faculty of arts, postgraduate studies for the ma … · faculty of arts, postgraduate studies ......
TRANSCRIPT
Managing Cyber Crime: an Assessment of Canadian Law Enforcement Responses
By Cathy F. Maltais
Thesis submitted to the Faculty of Arts, Postgraduate Studies In partial fulfillment of the requirements
For the MA degree in Criminal Intelligence
Faculty of Arts Charles Sturt University, Australia
© Cathy F. Maltais, Canada, October 2005
The cyber battlefield is real. It’s a place where computers are used instead of guns, data packets instead of bullets, and firewalls are used instead of barbed wire.
Richard Tracey
Cathy F. Maltais Page 2 11/23/2005
CHAPTER 1..........................................................................................................5 Problem Definition________________________________________________ 6 Purpose and Justification of Study ___________________________________ 7 Methodology ____________________________________________________ 8
Qualitative Interviews.......................................................................................8 Qualitative – Surveys .........................................................................................9 Qualitative – Literature Reviews ......................................................................11 Quantitative – Content Analysis .......................................................................12
Analysis ______________________________________________________ 12 Limitations of research and study ___________________________________ 12 Definitions_____________________________________________________ 13
CHAPTER 2........................................................................................................15 Introduction____________________________________________________ 16 History of Cyber Crime ___________________________________________ 17 Definition of cyber crime __________________________________________ 18
Cyber Crime Definitions ...................................................................................19 International Definitions ...................................................................................22
Types of Cyber Crime____________________________________________ 23
Child Pornography and Luring .........................................................................23 Cyber Stalking/ Harassment ............................................................................23 Identity Theft ....................................................................................................24 Spoofing and Phishing .....................................................................................24 Dissemination of Offensive Materials...............................................................25 Cyber Terrorism...............................................................................................25 Spamming........................................................................................................25 Computer Viruses ............................................................................................26 Hacking............................................................................................................27 Denial of Service Attacks .................................................................................27 Piracy...............................................................................................................28 Fraud ...............................................................................................................28
CHAPTER 3........................................................................................................31 Statistics in Canada _____________________________________________ 32
CHAPTER 4........................................................................................................35 Prevention efforts in Canada ______________________________________ 36
Cathy F. Maltais Page 3 11/23/2005
CHAPTER 5........................................................................................................42 Training_______________________________________________________ 43
Cyber Crime Training in Canada......................................................................43 Cyber Crime Training Internationally................................................................47
CHAPTER 6........................................................................................................56 Assessment of Canadian legislation _________________________________ 57
Punishment / sentencing..................................................................................60 Legislative Resources in Canada.....................................................................62
International Legislation __________________________________________ 64
Legislation in other countries ...........................................................................67
CHAPTER 7........................................................................................................71 Analysis of Law Enforcement Reactions______________________________ 72
Ontario Provincial Police (OPP) ......................................................................72 Sureté du Québec (Quebec Provincial Police)................................................73 Royal Canadian Mounted Police......................................................................73 Public Safety and Emergency Preparedness Canada .....................................75 Level of Priority in Canadian Police Services...................................................77 Who should counter cyber crime in Canada? ..................................................80 Is Canadian Law Enforcement Well Equipped to Fight Cyber Crime?.............81 Addressing Cyber Crime..................................................................................83
Conclusion ____________________________________________________ 87
Summary of Recommendations.......................................................................88 APPENDIX A – CONSENT FORM __________________________________ 94 APPENDIX B – SURVEY _________________________________________ 95 APPENDIX C – POLICE SERVICE SURVEY RESPONDENTS BY PROVINCE _____________________________________________________________ 99 APPENDIX D COURSES AT THE CPC____________________________ 100 APPENDIX E – ATLANTIC POLICE ACADEMY CYBER CRIME COURSE _ 106 REFERENCE LIST _____________________________________________ 107
Cathy F. Maltais Page 4 11/23/2005
Certificate of Authorship
I hereby declare that this submission is my own work and that, to the best of my knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the award of any other degree or diploma at Charles Sturt University or any other educational institution, except where due acknowledgment is made in the thesis. Any contribution made to the research by colleagues with whom I have worked at Charles Sturt University or elsewhere during my candidature is fully acknolwedged.
I agree that this thesis be accessible for the purpose of study and research in accordance with the normal conditions established by the Executive Driector, Library Services or nominee, for the care, loan and reproduction of theses.
Cathy F. Maltais Canada
October 2005
Cathy F. Maltais Page 6 11/23/2005
Problem Definition
There have been numerous technological advancements over the last decade.
These advancements, while of immense benefit for the population, have also
brought opportunities for criminal activity. Traditional crimes that have been
fought for centuries are now being perpetuated in a different environment, with
different tools, targeting different victims. As technology has been evolving at a
very fast pace, it has become clear that law enforcement and government
officials need to put resources, tools and time in place in order to keep up with
cyber crime instead of merely playing catchup.
As with many other types of crime, each country/nation deals with it in its own
way, but most of the time there are common denominators: legislation,
prevention, enforcement, prosecution and so forth. However, cyber crime is still
relatively new and not every country has laws to prosecute it or found it to be a
priority to train its law enforcement agencies to counter and prevent it from
happening. For example, preliminary research found that countries such as
France, Italy and Lebanon did not have any specific computer or cyber crime
legislation as recent as 2000. As well, countries such as New Zealand, Iran,
Sudan and Vietnam while making progress on adopting legislation specific to
computer/cyber crime, had not implemented anything in 2000. (McConnell 2000)
The question that came to mind was where did Canada fit in this picture in 2005?
In 2003, 64.3% of Canadian households had at least one regular Internet user.
(Statistics Canada 2004). This adds up to a lot of potential victims of cyber
crime, or perpetrators of it. In a country so technologically inclined, is law
enforcement ready and able to face these new types of crimes? Are Canadian
law enforcement agencies adequately resourced and trained for it? Is
appropriate legislation available to support law enforcement officers and
prosecute offenders? Where is cyber crime in the list of priorities of government
agencies? The answers to these questions help draw a portrait of how Canadian
law enforcement is responding to cyber crime.
Cathy F. Maltais Page 7 11/23/2005
Purpose and Justification of Study
After broad literary research through journals, police service business reports
and other sources, as well as communicating with the Royal Canadian Mounted
Police (RCMP), the Canadian Security Intelligence Service (CSIS), Public Safety
and Emergency Preparedness Canada (PSEPC) and the Canada Border
Services Agency (CBSA), it was evident that these questions did not have
accessible published answers. Hence, the aim of this study is to begin to provide
some, at least baseline, analysis or tentative answers to these questions so that
a clearer national picture is available to assess which Canadian agencies are
countering cyber crimes, which are not, and why not. From preliminary research,
it was already clear that there was no national policy provided to municipal law
enforcement agencies on countering, or preventing, cyber crime. Some police
departments do not deal with cyber crime at all, whereas others have
sections/staff dedicated to investigating it or preventative measures in their
jurisdiction. Hence it was important to provide an assessment, in part an audit, of
what different law enforcement agencies are doing in Canada. This was done in
order to provide a more cohesive and assertive response to disrupting this new
trend of crime, as a nation, for the protection of its population.
Statement of Research Objective
“Managing Cyber Crime: An Assessment of Canadian Law Enforcement
Responses.” The objectives of this research are the following:
Discover what the current state of response to cyber crime is in Canada;
Discover the available resources related to cyber crime for Canadian law
enforcement (in the form of human resources, training, legislation);
Discover the level of priority cyber crime has for law enforcement
organizations in Canada;
Establish recommendations for further study and possible improvements to
the state of the response to cyber crime in Canada.
Cathy F. Maltais Page 8 11/23/2005
Methodology
The present paper undertakes both qualitative and quantitative research
methodologies in order to answer specific questions.
Qualitative Interviews
A number of potential interviewees were approached by means of a formal letter
explaining the research purpose and objective and soliciting their participation in
an interview, sent by email. This mode of communication was chosen for two
reasons; firstly to speed up the process and secondly, being that the research
relates to cyber crime, it was thought appropriate that the medium researched
should be utilized as much as possible during the research. The letters were
adjusted for each potential interviewee, based on their field of expertise.
Other requests were made verbally while meeting potential interview candidates
at conferences or within my work environment. The progress of replies was
recorded on a spreadsheet for the duration of the research.
Once participants agreed to participate, they were asked to read and sign a
consent form (see Appendix A), in order to ensure their rights were protected.
When interviews were done in person, they were recorded on a digital voice
recorder when the interviewee gave his/her consent. This type of recording
enabled faster transcription of the interview through computer software, which
transcribes the recording into a transcript in a very short time. Interviews done
by telephone were recorded by note taking, and the ones done by email were
saved electronically.
Interview questions were tailored for each interviewee, based on their work
environment and area of expertise.
Six interviews were done with individuals from Canadian law enforcement
agencies and government departments involved with the field of cyber crime.
