Select Committee on European Union Minutes of Evidence

Examination of Witnesses (Questions 420 - 440)



Lord Woolmer of Leeds

  420. Sorry: did you say tells you at that point?
  (DCS Akerman) Yes. He checks with the credit card company and finds out that the numbers have not been issued.

  421. You actually said he tells you about it.
  (DCS Akerman) Yes. Under our direction he e-mails back and says, "Right, but unfortunately your credit card limit is too low." "Oh, ever so sorry", and back comes another e-mail. It goes on like this for a while. Our big problem is, where are they? Okay, we have got an IP address but they can all be altered or knocked up. However, if we report that to the Spanish as it stands at the moment through mutual legal assistance, if we go that route, the first thing the Spanish want is the entire complaint translated into Spanish. What we have got at the moment is, in real policing terms, a fairly low key crime in terms of public priority. We have got an attempted deception on a retailer. Are we going to spend the money to get all that translated into Spanish, sent out through the FCO, eventually to get to Spain to have a look at in the hope that the Spanish will then go and try and trace the offenders? Irrespective of all that, what has happened to the computer based evidence in the meantime? If we try and follow that route then we are in breach of I think section 30 or 60 of the Police Act. I cannot remember off the top of my head. We are only acting as police officers within the jurisdiction of the United Kingdom. As soon as we go and retrieve information down the cyber highway, bring it back and then produce it, we stand to be in breach of section 78 of PACE because we have acted outside our powers There is a very brief illustration of some of the problems and that is a simple offence.

  422. You have given a perfect example of Spain, but if the man really plans a big fraud he will go to a country which is much worse than Spain. Then where is the chance?
  (DCS Akerman) Yes. I did not mean to infer the Spanish were bad. I just used that as a recent example. The real problem is this. If we take a good extortion, you could set yourself up wherever you care to name, and let us take as an example Nicaragua. You can then access the victim in the United Kingdom going through various routes, and ask for the money to be deposited in France and then ask for it to be transferred on to somewhere else. Our problem is not tracking it. It is tracking it in sufficient time (a) to be able to recover the evidence so that we can use it, and (b) quickly enough so that we can apprehend the offenders or we have lost it. Running parallel with all that is: are the offences we are talking about offences in the countries that we are visiting? Do they understand what we are investigating and have they got similar offences? What are their standards in terms of the way that they collect and produce the evidence? Will we be satisfied? Would our court accept them? When we perhaps phone up and say, "We want to hurry up. Please try and retrieve some of this computer evidence", are they going to do it in a way which is acceptable to us? We are talking about common standards generally as well, so there is a plethora of problems associated with your question.

Viscount Brookeborough

  423. You said that regulations put in place by the United Kingdom alone would be irrelevant. If Europe was to put them together does that mean that in world terms those would also be irrelevant because Europe is only a small part? When you had your conference, the IHCFC with 26 countries, did you find that there was a feeling that one could attain agreement throughout much of the developed world, or do you think that it would have to be broken up into certain areas which would have their own agreements but they would have to talk to each other? In what sort of forum in the future do you think these sorts of negotiations about regulations may take place successfully?
  (DCS Akerman) The answer to your first question is that it is irrelevant because Europe on its own is not sufficient. What we want and what we must have is action on a scale which hitherto has not been experienced. The closest we have seen it is to drugs profit confiscation legislation. Because drugs are such an insidious product there has been fairly universal agreement that we should have some sort of action. That is the nearest correlation I can give you. You have to have everyone do it or we are wasting our time. As far as the 26 countries are concerned, I am skating on very thin ice here but I am going to answer you very frankly. The practitioners, ie law enforcement, will want to achieve a practical solution and in fact inevitably will probably come to some form of practical solution. The real issue is the political agenda in terms of whether or not it is politically acceptable to go down a particular route. That is a fact of life. We sit on the G8 Hi-Tech Crime Sub-Group. I often wonder to myself how the United Nations function if I am merely dealing with seven other countries. That is not a criticism. I understand where some of the issues are coming from, but those are the facts. From a purely practitioner point of view there is a real will to get this sorted out.

