund to the tune of £1m over two years, the project worked with several forces to ascertain the landscape from an operational perspective.
Speaking of the origins of the solution, the university’s National Centre for Cyberstalking Research director (and reader in cyberpsychology), Emma Short, says: “The project came about, essentially, from talking to the police and realising that cyber harassment and stalking weren’t necessarily being dealt with in the best possible way within the forces themselves.
“We carried out a review in the first instance, initially in Bedfordshire, which eventually went out to three other forces – Hampshire, Greater Manchester and South Wales. We looked at a range of areas, including case management, procedures and so on, to get an overall picture of what was going on across the respective regions.”
She continues: “Once the feedback from those organisations had come back, we started to look at developing a variety of different things, including the mobile app itself, as well as a case management system and a new risk-assessment tool specifically designed for people being stalked online.
“Regarding the latter, there’s currently no procedure that exists for risk-assessing someone who’s being harassed by an anonymous party, which is often the case when stalking takes place online. The police can use the DASH [domestic abuse, stalking and honour-based violence] checklist when dealing with cyber, but there’s nothing specifically catering for the crime area which we’ve been focused on. The really scary part of online stalking is that the unknowns aren’t currently being risk-assessed at all.”
Going back to the subject of the app itself, according to Short the solution was developed in-house by the university with the specific intention of making it as straightforward as possible for the victim to use. This involves, once the crime has been reported, the user being given a unique number by the police, which is then keyed into their phone.
This in turn enables the app, via the cloud, to upload ‘virtual’ evidence (for instance, threatening messages or images) directly to the authorities for later use in a prosecution, all without the victim having to turn their phone in for examination. Short also mentions that originally the idea of recording calls was floated, as well as being able to identify from where they were being made, but that ran aground due to issues around privacy.
“Another thing we wanted to make sure of was that the system wouldn’t need to be integrated into any force back-end systems, which is why we’re using the cloud,” she continues. “It’s a standalone, Microsoft-driven piece of software, to which we’re still hoping to add things such as analytics functionality so the police can see if a perpetrator is harassing more than one victim.
“That would also be able to indicate escalation, which again would be incredibly useful from an investigation and victim-protection point of view. All we need now is a pilot force to run it.”
Letter of the law
The Crown Prosecution Service defines harassment (in reference to the 1997 Protection from Harassment Act) as the making of “repeated attempts to impose unwanted communications and contact upon a victim in a manner that could be expected to cause distress or fear in any reasonable person”. Stalking – which is legislated under the same Act – meanwhile is conceptualised as persistent activity designed to “curtail a victim’s freedom... for example, following a person, watching or spying on them, or forcing contact with the victim through any means, including social media”.
Regarding ‘contact through social media’ in particular, these activities can take many forms, ranging from the relatively straightforward, such as incessant unwanted communication and repeated threats, to the downright vile (eg, posting fake or real sexual images of the victim online). According to internet security specialist GlobalSign, meanwhile, cyberstalkers have also been known to resort to more asymmetrical tactics, including creating malicious websites and blogs, as well as hacking a victim’s social media, in order to destroy their reputation online. The mind-numbingly depressing list is apparently endless.
Given its multi-faceted (and, as mentioned, often anonymous) nature, it is probably no surprise that the criminal justice system is currently less ahead of the game than it might be when it comes to tackling this kind of online crime, at least according to Short. Another possible reason for this, for her, is the fact that online harassment generally only takes place at the level of discourse rather than ‘action’, thereby making situations appear less urgent than they might do in relation to domestic abuse, ‘real world’ stalking and so on.
With that in mind, what tangible help can the University of Bedfordshire’s new app provide in making police officers’ lives more straightforward? “All the benefits are wrapped up with the process of evidence-gathering taking place through the app and the cloud, something which in itself is quite unique,” says Short. “At the same time, the solution also has the ability to arrange the information provided, as well as making it useable in an operational context.”
She continues: “For instance, it produces live reports straight from the victim’s phone, the primary intention of which is to reduce the workload of officers when it comes to looking at different incidents. It also draws up a CPS-style report, detailing what was said, how it was said, and what the location was of any incident. This takes place in conjunction with our risk-assessment system, which enables forces to triage out something like 95 per cent of the calls.”
Returning to the subject of the urgency of the threat, or rather the likelihood of it spilling over into the real world, she says: “We’ve got some indications that it is an issue, but there’s not quite enough evidence to put it out there quite yet. That’s another reason that we really want to work with a police force, so we can gain a better understanding from their perspective.
“The indicators suggest that it can become a problem offline in cases where there’s been some kind of ‘investment’ on the part of the person doing the stalking. That could be someone who’s felt like they’ve had a bad experience with online dating, or it could literally mean a financial transaction.
“Another example is when someone is a member of a very committed online community who feel like they’ve made an investment in one another, and the other members believe the person has let them down in some way. That’s exactly the same kind of dynamic that happens offline, and it has the potential to transfer into the real world.”
As indicated, one of the police forces Short and her team worked with on the app was Bedfordshire. Discussing the value of the solution, Beds Superintendent Mark Upex says: “The app is really useful. It should save time when collating evidence, as well as ensuring the victim can keep their phone.
“Although feedback from various parties was really positive, it hasn’t yet been tested on a real case in Bedfordshire due to several significant challenges, in particular the roll-out of new IT system Athena. We hope to start using the technology in the near future.”
Discussing the crime itself, he continues: “The digital and social media world is ever-expanding, and as there are vast opportunities for people to commit an online offence, we expect to see this type of offence become more prevalent.”
At their worst, the effects of cyberstalking are clearly devastating, and even more so when the harassment shifts from online to offline. The National Centre for Cyberstalking Research is carrying out invaluable work, both in terms of its research, and in how it is putting that learning to use.