Cathy F. Maltais Page 9 11/23/2005
Only one interview was conducted with someone outside of Canada (from
Australia). These interviews were conducted in order to receive educated
opinions and nonpublished data from respondents other than the ones
surveyed. The interviews took place between November 2004 and February
2005. Participant organizations were selected based on their mandates and
involvement with cyber crime. Individuals within the selected organizations were
recruited based on their positions (level of involvement with cyber crime) within
their organizations as well as through personal contacts.
One of the most important interviews (with a highly qualified expert lawyer) had
to be postponed indefinitely as he became ill and had to be on sick leave for an
extended period of time. This interview was not replaced with a colleague from
the same office, as it was the specific knowledge this person holds that was
sought. This knowledge includes years of research and experience related to
cyber crime, which is not applicable to others in the same office.
Qualitative – Surveys
Surveys were sent to municipal police services as well as provincial police
services with questions on priorities, resources dedicated to cyber crime, past,
present and future situations in order to receive current data that would not
otherwise be available by other means.
The questionnaire was designed to avoid biased, directional or offensive
questions. The questionnaire included openended questions to allow
responders to fill in the requested information in their own words as well as
closedended questions, which forced the subject to respond within a specified
listing of possible answers. (see Appendix B)
The survey was Internet based. This was judged to be the most appropriate
medium for conducting the survey. For one, the research is about crimes that
happen in cyberspace, in the electronic environment. Hence, it seemed fitting to
Cathy F. Maltais Page 10 11/23/2005
collect information in this manner from law enforcement personnel who deal with
crimes committed in this environment. It was felt that the responders would have
a level of comfort in responding to a survey in this context. Additionally, an
online survey process proved to be less expensive and less time consuming than
distributing a paper version throughout Canada.
The survey was posted at http://www.project8.ca/CyberResearch. Participants
were able to select the language of their choice (French or English) and simply
press the submit button when they had completed answering the survey.
In order to reach as many participants as possible, a small portion of surveys
were mailed or faxed, as not all law enforcement departments are on the Internet
or have published email addresses at present time.
The progress of replies was recorded on a spreadsheet for the duration of the
research.
56 survey requests were emailed to Canadian police services (municipal and
provincial) on December 20, 2004.
12 nondeliverables responses were received.
2 completed surveys were received initially. A logical explanation for this low
level of response is because of the Christmas holidays. The survey was sent
out even at this date close to Christmas as police services usually function
7/24, 365 days a year. It was resent after the holidays, as response was
very low before Christmas.
A second email was sent out as a follow up on January 31, 2005 to 44 police
services (initial 56 minus the 12 nondeliverables).
19 completed surveys were received.
33 surveys were sent by regular post between January 31 and February 3,
2005, to police services who did not have any published electronic contact
information.
Cathy F. Maltais Page 11 11/23/2005
5 completed surveys were received by mail and/or electronically out of this
mail out.
A total of 26 responses were received (see Appendix C for general geographical
areas of responders). Although there was a potential for 89 responses in total if
we count the paper and electronic requests, the initial targets were the ones with
electronic contact information. Overall, a 29% response rate was experienced.
But the response rate for the targeted electronically was 38%. This level of
response, although lower than 50%, is still a defendable sample in regards to the
objectives of this research. It was later found that many cities were
amalgamated over the last 2 years in the province of Quebec. This means that
up to 5 police services can now be one. This could account for the low response
rate in Quebec (nonresponse from 17 of them; of which 15 were paperbased
sent my regular mail).
Each survey responder was asked if the name of their police service could be
used for referencing purposes in the research. Any responder that indicated that
they did not want their police service named in the research, have not been
named in order to respect their wishes for anonymity. It is important to note that
the quoted views/opinions expressed by all survey responders, are views held by
each individual responder and not by their employer, unless stated otherwise.
Qualitative – Literature Reviews
Literature reviews on Canadian legislation (Criminal Code, the Personal
Information Protection and Electronic Documents Act (PIPEDA), Provincial Police
Acts, etc) law enforcement annual reports and business plans (over 50) and
other literature relevant to the subject were researched.
Cathy F. Maltais Page 12 11/23/2005
Quantitative – Content Analysis
A content analysis of data retrieved from police services records from across
Canada on cyber crime related prevention programs, training courses, statistics,
and resources involved, was also done.
Analysis
Data was assimilated (e.g. transcription of tape recordings, categorizing,
compiling) and then analyzed to detect any trends and answer the questions
posed at the launch of the research.
Limitations of research and study
This study is limited to an analysis of data related to the past and present cyber
crime situation in Canada. Any forecast or predictions on the future evolution of
cyber crime, including new technologies and types of offenders, are not
discussed though this study but may precipitate further discussions on what is
‘over the horizon’.
Many references and data were accessed online and included journals and
government publications. Though in some areas of cyber crime, such as
statistical data on occurrences of cyber crime and prosecutions of cyber
criminals, access to data was problematic as these areas remain under
researched globally, and in Canada.
Another clear limitation of the research was interviews. The interviews cannot be
regarded as sufficiently representative. Firstly, responders were not
representative of the whole subject. Cyber crime touches many different fields of
work and interest, other than law enforcement (such as Finance, Revenue, E
government, etc). The interviews were therefore a mix of many backgrounds,
which is positive as it provided a better understanding of the cyber crime situation
in Canada. But the numbers interviewed were low (7 in total) as they all came
from separate agencies. A larger number of interviewees in each agency would
Cathy F. Maltais Page 13 11/23/2005
have assisted in determining if the information received from the interviewees
was integral to each agency, or only to the person interviewed. It was very
difficult to find several interviewees in each agency, as within most, the number
of employees whose work is dedicated or related to cyber crime is very low,
when existent. The interviewees were selected based on their knowledge of
cyber crime. All asked to remain anonymous since they agreed to the interviews
individually, and not on behalf of the organization they represented.
The answers collected from the survey were solely voluntary; therefore it is
possible that those who responded had a higher interest in the subject, than
those who did not.
Definitions
While most definitions are explained in the body of the research report, certain
terms are more technical than others. A short list of the more uncommon terms
has been included below for ease of reading.
Blogger: Web log is a journal kept on the Internet. This journal is often updated daily and contains all information that the person maintaining the Blog (Blogger) wishes to share with the world. Also applies to websites dedicated to a particular topic and being updated with the latest news, views and trends. (Optymise n.d.)
IP: As in ‘IP address’. Number consisting of 32 bits that is used to identify the host within the Internet. It is specified by numbers of the decimal system (0255) separated by dots (e.g. 195.129.33.1). Each packet contains information about where it was sent from (source IP address) and to which address it is to be delivered (destination IP address). (Glossary n.d.)
Phishing: This term is used to describe a con by sending an email to an end user with the depiction that the email was sent from a legitimate establishment, but the true intent is to gather personal information of the enduser with the intent to use this information fraudulently. (Symmetric Triangle n.d.)
Spam: An inappropriate attempt to use a mailing list, or USENET or other networked communications facility as if it was a broadcast medium
Cathy F. Maltais Page 14 11/23/2005
by sending the same message to a large number of people who didn't ask for it. Mass junk Email. (University of Arizona n.d.)
Spoofing: Spoofing is a technique where source IP address in a packet is faked to make recipients suppose that packets are coming from trustworthy IP addresses. (Glossary n.d.)
Cathy F. Maltais Page 16 11/23/2005
Introduction
The Internet is arguably the most powerful tool since the invention of the printing
press for accelerating a ‘free flow’ of ideas and learning. An estimated 7.9 million
(64%) of the 12.3 million Canadian households have at least one member who
uses the Internet regularly (2003), either from home, work, school, a public library
or another location. (Statistics Canada 2004) Canada is one of the most
sophisticated users of information and telecommunication technologies in the
world. Canadians rely on computerized systems in many facets of their daily life,
from transportation and communications, to health care and commerce. While
these technologies confer numerous advantages, their illicit use results in
complex security challenges. (PSEPC 2003) This has created a group of
crimes, commonly referred to as cyber crime, which includes new types of crime,
and old ones committed in new ways. One of the main fears regarding
technology and crime is the much wider availability of contact, and thus available
pool of victims, which is possible through the use of telecommunication and
Internet technologies.
Technology has also permitted individuals involved in criminal activities to
conduct such activities with reduced chances of detection. The technologies
facilitate the production, storage and retrieval as well as transmission of material
very quickly and unobtrusively. Encryption software is becoming increasingly
sophisticated but at the same time also increasingly userfriendly.
The speed at which Internet access is becoming available is growing
exponentially. The Internet as it is known today was created barely a decade
ago. In 1989 there were only 100,000 computers connected to the Web. Today, it
is estimated that there are 300 million around the world. Globally, Canada and
the United States account for more than half of cyberspace users (56%). In fact,
they outstrip Europe considerably (24%) as well as Asia and the Pacific (17%).
(DoJ 2002, p.5)
Cathy F. Maltais Page 17 11/23/2005
However, the majority (60%) of Canadians don’t believe enough is being done to
protect Internet consumers from cyber crime, and half (52%) feel threatened.