  424. How far do you think it can go in world terms? Do you think that the developed countries can try and produce regulations that other people will accept? It would be nice if the whole world came together and said, "Right, we will regulate", as they have done largely with drugs. In practical terms where do you think you can go?
  (DCS Akerman) First of all you have a culture to overcome and the culture of the Internet is that it is non-regulation. This is the beanbag approach, if I can use that expression. Everything is up for grabs. This is real freedom of information in its truest sense. This is where we can be philosophical and express our views, lateral thought, bags of initiative, innovation and everything you can think of. You have got a whole culture there which the industry are going to be interested in developing (a) in terms of providing a service, and (b) you are going to have the companies who will want to make money and earn profit from their customers for their stockholders. You have those sorts of issues to one side. Then there is the issue of whether or not a law in one country is going to have the same meaning as in another. At the moment it clearly does not. We have seen some real practical difficulties in our recent past in terms of our own terrorist legislation where that has caused problems, and indeed, on a much more basic level, there are issues about theft and criminal damage. It is not easy.

Lord Bradshaw

  425. I am going to come at this from a slightly different angle because of my involvement with police authorities. First of all, might I ask you—and we want you to be very honest—how unready is the British police force to actual deal with the problems? In my own police force I understand there are two people employed and this is one of the biggest police forces in the country, and certainly I have never heard at any budget meeting or anything of the sort any emphasis being given to the need to deal with this subject.
  (DCS Akerman) If I answer the second part first, I will reiterate what I have already said. The fact is that government priorities direct our resources in another direction. We all know, whether we like it or not, what gets measured is what gets done. That is the bald fact. Unpalatable as that may be, that is the truth.

  426. That is what we want to know.
  (DCS Akerman) The answer to the first part of your question is that the practitioners—and Nigel is a classic illustration of this; you are talking about the DCs, the Detective Sergeants and the Detective Inspectors—recognised this as a problem a long time ago and have been beefing very hard to make management understand what some of these issues are. At the end of the day we have to accept that we have budget issues, there are the government priority issues, there is a whole raft of things which have to be taken into account. There are pockets of excellence in the country which are well equipped to deal with some of these problems. The key issue is to enhance those pockets of excellence and, more importantly, to spread them out so that it is universal and not just focused in a few areas.

  427. This is a slightly technical question, Chairman, but does the policy of tenure in the police which is tending to move people about from speciality to speciality run totally counter to what you are saying?
  (DCS Akerman) If I may say so, that is a dreadfully low ball question to ask me.

  Lord Bradshaw: I think we have got the answer!

  Baroness O'Cathain: Do not commit yourself!

Lord Bradshaw

  428. The third subject is that we have in the police force in the country coming upon us a piece of technology, the public sector radio communications project, which will equip every police constable with a piece of equipment, assuming we buy the hand-held equipment of the right quality, which is capable of collecting evidence in digital form. In the same way we have taken the fact that the law needs complete revision in respect of e-commerce, and that needs to be done internationally, do I also take it that our own Police and Criminal Evidence Act will have to be taken to pieces if we are to be able to submit evidence which is gathered digitally and electronically to the courts?
  (DCS Akerman) Quite possibly. This is not a criticism. When it was formulated people did not envisage the technological leap that we have been making. Technology is at the stage now where I doubt whether legislation will ever keep up, to be quite honest with you. However, there are opportunities for us to be more innovative and imaginative than we currently are. I can give you two examples. The first one is identification parades. We really struggle to get together six-foot-four, large-build, grey-haired people. If I had to put Nigel on an ID parade I would be really struggling to find a number of other people who broadly match his description. However, if we had a CD Rom or a number of video images of similar people, it would be ever so simple to do that. We cannot do that. That is one illustration. Another good one is that we are always complaining about the way that we use our resources and we are being asked to maximise them, use them cost effectively etc. The fact is that under the Police and Criminal Evidence Act which you have alluded we have to review prisoners on a regular basis once they have been arrested. Why cannot we use technology to assist us in that process? At the moment we cannot. It requires the physical presence of the inspector to go and review it. Why cannot we have video conferencing? There are two illustrations which go towards answering your question.

  429. So that there is a need for a revision of the law which has to have an international dimension so far as international crime is concerned, and at the same time we have to ensure that the police force has the resources to deploy people to do the work?
  (DCS Akerman) The trouble is that whatever occupation you talk about they will always scream, "I need more resources." The police force are no different from anyone else. What I am saying to you is, look: there are some opportunities where we could use technology to our advantage so that we make better use of it.

