Select Committee on Science and Technology Minutes of Evidence


Examination of Witnesses (Questions 1032 - 1039)

WEDNESDAY 25 APRIL 2007

COMMANDER SUE WILKINSON, MR BILL HUGHES AND MS SHARON LEMON

  Q1032  Chairman: Thank you very much for coming to give evidence to us. This is the House of Lords Select Committee for Science and Technology and this is in fact our final evidence session, at least as presently planned for this inquiry, which we have been conducting for several months. We very much appreciate you coming to talk to us. Welcome to members of the press and the public who are here. I assume you have picked up the documents that tell you what the Committee's mission is here. Perhaps we could start with our witnesses introducing themselves please.

Ms Lemon: My name is Sharon Lemon. I am the Deputy Director of the Serious and Organised Crime Agency and the Head of e-Crime. Formerly I was the Head of the National High Tech Crime Unit and before that the Head of the Paedophile On-Line Investigation Team. On the first of April last year I handed the ACPO lead to Commander Wilkinson, SOCA not being a law enforcement agency. I chair the National e-Crime Strategy Group and chair the steering group for Get Safe On-Line.

  Mr Hughes: I am Bill Hughes. I am the Director General of the Serious Organised Crime Agency which actually is a law enforcement agency, not a police agency. Prior to that, I was the Director General of the National Crime Squad. The National Crime Squad and the National Criminal Intelligence Service are part of Customs and Excise, as it then was, part of the Immigration Service and were brought into SOCA at the beginning of April 2006 so we have just had our first anniversary of working.

  Commander Wilkinson: I am Sue Wilkinson; I am a commander in the Metropolitan Police. I have the lead for e-crime in the Metropolitan Police but also last April I took over the ACPO national lead within ACPO forces for e-crime. I also, within the Metropolitan Police, have responsibility for fraud and economic crime et cetera which is closely allied to e-crime. I chair the Internet Crime Forum and I run the ACPO working group on e-crime.

  Q1033  Chairman: Thank you. Is there anything you would like to say in an opening statement?

  Mr Hughes: No, I do not think so except perhaps to say that when the National Crime Squad was abolished and SOCA started there was a change over obviously from what was a specialist unit within the National Crime Squad which was the National High Tech Crime Unit and that has moved into a different approach within SOCA. Some people would see that that showed a lack of interest in e-crime; the reverse is the case. SOCA went to a situation where we have a unit now called e-Crime which Sharon heads which devotes itself to that type of criminality. The issues around paedophilia on-line went into a separate unit called CEOP combating child exploitation and on-line protection which is an affiliated unit to SOCA. We marshalled our resources in a better way in order to be able to deal with e-crime issues and at the same time working with the Metropolitan Police and ACPO have started to look at ways in which we can make sure that we spread that right across the piece in a continuum rather than simply having different squads dealing with issues.

  Q1034  Chairman: That leads into my first question which is a very general one which is: is there such a thing as e-crime? What I am really leading to is whether e-crime should be formally defined and, if so, how should we go about that?

  Ms Lemon: We have defined it as two specific areas. Firstly the type of crime that can now be committed because technology exists which formerly could not be committed; I think that is definitely e-crime because without the technology those crimes could not be committed. More commonplace now is traditional crime moving on-line in the virtual environment, traditional criminals using and exploiting technology; that is traditional crime using technology. That is where we need to mainstream the issues more because I think the problem with policing is that anything involving a computer or the slightest bit of technology is put into a specialist bracket and it is confusing the issue and leaving a smaller number of specialist resources dealing with what is traditional crime. So we have a clear definition; we have type A and type B where we are talking about technology that enables this crime to exist. Normally traditional crimes, even so, the denial of services attacks, is just current day extortion; phishing is just current day fraud, and then there are traditional crime types. I think there is definitely an e-crime but the biggest part of the issue is that all the crimes that are exploiting technology just make it much easier to commit the crime.

  Q1035  Chairman: Do you think you are now in a position to start gathering statistics and setting targets for yourselves on e-crime?

  Ms Lemon: I would not be so bold as to say that we are anywhere near gathering statistics at the moment. We can certainly look at the evolution of e-crime which has been well documented from the people committing the crime just because they could for kudos, to now people exploiting the type of crime because of the revenue that comes with it. There is a very quick scale and reach. We see traditional criminals committing their crime on-line but I do not think I would be so bold as to say that I would be able to give you an estimate of what it looks like in the UK at the moment.

  Q1036  Chairman: Are you trying to move towards a situation where you can gather statistics?

  Mr Hughes: If I may answer that question in a different way, that is the point that Sharon has made is that whilst these are often old crimes committed with new techniques, the issue is how do you deal with them. It is not so much a matter of how you record them or how you see them as crimes per se for investigation, it is how best to deal with them. I think that is the issue that we all need to be thinking about now. The way it is done is often because this is a global issue. This is not just happening inside the UK so expecting UK law and enforcement necessarily to pick up on it and to be able to deal with it on its own is not feasible. There need therefore to be global alliances; we need to be able to work with our colleagues in other countries in other parts of the world. There needs to be another way of actually pulling the information together. People simply coming into police stations to report the crimes is going to end up with an uncoordinated approach across the whole of the United Kingdom and outside. What we need are better ways of gathering the data about what is actually happening so that with our colleagues in the private and public sector who are helping with that—we will probably come onto that later—there are ways of building up crime pattern analysis which can help us to attack and deal with what is happening there rather than investigating each individual case one its own. This is very much the way that SOCA is trying to deal with serious organised crime per se and the way that the police service is also picking up on dealing with crime pattern analysis and taking out the root cause rather than addressing the symptoms. This is a classic example where we need to change the way that we work as law enforcement.