Seven in ten (72%) say cyber criminals have less of a chance of being caught
than a criminal in the ‘real world’ and half (47%) believe that cyber crime will
become more serious. Only a quarter (24%) of Canadians believe enough is
being done to protect Internet consumers against cyber crime. (Ipsos 2001)
It is because of statistics like these that it is important to assess the cyber crime
situation in Canada. Not only do the statistics show that there are a rapidly
increasing number of people connected to the Internet, it shows there are an
increasing number of potential victims. The pool of potential offenders is also
growing. All of the above suggests that it is even more critical to have an
assessment of Canadian law enforcement responses in order to establish if
Canada is well equipped to counter cyber crime.
History of Cyber Crime
It is difficult to determine when the first crime involving a computer actually occurred. The computer has been around in some form since the abacus, which is known to have existed in 3500 B.C. in Japan, China and India. In 1801 profit motives encouraged Joseph Jacquard, a textile manufacturer in France, to design the forerunner of the computer card. This device allowed the repetition of a series of steps in the weaving of special fabrics. So concerned were Jacquard’s employees with the threat to their traditional employment and livelihood that acts of sabotage were committed to discourage Mr. Jacquard from further use of the new technology. A computer crime had been committed. (O’Brien n.d.)
Certainly all crimes strictly related to the Internet can only be as old as the
Internet is, but crimes such as fraud and embezzlement perpetrated with the help
of a computer have clearly been around for some time. August Bequai wrote a
book, ‘Computer Crime’ in 1978. In the book’s preface, Bequai provides us with
a brief reminder that computer crime has been around for decades. Though more
Cathy F. Maltais Page 18 11/23/2005
importantly, in the excerpt from the preface below, Bequai also provided an early
warning in 1978 of what would happen if law enforcement did not evolve at the
same rate as technology and it’s illicit exploitation.
Like gunpowder, the computer is here to stay. Its positive impact has been immense, and will continue to grow with time. However, on the negative side of the ledger, the computer enables a small group of individuals to steal sums of money that would have the gangsters of the 1920s blush. Computer technology has enabled groups of political zealots or criminals to terrorize cities at the push of a button. A product of the electronic revolution, the computer criminal strikes anywhere and everywhere. […] He represents the criminal of the future. Our laws are challenged by him, and our jurists are left stunned. What makes this criminal more dangerous than any before him is that, should our system of laws fail to meet his threat, he may, in fact, ring the death knoll of our entire system of justice. The stakes are high indeed. (p.xi)
Definition of cyber crime
There has been great deal of debate among experts on what constitutes cyber
crime and identifying terminology which best describes it. Grabosky, Russell and
Urbas (2004) define cyber crime as a term that encompasses ‘any proscribed
conduct perpetrated through the use of, or against, digital technologies.’ (p.6)
The Encyclopedia Britannica defines cyber crime as ‘any use of a computer as
an instrument to further illegal ends, such as committing fraud, trafficking in child
pornography and intellectual property, stealing identities, or violating privacy.’
(2005) This debate is ongoing and there is still no internationally recognized
definition with resulting in cyber crime terms themselves denoting different things
in different jurisdictions. Some of the different terms used as identifiers for this
type of crime are computer crimes, electronic crime, cyber crime, technological
crime and high tech crime. The term cyber crime will be used in this research
report unless otherwise specified.
The debate for a uniform definition is not new. Back in the 1970s, when
computer crime was seen as more of an economic/whitecollar crime, Bequai
Cathy F. Maltais Page 19 11/23/2005
(1978, p.3) stated that there was no widely accepted definition of computer
crime. She stated that ‘some authorities define it as making use of the computer
to steal large sums of money. Others include theft of services within this
definition, as well as invasion of privacy. Some take an open approach to the
problem, viewing it as the use of a computer to perpetrate any scheme to defraud
others of funds, services and property.’
Research findings and consultations with many Canadian police services and
government departments show that there is still no standardized definition of
cyber crime in Canada, nor is there a uniform usage of the term.
There are a number of definitions and expressions used by Canadian law
enforcement, government and private organizations to refer to cyber crime. The
RCMP speaks of cyber crime as technological crime whereas PSEPC refers to it
as high tech crime.
Cyber Crime Definitions
The definition used for the purposes of this research, its interviews and surveys
is the one utilized by PSEPC since they provide policy leadership and deliver
programs and services related to national security and emergency management,
policing, law enforcement and borders, corrections and crime prevention, in
Canada. They also ensure policy consistency among the six agencies that report
to the Minister (RCMP, CSIS, CBSA, Canada Firearms Centre (CFC),
Correctional Service of Canada (CSC) and National Parole Board (NPB)).
PSEPC defines cyber crime in two separate categories, while referring to it as
hightech crime.
The first category of hightech crimes is ‘traditional crimes’ that are now being committed with the use or aid of a computer. This includes computerassisted crimes such as money laundering, the distribution of child pornography, the sale of illegal drugs, Internet fraud, illegal gambling, and hate propaganda. In addition, new technologies can also be used to shield, store or communicate criminal/terrorist activities.
Cathy F. Maltais Page 20 11/23/2005
The second category of hightech crime includes crimes directed against a computer or a computer network itself, or "pure" hightech crime. Pure hightech crime include such offences as unauthorized use of computer systems (e.g. hacking) and mischief in relation to data (e.g. denial of service attacks and virus transmission). (PSEPC 2003)
However, in the cyber crime law enforcement community, as discussed earlier,
major domestic and international players continue to define cyber crime
differently. The fact that definitions are different means there are different crimes
they point to, which prohibits adequate statistical gathering and increases
international and domestic miscommunications, as two parties may not be
referring to the same thing when discussing cyber crime.
The following definitions will serve to highlight the several differences in
definitions from various public and private organisations in Canada.
The RCMP says of technological crime that it refers to the use of computers or
other hightech equipment in the commission of a criminal act. Examples might
range from the personal possession of digitized child pornography on a home
computer to attacks on whole networks of interconnected computers. (RCMP
n.d.a)
Foreign Affairs Canada’s (FAC) definition goes one step further from PSEPC’s
interpretation of cyber crime. They agree that cyber crime ‘consists of specific
crimes dealing with computers and networks (such as hacking) and the
facilitation of traditional crime through the use of computers (child pornography,
hate crimes, Internet fraud).’ (FAC n.d.) But, in addition to cyber crime, they add
computersupported crime, which covers the use of computers by criminals for
communication and document or data storage. While these activities might not
be illegal in and of themselves, they are often invaluable in the investigation of
actual crimes.
The Information Technology Association of Canada (ITAC) defines cyber crime in
two broad categories, as PSEPC does. ‘Conventional crimes that have come to
Cathy F. Maltais Page 21 11/23/2005
involve the use of computers, e.g., plotting a murder, distributing pornography
plus theft of electronically stored data and information. Some crimes, such as
money laundering, have been so amplified by Internet technology that they have
become almost qualitatively different. New crimes specifically related to
computer technology and the Internet, e.g., hacking or defacing websites,
creation and malicious dissemination of computer viruses.’ (ITAC 2000)
As the PSEPC definition is the one used for this research, an initial survey
question asked police services if they agreed with it. The majority of police
services surveyed agree with the PSEPC definition of cyber crime (see table 1).
For example, survey responder 7 from an Alberta police service believes that the
public views computer crime as part 1 of the PSEPC definition while the
corporate community would more likely view part 2 as more applicable. This is
an interesting theory. People are more aware of what hurts them directly; for
example, online child pornography for parents, financial loses due to hacking for
corporate CEOs.
PSEPC Definition of Cyber Crime
92%
8%
Agree Don't agree
Table 1
The reason the PSEPC definition is highly agreed upon is possibly because it
includes both categories of offences that can be perpetrated with, or with the
assistance of, computers and the Internet. It separates traditional crimes from
new crimes. This enables everyone to identify with the definition whether they
Cathy F. Maltais Page 22 11/23/2005
deal with online child pornography, or hacking and viruses. And the definition, in
a sense, helps to provide a common operational language for most of those
involved in law enforcement’s response to cyber crime.
International Definitions
Internationally, in the Council of Europe’s Convention on Cybercrime (spelled in
one word in the treaty), cyber crime is used as an umbrella term to refer to an
array of criminal activity including offences against computer data and systems,
computerrelated offences, content offences and copyright offences.
Researchers in the Australian Institute of Criminology also agree with the PSEPC
idea that there are new crimes due to technology as well as old crimes
committed in new ways, but this is in reference to hightech crime, not cyber
crime. They state that any crime can be considered ‘high tech’ when a computer
or other piece of technology plays a significant role in the commission of the
crime. (AHTCC 2003)
As long as there is no consistent definition of cyber crime, in Canada and
internationally, it will be difficult to maximize the potential for crossjurisdictional
cooperation. More importantly, inconsistencies in definitions also impact on how
cyber crime legislation is drafted and the ability of law enforcement to derive
consistent statistics collection as different jurisdictions refer to different types of
crime when they use the terminology ‘cyber crime’, or any of its derivatives. For
example, Canada does not use the term ‘cyber’ in its legislation. Existing
Canadian legislative powers, such as the Criminal Code, have been modified by
adding new types of crimes or ways to commit them; they have not introduced
new acts to prosecute cyber crime like other countries have, such as Australia
and Nigeria. In the Australian CyberCrime Act, cyber crimes do not include crime
identified in part 1 of the PSEPC definition (child pornography, etc).