  Lord Bradshaw: I understand that point.

Lord Sandberg

  430. There seems to be some slight contradiction. You started off by complaining, if that is the right word, that there were too many cooks spoiling the broth, Europol, Interpol, etc. But now you are also saying that there does not seem to be anybody who is taking the lead. Why cannot we get a country-wide or worldwide Interpol who will take some of these points and run with it?
  (DCS Akerman) First of all, I do not think I was complaining at all. I was merely stating the facts. The facts are that there are too many people doing it. There is no reason why one particular country could not take the baton and run with it provided they could get everyone else to run with them. The problem is that what we see quite often is that the person who picks up the baton looks behind him and finds he is running on his own. That happens far too often.

  431. I am just saying: is there something that one should be putting together in trying to bring all the European countries together with Interpol and so on? Are you finding that there are so many different cooks around that you cannot get the broth made?
  (DCS Akerman) Oh no. The position is quite clear, is it not, about e-commerce, computers to schools? All communication with government is to be electronic in a certain time. This government has signed up to the G8 principles, there is no doubt about that, and is working very hard on the G8 front. They also go to the European Cyber Crime Convention. The point I was making was that what is really important is to co-ordinate the effort and I do not see any obvious signs of co-ordination of effort so that the practitioner sees the realistic product at the end of the day.

  Lord Sandberg: That was the point I was trying to get from you. I think it is a very important one.

Viscount Brookeborough

  432. When we have been speaking about anti-terrorist legislation, in this House especially, many people have argued for evidence which is accumulated through electronic/telephonic means to be able to be used in evidence. It would appear that we are one of the few countries where that is not so. You have so far talked about somebody running and having nobody behind them. Are we not the ones who are behind on that and therefore in that simple way could we not do some catching up?
  (DCS Akerman) The interception of communication is not my area of expertise. However, there are some very good reasons why the United Kingdom have adopted that position. Certainly there is no evidence worldwide that an opening up in the way that you have indicated actually is a huge advantage.

  433. So it is not part of this problem?
  (DCS Akerman) The interception of communications is going to be a problem, yes. As we see a merging of data and voice and the ordinary mobile phone, instead of being the low memory base that it is at the moment, being capable of holding something like 6.8 gigabytes so that you will get your text and voice and be able to e-mail the world, and we have not got a clue where you are doing it from, that is a real problem. Existing legislation in terms of e-mail is problematical. We have only two avenues open to us in terms of how we secure that evidence. The first one is the Interception of Communications Act where you have just articulated what the problem is: we cannot use it in evidence. The other one is the Police and Criminal Evidence Act, Schedule 1, where we go to a High Court judge and get an order to allow us to get it. There are a couple of problems associated with that. The first is that it has got to be serious, and that is defined, so not all offences are serious. The other thing is that it also only gives you historical data so you are going to be saying to Lord Justice X every day possibly, "I want another order", to keep up with the data. The other thing of course is that there is no requirement for people to preserve the data. There is no legislation to ask them to retain it. From our point of view that is a nightmare.

