Policing the Internet
8.25. We recommend that the Government introduce
amendments to the criminal law, explicitly to criminalise the
sale or purchase of the services of a botnet, regardless of the
use to which it is put. (7.74)
8.26. We recommend that the Government, in partnership
with the Association of Chief Police Officers and the Serious
Organised Crime Agency, develop a unified, web-based reporting
system for e-crime. The public face of this system should be a
website designed to facilitate public and business reporting of
incidents. The back-end software should have the capacity to collect
and collate reports of e-crime, identify patterns, and generate
data on the incidence of criminality. The website could also serve
as a portal to other more specialised sites, for instance on online
child abuse or identity theft. It would be an invaluable source
of information for both law enforcement and researchers. (7.75)
8.27. As a corollary to the development of an
online reporting system, we recommend that the Government review
as a matter of urgency their decision to require online frauds
to be reported to the banks in the first instance. We believe
that this decision will undermine public trust in both the police
and the Internet. It is essential that victims of e-crime should
be able to lodge a police report and have some formal acknowledgement
of the fact of a crime having been committed in exchange. We see
no reason why such reports should not be made online, processed
and forwarded to the banks automatically. (7.76)
8.28. If these recommendations are to be acted
upon, the police service will need to devote more resources to
e-crime. We acknowledge the good work undertaken by SOCA and on
behalf of ACPO, but within the police skills and forensic capability
still vary from force to force. While it is vital to raise police
skills across the board, rather than just those of specialists,
"mainstreaming" is only part of the answer. We therefore
recommend the establishment of a network of computer forensic
laboratories, under the aegis of the proposed ACPO national e-crime
unit, but with significant central funding. (7.77)
8.29. We further urge the Home Office, without
delay, to provide the necessary funds to kick-start the establishment
of the Police Central ecrime Unit, without waiting for the private
sector to come forward with funding. It is time for the Government
to demonstrate their good faith and their commitment to fighting
e-crime. (7.78)
8.30. These recommendations will all cost money.
But e-crime is expanding rapidly: the choice is either to intervene
now to make the necessary investment, and perhaps to keep the
threat to the Internet under control, or to let it grow unchecked,
and risk an economically disastrous, long-term loss of public
confidence in the Internet as a means of communication for business
and Government alike. (7.79)
8.31. We urge the Government to fulfil its commitment
to ratify the Council of Europe CyberCrime Convention at the earliest
possible opportunity. At the same time, in order to ensure that
the United Kingdom fulfils the spirit as well as the letter of
Article 25 of the Convention, we recommend that the Government
review the procedures for offering mutual legal assistance in
response to requests for help from other countries in investigating
or prosecuting e-crime. (7.80)
8.32. Finally, we recommend that the Government
take steps to raise the level of understanding of the Internet
and e-crime across the court system. In particular:
- In the context of the prevalence
of identity theft and online card fraud, we urge the Government
to issue new guidance to the courts, including magistrates' courts,
on the reliability of unsupported credit card evidence as an indicator
of guilt;
- We recommend that the Government review the availability
to the courts of independent specialist advice in cases of Internet-related
crime;
- We believe that the sentence should fit the crime.
The nature of e-crime is such that mostly (but not exclusively)
small crimes are committed in very large numbers; they also generally
involve a high level of intrusion into personal life. Sentencing
guidelines should be reviewed in recognition of these realities.
(7.81)