Cathy F. Maltais Page 23 11/23/2005
Types of Cyber Crime
There are numerous offences and actions that are considered to be cyber crime
globally. A list of offences is attached to each different definition. The word
action is used here because not all actions referred to are offences in all
jurisdictions. Below is a list of the most common offences and actions identified
through research.
Child Pornography and Luring
Pedophiles use the Internet to exchange pornographic images of children. They
also use newsgroups and chat rooms as meeting places between them and/or to
lure children. Pedophiles who used to be isolated can now find victims without
leaving the security of their own homes.
Canada has created new offences to target criminals who use the Internet to lure
and exploit children for sexual purposes and to transmit, make available, export
and intentionally access child pornography. There are numerous examples of
this illicit activity all over the world from single pedophiles to clusters of them.
One example is the ‘Wonderland Club’. ‘The club was an international ring of
180 pedophiles that eventually had over 750 000 images of children and babies
and 1800 computerized videos of children suffering sexual abuse seized by the
police.’ (Lilley 2002, p.99) There were 1263 children involved. Unfortunately, the
Wonderland Club is just one example out of many.
Cyber Stalking/ Harassment
Many people meet each other online through chat rooms, forums, newsgroups
and so forth. Virtual acquaintances might give some of them the sense of having
a relationship with someone, although there has been no physical contact. ‘By
enabling human interaction without the constraints of physical barriers and with
the perception of anonymity, the Internet has become the ideal instrument for
individuals who wish to intimidate, threaten, and harass others.’ (FBI 2003)
The term cyber stalking has emerged to describe the use of such technology to
harass or stalk. Cyber stalking is defined as the repeated use of the Internet, e
Cathy F. Maltais Page 24 11/23/2005
mail, or other related digital electronic communication devices to annoy, alarm, or
threaten a specific person or group. (FBI 2003) There are a number of ways for
someone to be cyber stalked. One example is when fake ads are posted on the
Internet, providing personal information (name, address, photos) of a victim and
stating that the victim is seeking partners for sexual fantasies, such as rape. The
victim then receives phone calls, emails, visits from men who are responding to
the fake ad, and eager to fulfill the supposed fantasies. This can quickly escalate
into physical harm.
Identity Theft
There are criminals who construct mimic sites to lure customers of online
banking and other forms of electronic payments into accessing fake sites rather
than the original. These sites are designed to fraudulently strip users of their
personal (age, gender, marital status, social insurance number), financial (credit
card, account and banking login numbers), and sensitive (personal and corporate
passwords) information. Spam emails are also ways of fraudulently obtaining
personal information. In the United States, large quantities of personal
information (such as credit reports) are available to anyone for a nominal fee on
the Internet. The Internet has facilitated both the ease of use with which this type
of information can be stolen, and used.
Spoofing and Phishing
The action of constructing a mimic site is referred to as spoofing or phishing.
Spoofing refers to the technique used to gain unauthorized access to computers
by sending messages to a computer with an IP address indicating that the
message is coming from a trusted host when, in fact, the website has been
duplicated for fraudulent purposes. Phishing refers to the act of sending emails
to users falsely claiming to be trusted enterprises in an attempt to gather
personal, financial and sensitive information. Often, the emails contain a subject
and message intended to alarm the recipient into taking action. Users are then
sent to spoofed websites. (PSEPC 2004) An example of spoofing is an email
Cathy F. Maltais Page 25 11/23/2005
claiming to be from a system administrator requesting users to change their
passwords to a specified string and threatening to suspend their account if they
do not do this. The perpetrator then has the password to access the user’s
accounts.
Dissemination of Offensive Materials
There is an abundance of content on the Internet which is considered by some to
be objectionable. Well known examples include, among much else, sexually
explicit materials, racist propaganda and instructions for the fabrication of
incendiary and explosive devices. (Graycar 2000). Some of this is illegal in
certain countries, although thought to be merely offensive in others. In Iran, for
example, it is illegal to criticize the government online; whereas in western
countries such as Canada this is perceived as free speech and is clearly legal.
Cyber Terrorism
Terrorists have proven skillful at online marketing, adept at drawing out data
offered by the billionsome pages of the World Wide Web. There are also
countless examples of how terrorists use this new medium to deliver threats and
to disseminate horrific images, and to communicate with others involved in
terrorism. Just like anyone, terrorists can learn about schedules and locations of
targets such as transportation facilities, nuclear power plants, public buildings,
airports and ports, and even counterterrorism measures from the Internet. The
Internet also provides terrorists with a cheap and efficient way of networking,
which not only allows them to recruit new people, but also plan and organize
specific attacks. The most feared attacks are those against power and nuclear
plants, financial systems, attacks that would cripple governmental and private
critical infrastructure.
Spamming
‘Spam refers to unsolicited email, mostly commercial, advertising a product or
service that is mass mailed to thousands of email addresses at a time, filling
people’s Inboxes. Spam does not refer to legitimate commercial email for which
Cathy F. Maltais Page 26 11/23/2005
consumers have given their consent. Spam is often a source of scams, viruses
and offensive content.’ (Stop Spam Here n.d.)
Although not a crime in Canada, spamming is a major problem and takes up
valuable time and increases costs for consumers, business and governments.
Although the spamming itself might not be illegal, the consequences and/or
content of many spam emails are fraudulent. Legislative and policymaking
bodies across the world are studying this Internet action. In 2004, the U.S.
established the AntiSpam Act and Australia the Spam Act. In Canada, the
Minister of Industry established a Special Task Force on Spam in May 2004 to
oversee the implementation of a comprehensive action plan to reduce the
volume of unsolicited commercial email. While the Task Force is still consulting,
early consultations had most key stakeholders asking for current legislation, such
as PIPEDA, to be adapted to counter spam.
Computer Viruses
The spreading of viruses is another form of cyber crime. An example of this is
with the lovebug virus, which crippled at least 45 million computers worldwide
and caused billions of dollars worth of damage. (BBC News 2001) A computer
virus is program code, which can attach itself to other programs and corrupt data
and damage hardware. In addition to infecting other programs, the virus may
damage data by way of Data Diddling, Trojan Horses or Logic Bombs. A virus
may do nothing more than temporarily interrupt the computer service to display a
message on the screen, or it may bring down the infected computer system.
Software or hardware containing a virus can come from many sources such as
public domain software, bulletin boards, the Internet, computer club software, a
friend or colleague's diskette, or commercial packages that have been tampered
with. (RCMP n.d.b)
Cathy F. Maltais Page 27 11/23/2005
Hacking
Hackers form the first breed of criminals to take advantage of technology to
further their needs. There are several types of hackers in cyber space. For
example, there are recreational hackers, which may appear relatively benign.
Many are attracted by the challenge of gaining access to a system and showing
up failings in the company's security. But they can still cause damage that result
in a financial loss for their victims. There are criminalminded hackers whose
motives may include financial gain, sabotage or revenge. There are political
hackers who are political activists, sometimes called hacktivists. This type of
hacker often defaces web sites in an attempt to put across their message and
discredit their opponents. In May and June 1999, numerous American web sites
were attacked and defaced. Targeted sites included the U.S. Senate, U.S. Army
and other U.S. government departments. (Lilley 2002, p.19) There are many
other documented cases where unsophisticated hackers have caused significant
damage to computer systems around the world, Mafiaboy being the most notable
Canadian example. Mafiaboy was a 15yearold hacker who crippled several
highprofile Web sites such as cnn.com, amazon.com, eBay and Dell.com. The
sites were bombarded with thousands of simultaneous messages, which
prevented legitimate users from accessing the sites. He also hacked into
computers, many of them located at American universities such as Harvard and
Yale. The highprofile Mafiaboy case raised concerns both in the United States
and Canada about Internet security.
Denial of Service Attacks
Another cyber crime is ‘denial of service’ attack. This is done by a web site being
flooded with data with the intention of making it crash, and preventing legitimate
users from gaining access. It can take hours for the company to regain control,
by which time it may have suffered considerable financial losses. (BBC News
2001)
Cathy F. Maltais Page 28 11/23/2005
Piracy
Software piracy means a loss of potential revenue to the companies that
manufacture games and programs. Programs can be downloaded from the
Internet and copied onto CDROMs. The MP3 format has made it possible to
distribute digital music files via the Internet. Musicians complain that it deprives
them of royalties. ‘Digital technology permits perfect reproduction and easy
dissemination of print, graphics, sound, and multimedia combinations. The
temptation to reproduce copyrighted material for personal use, for sale at a lower
price, or indeed, for free distribution, has proven irresistable to many.’ (Graycar
2000) There is no agreed upon cost of piracy to companies, but many state that it
is in the high millions.
Fraud
Many types of fraud are being perpetrated by the exploitation of the Internet.