Lord Woolmer

  434. Can I start first of all with the extent of the problem or otherwise, because you spoke in very convincing terms about the nature of the problems but we have not really got a feel for the size of them. If you face the problem of burglaries at home, your first answer would really be, I assume, to encourage people to make their homes such that they cannot be burgled as opposed to spending a lot of time chasing burglars, in other words you prevent rather than cure. Taking that analogy, the answer to the dramatic example you gave of the credit card crime is to put the onus upon the industry to say, "You are the people who are getting ripped off", the credit card companies. "You set up the devices to avoid that happening." It is the equivalent of putting things on your house to stop you being burgled. You did not really talk much about preventing it happening as opposed to chasing the criminal. I understand that because the question was about chasing the criminals as it was happening rather than preventing them. My question is this. Industries always say to us, "Self regulation. We can look after ourselves." Is that not in reality the way for the next few years that things are going to go? Being realistic police forces around the world, home secretaries around the world, are most unlikely to move at the speed that the people being damaged by these crimes are going to move, so what is your comment on the strategy for prevention rather than cure?
  (DCS Akerman) There is a range of questions in that. Nigel has done a lot of work on the credit card one, so I am going to let him answer the credit card one and I will come back to your more strategic question.
  (DS Jones) The issue that crops up with credit fraud across the Internet is that if I purchase something on the Internet using a stolen credit card and I ask for it to be delivered to my home address, which is not the address of the card holder, from the merchant, who may be an on-line merchant in America or anywhere in the world, the goods will be delivered to me at my address where I have probably got millions of pounds worth over a period of time. The merchant will then try and debit the credit card number. If the card number has been self-generated or does not exist, the credit card company will use a system called charge-back where they charge back the cost to the merchant, so the merchant is the victim. If the credit card number is a number that does exist and belongs to someone somewhere in the world, that will be debited to that card holder's account. The card holder will probably notice this and tell the credit card company he did not make the transaction. Because the card holder was not present when the transaction took place and the goods were not delivered to his address, the credit card company then have the right to charge that back to the merchant. We have spoken to the credit card companies about this and, to be perfectly frank, their concern is not with the type of fraud where they are not the loser. Their concern is with application fraud where the fraud is at the time of the application for the credit card and they therefore then suffer the loss. Our view is that in today's technological age it should be possible for a merchant, when a transaction is taking place, to make more checks than are currently available to him. What we believe is that it needs a banging of heads if you like between the on-line merchants and the credit card companies in order to assist with the crime reduction. That is just one area where we believe that this could help and through the forum one of the next things we are looking at is an Internet fraud prevention guide where we will be bringing on board people from the credit card industry and on-line manufacturers. That is just one example of where we think it may help.
  (DCS Akerman) In terms of the broader issues raised by your question, with burglary we invented an animal called the architectural liaison officer. That individual, who was highly trained, worked with the builders so that as the housing estates were being built we did not create dark alleyways or enclosed spaces which were opportunities for crime. The in-phrase at the time was "design out crime". There is an obvious corollary with that in what you are suggesting. It would be superb if law enforcement and the other key agencies were able to work with industry to look at ways of designing out crime in technology. The big problem with that is market advantage and disadvantage at the moment. Houses have been with us for ages. People have got particular tastes but they are fairly limited. With technology it is moving at such a pace that companies are very worried about leakage of information, market advantage and disadvantage, and it is an issue. If we can get involved in that, then that will be absolutely superb. However, we would need to have the necessary knowledge and expertise to be able to do that. What we are looking for is an individual who is technically very literate and excellent and has also got investigative experience and they are a bit of a rare breed, I have to tell you.


  435. Is it not possible there that you were talking about a type of crime that could have been committed previously without any recourse to the Internet? Coming back to the nature of the relationship between the police and the private sector, reading the paper, I see that you regret that you did not involve the private sector early enough for the Internet Crime Forum. I wonder whether you might care to comment on that and whether you see other areas where perhaps the private sector in the industry could be further involved with you and therefore will willingly come forward to help?
  (DCS Akerman) A small correction if I may. In the Internet Crime Forum we are heavily involved with industry. That was the international conference where we had a series of workshops, which we set out as being designed really exclusively for law enforcement. As that progressed, and this is very much a personal view (which Nigel shares), we regretted not involving industry more in those workshops. As far as the Internet Crime Forum is concerned, we have got an excellent involvement with industry in that. It is an issue that has been taken up by G8.

  436. Not the credit card companies so far?
  (DCS Akerman) No, but we are working there. Nigel is dealing with some of that but there are a couple of initiatives coming up. First of all, there is a DTI initiative called Foresight which is looking at the credit card type of problem in association with industry, the credit card companies and all the cash converter type problems. At G8 they are launching an industry conference in May to try and debate some of these issues. The Americans, who like the whole idea, are following later this year, I think in the autumn (or the fall as they call it) with something very similar.

  437. So things are moving?
  (DCS Akerman) I think they are but we have to understand that it is very easy for me to sit here and give you a wish list and say, "Give me this, give me that. If you did this we would achieve for you wonderful results." We have to be entirely pragmatic and understand some of the problems that industry have as well. For example, if I give you a very quick illustration, we have seen in the newspapers over the years, have we not, about phantom withdrawals from cash machines? We are all rather cynical and we are not sure whether or not it is someone trying to have the banks over or whether it is the banks denying liability. One of the problems faced by the banks is that if they concede that their systems are not as good as they might be, then business evaporates. A good example of that was the Johnson baby food one when there was the thought that some of their food was contaminated. Their sales rocketed downwards instead of upwards. There is a whole range of issues which law enforcement probably appreciate and understand. There is a real need for an excellent dialogue among everybody to make sure that we are all going that way running with the baton.