  Commander Wilkinson: Obviously I am sitting here representing the 43 police forces of England, Wales and Northern Ireland and I would certainly hope that by the end of this session the Committee has clarity around how the 43 police forces of England, Wales and Northern Ireland will work seamlessly with the Serious Organised Crime Agency in tackling what is a crime that is very, very difficult to define geographically and in terms of numbers of victims and geographic location of the crime is almost impossible to really pin down or define. When I took over the national portfolio on e-crime we reassessed the old ACPO definition of what was then high tech crime and we redefined it and made it much simpler. The ACPO definition of e-crime (it may be helpful for you to know it sits comfortably with the SOCA definition) has been agreed as the use of networked computers, telephony or Internet technology to commit or facilitate crime. That is clearly very, very wide indeed. When we are looking at e-crime we have to look at it from being solely an e-crime, if you like—such as a denial of service attack, for example—right the way through to traditional crime such as fraud or kidnap or any other traditional crime during the commission of which technology comes into it, whether it is the use of text messaging or actual money laundering through computers or the use of mobile phones, et cetera. The definition is incredibly wide because it has to be so that we can pull everybody into the fight against e-crime and we can mainstream it. It does also make it incredibly difficult to count the number of so-called e-crimes that have actually taken place.

  Q1037  Chairman: Is there evidence that conventional crime is being displaced by e-crime? Is it apparent to you that you can shift resources now? You do not necessarily need new resources but you need to shift resources and re-train people.

  Mr Hughes: There are two issues there. There is clearly evidence that we are seeing serious organised criminals working in an area which is new to them. As always these are entrepreneurs who go where the rewards are high and the risks are low. They are looking at ways in which they can move into new areas of criminality. In terms of law enforcement, we also have to look at ways in which we train and restructure ourselves and resource ourselves better. E-crime is a classic example. What we need from Sharon is very much a specialist area of enforcement understanding, but if you just parcel this off into separate squads or separate units within law enforcement then you are missing the trick. The trick we have to make sure people realise is that this is going to be the way of the future. We have to mainstream it so that the detectives, investigators or law enforcement agencies are starting to think about how this impacts upon the type of investigations they are dealing with. It is as simple as, for example, every time we deal with serious organised crime there will be a laptop, a PDA, a telephone or some very complex piece of kit and we need to have the understanding of how this can be used and, more importantly, how evidence can be gained from that technology in order to prosecute our cases or to gather the knowledge and information we need to be able to attack the source.

  Commander Wilkinson: I totally echo that. I think from the point of view of the police forces we need to raise the level of awareness, understanding and capability across all officers; uniformed constables for example and detectives will need to have a higher level of capability and skill so that everybody has some awareness and capability in terms of investigating e-crime and there are certain types of e-crime that are so specialist that there will need to be specialist units to deal with those. I would echo entirely the point that it needs to be mainstreamed because this is the way we live now and it is a developing way that we live now and so it is important not to try to shift everything into specialist units but to raise the level of awareness and capability right the way across the board.

  Q1038  Lord Mitchell: Perhaps it is appropriate that as we speak the Serious Crime Bill is going through our House and we may have to go and vote a few times on it. One of the issues we have looked at quite a bit in our deliberations is whether the legal framework for investigating and prosecuting e-crime is sufficient. Do you feel it is sufficient and are there any gaps that need to be plugged?

  Ms Lemon: As far as I am concerned in the UK I do not think there are any significant gaps. I would not want to make legislation overly complex—and this goes back to the mainstreaming part—as long as recognition is made in forthcoming legislation of the need to include technology and it is a neutral bit of legislation that would incorporate what we need to achieve. Where it is difficult for us is in the international space where legislation in different countries can cause problems. The current procedures for sharing information and intelligence can be extremely sluggish and sometimes we work despite those arrangements, so that would be a problem I would like to raise.

  Commander Wilkinson: I think for me the Computer Misuse Act, the latest Fraud Act and existing legislation is proving entirely adequate to incorporate the issue of e-crime into it in terms of investigation, evidence gathering and prosecution. However, the issue of the international nature of e-crime is probably our biggest challenge and investigations can fall down because of the fact that legislation does not really cover the international challenge. We cannot prosecute offences that are committed abroad, for example, and criminals can exploit that by originating the offence abroad.

  Mr Hughes: If I may add just one further point, that is the question about the prosecution as well. Of course much of this revolves around how we present cases in court and the abilities of the courts in the UK particularly to receive particularly complex information from IT investigations or the way it is presented is difficult. This is no fault of the courts; this is simply that we are living in a fast moving world and perhaps one of the things we should be thinking about is how better we can present the case in court so that judges and juries better understand exactly what is being presented there. In the same way that you have a technological advisor here it may be useful to do the same in some of the courts when we are dealing with some of these cases.

  Q1039  Lord Mitchell: On that sort of related issue, would it be feasible for a computer used to commit a crime to be brought out in court and sentencing in a manner in some ways analogous to the aggravating factors of bringing out a gun for other types of crime?

  Mr Hughes: That is an interesting question. You referred just now to the Serious Crime Bill that is going through your House at the moment, and there may be some prevention orders in there that we might like to think about as examples of what we could do with those who had such criminality. There is no doubt we could use that effectively.


 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007