Financial scams and getrichquick schemes have been given a new lease on life
on the Internet. For example, the share price of a company can be inflated by
false rumors of a takeover. Online auction sites also offer opportunities for fraud,
with money pocketed and goods not delivered. A credible looking website that
provides no way of checking that the site owner is legitimate may also conceal an
Internet scam. (BBC News 2001)
There are undoubtedly other crimes committed in cyber space, or with its
assistance, and more will most likely come to light as technology continues to
evolve. There is already evidence of telecommunications equipment being used
to facilitate organized drug trafficking, gambling, prostitution, money laundering
and trade in weapons (in those jurisdictions where such activities are illegal.)
The types of cyber crime the Canadian population seem to be more aware of are
child pornography and child luring. One can speculate that it is because there
have been a number of cases in the media and because children are vulnerable
individuals and require the most protection. An assessment of a large number of
Cathy F. Maltais Page 29 11/23/2005
Canadian police service websites shows that 83% of websites posting Internet
prevention information have a section on safety tips specifically for children.
Technology has not only created further crimes and ways of committing existing
crimes as outlined above, but it has also added a burden on the seizure and
examination of evidence by law enforcement (hard drives, emails, removable
devices, etc.) The use of encryption technology may place criminal
communications beyond the reach of law enforcement in the near future.
Technology (cell phones, blackberries, computers, etc) has to be taken in
consideration when investigating almost any type of crime.
As the examples of cyber crime listed earlier demonstrate, a number of crimes
are old ones committed in a new way and/or with a new tool. The list could be
extended if we took all existing crimes and added technology to the mix. It is
very difficult to draw a line somewhere and know where cyber crimes start and
finish. A highranking criminal lawyer who deals with cyber crime cases in
Canada has commented through an interview that ‘computers are one of the few
technologies that call for technology specific laws. Another technology with the
same impact is the automobile (considering all the driving offences). The
impaired driving, dangerous driving, reckless driving, these are investigated by
specialized officers because the technology is the forceful element of the distinct
criminality reflected in the offence. We would not call it a motor vehicle offence if
bank robbers used a car to get away from a robbery.’ (Pers.Comm. 2005)
Therefore, why are we calling it cyber stalking when a stalker uses the Internet to
stalk his/her victim? Should we keep the traditional crimes titled as they are
deemed illegal in the criminal code and simply add to it that it was committed with
the computer or the Internet as a tool? Or do we need to categorize them in
order to draw importance and education towards them?
Some traditional crimes are further defined by justice and law enforcement based
on details of the crime, such as armed robbery vs. robbery. The term armed is a
qualifier to the crime that is robbery. Therefore, cyber could be a qualifier for
Cathy F. Maltais Page 30 11/23/2005
stalking, fraud, child pronography, etc. We would have fraud, and cyber fraud;
stalking and cyber stalking; child pornography and cyber child pornography, etc.
The crimes that would purely be computer crime in nature would be crimes such
as hacking or virus spreading as these can only be done with the use of
computers and/or the internet. These are things that should be considered, in
addition to international defintions, when deciding on one uniform definition for
the country.
The PSEPC definition of cyber crime has been used for the purposes of this
research. As stated previously, PSEPC provides policy leadership and delivers
programs and services in the areas of national security and emergency
management, policing, law enforcement and borders, and corrections and crime
prevention in Canada. It also ensures policy cohesion among the six agencies
that report to the Minister, including the RCMP. Their definition is used in this
research because they are the central Canadian organisation responsible for
overseeing policing and law enforcement.
The importance of a uniform defiontion is further important for organisations to be
able to gather apporpriate statistics on the same crimes. The following chapter
will adress the issue of statistical gathering in regards to cyber crime.
Cathy F. Maltais Page 32 11/23/2005
Statistics in Canada
It is difficult to quantify cyber crime in Canada. Until a few months ago, no one
was gathering uniform statistics on any crimes related to cyber space, computers
or technology. The Canadian Centre for Justice Statistics (CCJS), in co
operation with the policing community, collects policereported crime statistics
through the Uniform Crime Reporting (UCR) survey. The UCR Survey, also
known as UCR2 following a few revisions, was designed to measure the
incidence of crime in Canadian society and its characteristics. Data from the
UCR Survey provide key information for crime analysis, resource planning and
program development for the policing community. Municipal and provincial
governments use the data to aid decisions about the distribution of police
resources, definitions of provincial standards and for comparisons with other
departments and provinces. To the federal government, the UCR survey
provides information for policy and legislative development, evaluation of new
legislative initiatives, and international comparisons. To the public, the UCR
survey offers information on the nature and extent of policereported crime and
crime trends in Canada. As well, media, academics and researchers use this
data to examine specific issues about crime. (Statistics Canada 2004b)
There has never been mention of computer, cyber, technological or electronic
crime in the list of crimes reported since the survey came into force in 1962.
There is a category titled Other Criminal Code offences that involve the
remaining offences that are not classified as violent or property incidents
(excluding traffic). Examples are mischief, bail violations, disturbing the peace,
arson, counterfeiting, prostitution and offensive weapons. (Statistics Canada
2004b, p.78) Some cyber crimes that fall within these categories (i.e.: mischief)
would fall in this UCR category, but the reporting of it would not show any
differences in regular mischief or computer related mischief.
Cathy F. Maltais Page 33 11/23/2005
Following a study in 2002 on the feasibility of collecting statistics on cyber crime
in Canada, cyber crime has been added to the UCR survey. The cyber crime
variable is composed of two fields. The first field flags whether the incident
involved a computer or the Internet. The second field identifies the type of cyber
crime. The definition of cyber crime used for the UCR is ‘a criminal offence
involving a computer as the object of the crime or the tool used to commit a
material component of the offence.’ (Statistics Canada 2005) This is the
definition also used by the Canadian Police College.
Respondents to the UCR survey continue to use the existing survey violation
codes (e.g., fraud, criminal harassment, sale of illegal substances) and, in
addition, flag whether or not the incident involved a computer or the Internet.
The respondent is also able to identify the type as Target, Instrument or
Unknown. Cyber crimes specifically aimed at disrupting computers or the
Internet are to be scored as the target of the crime (e.g., computer hacking,
defacing websites and unauthorized use of computer systems). Cyber crimes
that use computers or the Internet to commit the crime are scored as the
instrument / tool of the crime (i.e.: distribution/ sale of child pornography over the
Internet, criminal harassment via emails, or fraud perpetrated over the Internet).
(Statistics Canada 2005)
Since January 2005, statistics on cyber crime are being collected by Canadian
Police Services in Canada. In addition to Canada only recently beginning
formally collecting statistics on cyber crime, there are additional issues that
cannot be resolved in the short term which impact on the accuracy of data
currently being collected. One significant problem is that the lack of public
awareness of some cyber offences, can mean that such offences may not be
identified as crimes and remain unreported. Alternatively, the victim of the online
crime may know that it is a crime but may either not know which authority to
report it to or not bother.
Cathy F. Maltais Page 34 11/23/2005
Public authorities appear to have become increasingly conscious of the need to
provide online services for the reporting of cyber crimes, which hopefully will
begin to capture more of this crime data for those victims reluctant for whatever
reason to go to a police station. Websites such as CyberTip.ca have been
established for the online reporting of cyber crime to assist the Canadian
population in reporting cyber crime when danger is not imminent. The
Vancouver Police Service as well as the SQ both offer online reporting of crime
as well. The RCMP offers a link to RECOL, a website for online reporting of
economic crime. However, what is lacking is the promotion of these services to
the public. If Cybertip.ca is the preferred method for reporting, according to the
government, then that should be made public to all citizens.
Differences in definitions of cyber crime across Canada may also impact on the
accuracy of statistical collections. What is reported might be believed to be cyber
crime but is not, or what is not reported isn’t because the person is not aware
that it is cyber crime. The definition of cyber crime, once a national one is
established, should be promoted hand in hand with prevention information, so
that the public fully understands what crimes the prevention efforts are trying to
prevent.
Cathy F. Maltais Page 36 11/23/2005
Prevention efforts in Canada
The Canadian government, law enforcement agencies and private sector
organizations in Canada are making significant efforts in providing preventive
information related to cyber crime to the public. These efforts take the form of
numerous websites and publications available to the public to educate them.
Some of the government departments, which host preventive information in
regards to cyber crime, are as follows:
Industry Canada and the Office of Consumer affairs:
Offer tips for safe online shopping; denunciation of websites with latest
scams in Canada and U.S. and additional information.
Provides a guide to consumer protection for online merchants. The guide
includes security information merchants need to provide their customers,
including actual examples of web pages with what should appear on them.
Public Safety and Emergency Preparedness Canada:
Alerts and Advisories is a webpage updated daily with new viruses, worms,
etc. that PSEPC is aware of, and the possible solutions for the public to
eradicate them from their computer systems. Papers that are not related to
specific viruses are also posted from time to time. For example, in August
2004, a Best practices for preventing online identity theft chronicle was
posted on the website. (PSEPC 2004)
Royal Canadian Mounted Police:
The RCMP website contains prevention information on economic crime,
hacking, etc. The RCMP is also involved in the National Youth Strategy to
Promote Safe, Wise and Responsible Internet Use, to which there is a link.