Lord Woolmer of Leeds

  438. I want to ask you a question related to privacy. The nature of what is happening is that there is an explosion because of the ease and the low cost with which people can communicate with each other. People expect to be able to communicate privately. Because that has exploded exponentially, the number of absolute events of crime increases but not necessarily as a percentage of the actions of communication. I must confess to some unease about the logic of saying that to be able to combat a rising absolute number of criminal activities that is in some way going to change the relationship between privacy and communication. The nature of the communications that have started to happen are more impersonal than letters and telephone calls where one might get a sense that one's phone call is being tapped or letters being opened, but you have no idea if your electronic communication has been read. I have to say that I have a concern about the logic that there is this problem which I do not find quantified today, and I heard you say that it is difficult to quantify it, and that that may lead to police authorities feeling that they must in some way intrude upon privacy in a way which they would not dream about because technically you have got to intrude if you have got any hope at all. There is a certain Catch-22 here. How would you respond on that? As a politician with a small "p", I feel there is a recognition that there is a problem here but equally the means of communication is impersonal and that could lead to very serious concerns with people on privacy if they feel that the agencies tap in in order to be able to follow crime. What are the protections for the individual?
  (DCS Akerman) The law.

  439. Globally. Your point about the law is that nobody knows who is tapping and where. You used tapping into Spain as an analogy, that the Spanish might not accept it. Could somebody in Nicaragua tap into communications in Britain?
  (DCS Akerman) I think, with the greatest respect, you have slightly misunderstood what I was saying when I used the Spanish example. As far as law enforcement in this country is concerned, we are with you 100 per cent in terms of the right to privacy of the individual, and what we are not suggesting under any circumstances is that that should be breached willy-nilly in order to satisfy the whim of law enforcement in any range of issues unless there is a clear reason to do so. What I am saying very clearly I hope is that on those occasions where there is a very clear and demonstrable reason why we should do so we ought to be able to do so without too much of a problem. The fact is that if we came to your premises with a search warrant, which we had gone to the court to get and we had had to satisfy the court that we could have it, if in your house you had a locked safe and you refused to give me the combination, is it not somewhat ludicrous that I have a warrant to search your house and yet that does not extend to your safe?

  440. The argument of the industries for self-regulation tends to imply that they may seek to invade privacy, whereas the official police agencies cannot. Do you think that the various self-regulating industry organisations and companies, to protect their own interests, may, without the kinds of safeguards that you would have to go through, invade people's privacy in order to ensure their own commercial security? Does that happen currently? What is your view?
  (DCS Akerman) With respect, you cannot expect me to answer a question on behalf of industry. What I will say is this. Technology is such these days that very few of us are anonymous and there is a plethora of information gathered on us these days which allows all sorts of things to take place. If you take the telephone, for example, the fact is that in order to bill you they have to put in place something which allows them to do so. That in effect is an invasion of your privacy, but there is a perfectly understandable reason for doing it. Yes, it is like anything. Everything is open to abuse. The beauty of this country of course is that there are so many checks and balances to challenge that. The problem is that I am not sure that everyone understands the whole range of issues presented by technology itself. Here is another quick example for you. Your children are probably more computer literate than you. What happens? Where is the computer put? It is put in the bedroom because Mum and Dad do not understand it, whereas in fact it should be in the communal areas so that Mum and Dad can see what is going on. That is another illustration of the importance of making everyone aware of technology and educating them in what it can do. Too many of us are technophobes and do not want to know.

  Baroness O'Cathain: This Committee is different.

  Chairman: We have a lot more people who would like to ask further questions, but I regret that time has run out. On behalf of the Committee I would like to thank you very much indeed again for the paper which you have put to us and for being so open and honest with us in your answers. If there are points which on reflection you would like to reiterate or if there are new ones you would like to put to us, please feel free to e-mail the Clerk. Thank you very much indeed.

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2000