Cathy F. Maltais Page 37 11/23/2005
Additionally, the government has a number of strategies and task forces looking
into various types of cyber crime. For example, there is the Canadian Strategy
to Promote Safe, Wise and Responsible Internet Use. The strategy aims to
increase public awareness of issues relating to illegal and offensive Internet
content by providing parents and teachers with access to a broad collection of
tools and resources, highlighted in a 24page booklet. Such a government
initiative was imperative particularly since as of March 30, 1999, Canada
became the first country in the world to connect all of its schools and public
libraries to the Internet. (Industry Canada 2002)
All of the federal government departments in Canada have, or will by the end of
2005, a presence on the World Wide Web, with many offering online services
(e.g., filing taxes), due to the Government Online initiative. ‘The goal of the
Government OnLine initiative is to use information and communication
technology to provide Canadians with enhanced access to improved citizen
centered, integrated services, anytime, anywhere and in the official language of
their choice.’ (GOL n.d.) This shows that the government is very aware of the
potential the Internet offers. Along with the further development of an online
public service capability, even a cursory browse of many government websites
also demonstrates that they are starting to promote greater online safety.
This development is particularly discernable amongst Canadian police services’
as they enhance their websites. Varied information can now be found on police
service websites, including prevention information. In this research, seventy
three Canadian police service websites were visited in search of cyber crime
prevention information. At the time of the research, the total of active Canadian
police service websites equaled seventythree. (see table 2)
Cathy F. Maltais Page 38 11/23/2005
Cyber Crime Prevention on Police Service Websites
41%
59%
Yes No
Table 2
Of the 41% who host prevention information on their website, 83% have specific
online safety information for children. Other prevention information found on
police service websites relates to identity theft, ecommerce and general Internet
practices to follow. This is great information for the public to have, but is only
available to them if they go searching for police websites. However, the same
messages need to be provided in other ways especially to the less computer
literate in the community. Unfortunately, within police services themselves, not
many have the resources or time to dedicate to nononline prevention efforts.
Most officers who offer information presentations or other forms of cyber crime
prevention to the public do so in addition to regular community policing duties.
For example, survey responder 1 from Alberta states that his police service has
one officer who works part time to prevent, as well as investigate, cyber crime.
He states further that they have virtually nowhere to go to get assistance and
expertise.
Another police service, the Lethbridge (Alberta) Police Service, has chosen to
incorporate cyber crime with regular prevention efforts. They have a crime
Cathy F. Maltais Page 39 11/23/2005
prevention officer and a public affairs officer who raise awareness of cyber
crimes in all of its forms.
Another major factor in the current insufficient levels of prevention strategies
adopted by Canadian law enforcement agencies relates to corporate intent.
While resourcing to do this activity is essential, it is clear that heads of agencies
need to also formalize prevention strategies in their corporate business planning.
There are still many police services that believe it is not their mandate to prevent
cyber crime, but only to investigate it. However this is changing slowly in some
agencies. For example, one of the Peel (Ontario) Police Service’s goals and
performance objectives is to ‘reduce child abuse, sexual assault and Internet
pedophilia’ as well as ‘increase public and business community awareness of the
risks associated with communicating and conducting commerce electronically.’
(Peel Police Service 2002) These goals and performance objectives should be
part of every police service’s strategic plan. Research also suggest that heads of
law enforcement agencies in Canada still need to do more in their business
planning to signal their desire to tackle cyber crime prevention strategies
including public education. A review of over fifty police services’ strategic or
business plans and/or goals and performance objective documents found less
than ten mentioning a remote version of Peel’s goals and objectives towards
electronic crime and/or online child pornography specifically.
All parties involved in cyber space could do much more to promote a safe usage
of the Internet. Regrettably, it often takes a lot of time, or tragedies, before major
prevention campaigns are born through the use of impact media like television
commercials and billboards. Over the last 10 years or so, we have seen this kind
of publicity campaign in Canada in regards to drinking and driving as the fatal
consequences were increasing at an alarming rate.
The present preventive efforts regarding cyber crime are significantly more than
what was being done just a few years ago when the Internet was still relatively
Cathy F. Maltais Page 40 11/23/2005
new. But, much more is still needed. Although Canada does not hold statistics
for the numbers of cyber crime perpetrated annually, the RCMP, the SQ and the
OPP all say that it is increasing at an alarming rate. Additionally, research
reports such as the 2005 McAfee Virtual Criminology Report provide evidence
that cyber crime is increasing rapidly, worldwide. This is why the government
should get more involved by promoting online safety. It is good to have
information on government websites and police services websites, telling people
what to do to keep their identities protected, their kids safe from illegal or
offensive material; but other media should be utilized so that it reaches people
even before they get involved in online activities. Television is still a powerful
medium, which reaches young and old, rich and poor. Governments pay to have
publicities on television and the radio in regards to health matters (i.e.: smoking),
drinking and driving, and so forth. They could start a campaign advising people
that although cyber space does not seem real, it is, and the consequences of
negligence or naïveté can be very real as well. Play commercials targeting
different populations, as well as different cyber crimes. A law could also be
passed to oblige libraries and Internet cafes to have documentation on safe
online practices next to computer terminals. Public figures/celebrities could get
involved. So many things can be done if the need for it is recognized.
Despite growing evidence that the government is increasing its involvement in
cyber safety and cyber crime prevention strategies, such preventive work is
clearly not their responsibility alone. At a microlevel, cyber safety is the
responsibility of everyone who is involved in the use of computers and the
Internet.
For example, within the private sector, there are a number of organizations, such
as CyberTip.Ca, the Society for the Policing of Cyberspace (POLCYB), and the
Canadian Association of Internet Providers that provide prevention information,
as well as other services related to cyber crime. But, there is definitely more that
Cathy F. Maltais Page 41 11/23/2005
online service providers could do to provide Internet safety information, such as
providing cyber safety information to new subscribers.
CanCERT is another of Canada’s resources that helps prevent and reduce
computer crime in Canada. CanCERT is Canada’s first national Computer
Emergency Response Team. While understanding privacy and legal concerns,
they are committed to client confidentiality and the improvement of IT security.
This organization was established in 1998 by EWACanada Ltd and operates on
a twentyfour hour basis. CanCert is a nongovernmental organization. The
mission of CanCERT is to be the trusted centre for the collection and
dissemination of information related to networked computer threats,
vulnerabilities, incidents and incident response for Canadian government,
business and academic organizations. (CanCERT 2003)
Cathy F. Maltais Page 43 11/23/2005
Training
One of the main issues with technology is that it is constantly evolving, at an
incredible speed.
Experts say that more information has been produced in the last 30 years than was produced in the previous 5,000 years. It is estimated that the total body of knowledge now doubles every five years. As Neil Postman stated, technological change is not additive; it is ecological. A new technology does not merely add something; it changes everything. Becoming dependent upon the existing skills and capabilities of people is no more sustainable in the knowledge age than allowing rustout and obsolescence of physical assets would have been in the industrial age. As we move forward, western economies will continue to shift from being primarily labor intensive to becoming knowledge/mind intensive. (OPP n.d.)
It is critical for law enforcement to keep up to date with new technologies and
how criminals are exploiting them.
Cyber Crime Training in Canada
While large police services can sometimes afford university and other expensive
professional development for their officers, most Canadian police services are
small or mediumsized and have to rely on courses available at the Canadian
Police College (CPC) or their regional training centres.
The CPC, managed by RCMP, is the entity in charge of developing and providing
adequate courses to Canadian police services. There are also six regional
bodies that provide training to six different regions of the country. There is the
Atlantic Police Academy (Atlantic provinces), the Saskatchewan Police College
(prairies provinces), the Justice Institute of BC (British Columbia), Ontario Police
College (Ontario) and l'École nationale de police du Québec (Quebec).
The CPC offers a number of courses on cyber crime investigative techniques and
electronic search and seizure to police services across Canada. A list of cyber
Cathy F. Maltais Page 44 11/23/2005
crime related courses presently offered at the CPC, with brief descriptions of
each course, can be found in Appendix D.
All the courses offered show that training needs are being addressed. However,
there are a number of disadvantages for police in accessing the suite of training
outlined in the appendix. For example, each municipal police service (MPS) has
to pay to send students to attend these courses and attendance is on a voluntary
basis for the majority of survey responders. Additionally, spaces are limited per
intake. If individual officers do not show interest in cyber crime/technology, then
they will not be obliged to attend any available courses on the subject, unless the
service has a specialized cyber crime unit thus making training mandatory for
members of the unit. Since MPS operate on limited budgets, they are more likely
to use training funds to up the skills of officers on high profile issues and related
technology (i.e.: terrorism, radiation detection tools) before they use it on crimes
they often see as peripheral to their mandate.
Seventythree percent of surveyed police services recognize there is training
available to inservice officers, but for most as discussed earlier, it is not
mandatory and the funding is often not available to send officers. Survey
responder 2 from a Saskatchewan police service stated that ’availability to
participate in such courses is dependent on need, priority, cost and budget
considerations.’ Survey responder 20 from an Ontario police service stated that
training is only available if the administration chooses to send someone.
Another problem that was identified in this research was that while training can
be seen as expensive and not always a priority, making full use of the specialized
training back in the ‘home police agency’ is not always optimal. For example,
the Guelph (Ontario) Police Service sent someone to the CPC to attend training,
but the service does not have the funding to establish a technological crime unit.
Another problem associated with cyber crime training for Canadian police is that
only one of the cyber crime courses conducted at the CPC is offered in French.
Cathy F. Maltais Page 45 11/23/2005
This further limits the possible intake of students as French is the mother tongue
of 23% of Canadians. (Statistics Canada n.d.)
However, training issues in cyber crime do not just appear in the delivery of
specialized training to serving officers working in the area, they are also
problematic much earlier in the officers’ career, at their respective academies.
While the provincial police academies provide recruit training by region and some
of them also offer courses for inservice officers, very few are on cyber crime.
This is likely to continue to impact on many Canadian law enforcement agencies’
anticyber crime capability in the future.
For example, the Atlantic Police Academy offers courses for inservice officers.
However there is only one course related to Cyber crime listed in their calendar,
titled Internet Crime for inservice officers (see Appendix E). The École
nationale de police du Québec provide all training for new recruits for municipal
police services in the province of Quebec. This facility offers professional
courses, but none related to cyber crime.
The situation is the same at the Justice Institute of BC and the Ontario Police
College. This means that all police officers in the provinces of Quebec, British
Columbia and Ontario must obtain cyber crime training at the Canadian Police
College, or from other institutions. The technological crime unit of the Montreal
Police Service (SPVM) is an example of a Quebec police service that has gone
to other institutions seeking training. In addition to the courses at the CPC, the
unit has received basic training from a local college and have also obtained
training from American companies.
The Saskatchewan Police College does not have any cyber crime related
courses on its 2005 calendar for inservice officers. However, survey responder
2 from Saskatchewan states that an introductory overview is included in the
syllabus taught to all police recruits at the Saskatchewan Police College.
Cathy F. Maltais Page 46 11/23/2005
Survey responder 3 from a New Brunswick police service was the only survey
responder who indicated that there is one full day of training, per year, on
computer related crime offered to all members of his force. Another police
service states that they provide training on seizing computers and investigating
crimes involving email, such as threats. Survey responder 4 from a Prince
Edward Island police service says their recruits receive emailtracing training.
Out of all the police services surveyed in this research, the Ontario Provincial
Police (OPP) appears to have taken the most advantage of what courses are on
offer. Survey responder 5 from the O.P.P stated that they take them at every
available opportunity. ‘When the courses are available, it is mandatory for
officers in the eCrime section to take them.’ The OPP, being a provincial police
service, has more funds available for training and more officers who are
dedicated to dealing with cyber crime to send on training. Being from the same
province as where the courses are offered could also be another reason why
they take most advantage of the courses combined with the fact that cyber crime
is a high priority for the OPP.
Given the difficulties in accessing training at the CPC, other police services are
coming up with their own ‘home grown’ solutions to cyber crime training needs.
For example, the London (Ontario) Police Service did this in 2003. A goal
articulated in their 2003 Business Plan was to train and develop investigators on
Internet crime. According to their yearinreview document, there has been a
100% increase in trained investigators. (London Police Service 2003) The
Calgary (Alberta) Police Service has also been proactive in finding training to
help prevent crime and address issues related to cyber crime threats. ‘The Crime
Prevention Unit launched the Hybrid and Hive, a 32hour training course offered
by the University of Calgary for police officers and corporate security
professionals.’ (Calgary Police Service 2003)
Cathy F. Maltais Page 47 11/23/2005
As indicated in Appendix A there are clearly courses available, from beginner to
more specialized ones and according to the CPC, there are more being planned
and developed to ensure training is up to date with technology. But, the CPC
also states that their budget ‘is not sufficient to meet rising demand and to
respond with the degree of innovation required to produce trained police officers
to meet the new challenges of organized crime, terrorism and hightech crime.’
(CPC n.d.)
Cyber Crime Training Internationally
The need for cyber crime training was recognized by a group of international
experts who met in Ottawa, Canada in February 2004 as a result of a CPC
initiative. The group, now known as the International Cybercrime Training Action
Group (ICTAG), share their knowledge and ideas on how global training can be
harmonized. As a first step, the ICTAG members agreed to list particulars of their
cybercrime courses on an online database currently being developed by the
United States National White Collar Crime Centre. This will allow law
enforcement agencies from around the world to review available cybercrime
training and determine which training courses might be helpful to their
investigators.
This will be a useful tool to Canadian police services as there are numerous
courses available outside of Canada that our law enforcement agencies do not
currently access. In the U.S., there are many private organisations that provide
training to law enforcement agencies as well as government established training
programs. The Computer Crimes and Intellectual Property Section (CCIPS) of
the U.S. Department of Justice hold training and public outreach at the core of
their mission. The FBI’s Investigative Computer Training Unit (ICTU) provides
investigative computer instruction, training, and curriculum development to FBI
and other law enforcement personnel worldwide. Primarily, ICTU trains FBI agent
recruits, field agents and professional support staff, domestic and international
Cathy F. Maltais Page 48 11/23/2005
law enforcement officers attending the National Academy, and other law
enforcement officers. Training covers a variety of computer topics including how
to use the computer as an investigative tool, communications device, research
platform, and a tool for examining and/or analyzing digital evidence. (FBI n.d.)
There are several other government programs at the federal, state and local
levels that provide training, like The Computer & Financial Investigations Division
(CFI) at the Federal Law Enforcement Training Center (FLETC) who designs,
develops and provides training on high tech crimes and investigations.
The National Centre for Policing Excellence in the United Kingdom has started a
project titled Cybercrime Investigation: Developing an International Training
Program for the Future. This is an innovative international collaborative program
between law enforcement and academia to harmonize cyber crime training
across international borders to aid the fight against cyber crime. The program
allows for transfer of academic credit from country to country so that investigators
will be able to communicate effectively during investigations with people who can
be identified as having similar knowledge and skills. A register of those who have
successfully completed the training and who receive the status of European
CyberCrime Investigator (ECCI) is being created in order to enhance the capacity
for international operational collaboration. The training material is being made
available to all countries so that they may deliver a harmonized training program.
The development of this training course is intended for all 28 EU and candidate
countries as well as Norway, Switzerland, Interpol and Europol to harmonize
cyber crime training across EU borders. This project proves that it is possible to
transcend international borders and that it is acceptable for countries with
different cultures and legal systems to cooperate on this type of crime; at least on
the training front. (POLCYB 2004)
ICTAG is evaluating such training programs currently in place around the world
to address issues ranging from hacking, child pornography, fraud and scams to
accessing evidence in drug investigations. (CPC 2004) The work ICTAG is
Cathy F. Maltais Page 49 11/23/2005
doing is a very positive step forward in providing additional adequate training on
cyber crime to Canadian police officers. However, as long as training remains on
a voluntary basis and attendance is to be paid by each police service, it will be
difficult for MPS to catch up and stay current with the technology advancements
used by criminals. The CPC estimates that 5% of the Canadian police
population is trained at the CPC each year. (CPC n.d.) Since this 5% includes all
types of training available at the CPC, approximately 40 courses at the moment,
(i.e.: drug investigation, case management), and the intakes aren’t as frequent as
for other courses, the percentage of the police population being trained on cyber
crime is likely to be significantly lower than the 5% being trained overall. Another
factor, which prevents the number of police officers being trained from rising, is
that ‘usually, students who attend […] courses possess ten or more years of
experience as a police officer.’ (CPC n.d.) Therefore, younger officers who could
potentially be more interested in the technological side of policing, have to wait
many years before being allowed to receive training related to technological
crime. For example, survey responder 6 from an Alberta police service says
recruits receive the basic what to do from field training officers. He says that
‘cyber crime investigation is too technical to teach as part of the plethora of
information given in basic recruit training. The reality is that a recruit would not
be responsible to investigate this type of crime alone.’ But it would be a logical
deduction to say that today’s police recruits are more aware of technology, and
might therefore require less training than veterans would in order to grasp the
technological jargon. There could at least be a brief overview of online
investigations added to recruit curriculum, so that all recruits can recognize the
different types of cyber crimes, and know how to handle technological evidence,
if ever they are put in a situation where they have to secure an area with
technological equipment, for example.
Since it is now a fact that drug dealers and organized crime are increasingly
taking advantage of cyber space and technology (like blackberries) to conduct
their business, experienced officers/investigators require training as well since
Cathy F. Maltais Page 50 11/23/2005
the ways crimes used to be committed are changing constantly, now using the
cyber environment. In order to provide this training in a less expensive and more
convenient way than sending officers for training at the CPC, a number of options
could be explored.
To lessen the cost of sending officers to Ottawa for training, ontheroad training
could be implemented to reach as many services as possible, reducing the cost
of travel and lodging for participants. The fees paid by MPS would only have to
be for the training costs to the CPC and not travel, lodging and meals, which
could translate into considerable savings. For example, a 10 day course at the
CPC which costs 500$ in tuition, costs an additional 1128$ for lodging and meals
at the College. Even if tuition had to be increased slightly to cover the travel
costs of the trainer, the savings would still be significant as the above amounts
for lodging and meals do not include airfare or other transportation costs for all
participants going to Ottawa to receive training.
The regional police academies could also enter into partnerships with the CPC to
have some of the courses available regionally. This would make it easier to
reach more MPS and at the same time increase the number of yearly intakes
available to the country.
There are also private organizations that provide different types of training to law
enforcement that could be exploited, such as CyberLawEnforcement.org.
Another possibility would be to increase online training to reach more officers
nationally. The Internet searching training courses from the CPC are good
examples of self directed learning. They cost 150$ each and can be taken
anywhere in the country where the Internet is available.
Hiring technology experts, as civilians, to work on cyber crime, is also an
alternative to sending police officers for new training, thus eliminating the need to
backfill their positions while they are away. For example, survey responder 18
from an Alberta police service agreed that such an alternative to the current
training deficiencies in this specialized form of policing needed to be looked at.
Cathy F. Maltais Page 51 11/23/2005
He indicated that he doesn’t see the investigation of cyber crimes as a job to be
done exclusively by police officers. He believes that what is most important is
the ability to contract and retain highly skilled people. Although in contrast,
survey responder 7 from Alberta held the opposite view. He stated that although
it might be tempting to turn over this task to civilians, there is significant benefit in
having the investigative skills and instincts gleaned only from front line police
work applied in the cyber environment. He believes that in time, Canadian police
services will have members with policing experience who are also comfortable in
a cyber environment. He adds that presently it seems investigators have either
one or the other skill. The issue with this theory is that if we have to wait for time
for all members to have the requisite technical skills, many criminals will avoid
detection in the meantime, and they will also have found new innovative ways to
commit regular crime via new technology and new cyber crimes by the time law
enforcement catches up with their training.
The two main provincial police services, the Sureté du Quebec (SQ) and the
Ontario Provincial Police (OPP,) are the only survey responders whom hire and
utilize civilians within their services to work on cyber crime.
In contrast, the FBI, in the United States, has no quandary with hiring civilians to
work on cyber crime; their problem is with keeping them on staff. A government
official has stated that ‘the FBI's inability to recruit and keep the best available IT
talent has proven to be one of the biggest challenges facing the government's
Internet Crime Complaint Center (I3C). We can't recruit and keep the best
available minds in the IT world. […] They come, stay a few years and move on
because, ultimately, we can't pay what the industry pays for talent.’ (Naraine
2004)
Despite the current debate in some Canadian agencies on how best to acquire
optimal technical skill bases in countering cyber crime, a multidisciplinary
approach is likely to prove helpful. Dr. MarcelEugene LeBeuf (2000), researcher
Cathy F. Maltais Page 52 11/23/2005
at the Police Sciences School at the CPC believes in creating multidisciplinary
teams.
Traditional criteria for choosing investigators are responding less and less to new requirements within the police for countering cybercrime. Investigators will have to learn to develop new skills for handling and managing technology. It is probably easier, though, to train technology experts to become investigators, than viceversa. Nevertheless, this is the challenge that the police will have to face to create and keep specialized teams of cybercrime investigators. It is perhaps time to create multidisciplinary teams that reflect criminality’s diversity. In this case, expertise will complement each other positively.
This approach has proven successful namely with Money Laundering/Proceeds
of Crime. Integrated Proceeds of Crime Units (IPOC) are scattered across the
country. The units include the RCMP, Department of Justice, Canada Revenue
Agency (CRA), Canada Border Services Agency (CBSA), Public Works and
Government Services Canada (PWGSC) and PSEPC. Officers from provincial
and local police forces also participate in IPOC units. There are numerous
examples of success across the country, where these joint efforts have resulted
in seizing large amounts of money suspected to be terrorist financing or
proceeds of crime, and arrest of the perpetrators.
In the state of California in the United States, cyber crime courses are mandatory
by law for all senior police officers. S. 13515.55 of the California Penal Code
states the following:
Every city police officer or deputy sheriff at a supervisory level who is assigned field or investigative duties shall complete a high technology crimes and computer seizure training course certified by the Commission on Peace Officer Standards and Training by January 1, 2000, or within 18 months of assignment to supervisory duties. Completion of the course may be satisfied by telecourse, video training tape, or other instruction. This training shall be offered to all city police officers and deputy sheriffs as part of continuing professional training. The training shall, at a minimum,
Cathy F. Maltais Page 53 11/23/2005
address relevant laws, recognition of high technology crimes, and computer evidence collection and preservation. (Penal Code n.d.)
This demonstrates that California believes cyber crime is serious enough that law
enforcement should be trained to recognize and contain these types of crimes.
In Canada, we make it mandatory for all senior federal government officials to be
bilingual in the country’s official languages, French and English. Those who are
in management positions and are not bilingual are sent on language training for
months (sometimes up to 24), until they reach the required level of fluency in
their second language. Their public service salaries are paid in full while they are
attending language training. The government has imposed this because Canada
is a bilingual country and its government should reflect that. Such an investment
in the linguistic capability of its personnel is clearly significant and it begs the
question why the government has not applied the same level of resourcing
priority in regards to law enforcement policy, priorities and training. If, like the
Californian government, the Canadian government made it obligatory for police
services in Canada to have one expert, or a percentage of their employees
trained to investigate cyber crime, then this would not only force police services
to provide training to their officers, it would also show them that cyber crime is
taken seriously by the government and needs to be dealt with.
Provincial governments could make cyber crime training mandatory by adding it
to their respective acts or instilling a new rule that would be supported by existing
sections of their act. Police services in Canada are accountable in at least four
ways: (Seagrave 1997) administratively, politically, legally and to the community.
Provincial Police Acts provide accountability framework for municipal and
provincial police services. For example, sections 1 through 6 of the Quebec
Police Act make training mandatory (basic, advanced and inservice training), but
do not list which types of training. Unfortunately, it is not likely that government
will support this type of training as it would require providing additional funding
and there are several levels of government and policy makers involved
(municipal, provincial, federal).
Cathy F. Maltais Page 54 11/23/2005
Regrettably, history has shown that in order to get a specific type of crime on the
government’s priority list, something disastrous has to happen, like the terrorist
attacks on the United Stated on 11 September 2001 (911). Following 911,
terrorism became one of the top priorities for the RCMP as well as many police
services in metropolitan areas. An RCMP investigator declared through an
interview that where there were minimal resources working on terrorism pre911,
resources were being pulled from other high priority areas/cases, to work on
terrorism issues post911.
It is not far fetched to think that it might require an electronic 911 for cyber crime
to reach priority status. Had officials discovered that terrorists used the Internet
for their operational planning and implementation of the events of 911, then it is
highly likely that resources would have been pushed towards Internet related
crime. Survey responder 7 from Alberta stated that ‘politicians and
administrators simply do not seem to grasp the enormity of the Internet and the
impact it has and will bring to Canadian communities in terms of crime. Like
anything else, cyber crimes are not in the face of communities until something
tragic happens and therefore does not receive the proactive measures necessary
to properly deal with cyber issues.’ This has proven to be true time and time
again. Once something is brought to light by the media, the public becomes
aware and if it is felt that the issue is important enough, the public will speak up
and the government will have to address it. For example, online child
pornography was becoming much more frequent in the news over the last 5
years. Consequently, the criminal code was updated in 2002 to ensure that
online child pornography would be covered; later, luring children through the use
of the Internet was added as an offence.
Technology should be made a priority within police services and government as
a whole in order to counter cyber crime appropriately. While some areas have
Cathy F. Maltais Page 55 11/23/2005
embraced this fact of the new millennium, others have procrastinated, such as
many police services, with the excuse of no funding or resources. These
excuses, although accurate in most case, need to be overcome. Not only do law
enforcement agencies have to keep up to date with the constant change that
technology brings, they have to catch up to all the existing technology and how
criminals have been taking advantage of it. The face of crime is changing, so
should the face of the law. Although the legislation has been updated
considerably over the years, it is lost if powerful, affordable and accessible
training is not implemented nationally for all law enforcement. Without training
related to new technologies used by criminals, law enforcement might be missing
many opportunities to enforce the updated laws.
Cathy F. Maltais Page 57 11/23/2005
Assessment of Canadian legislation
Cyber Crime can only be fought if there is appropriate legislation to prosecute the
offenders. August Bequai stated, in 1978, that we needed to awaken to a ‘serious
and growing problem, a problem aggravated by an antiquated and
overbureaucraticized legal apparatus. At stake is our very form of government,
for if we fail to adapt our legal system to the needs of an evergrowing
technology, we will lose.’ (p.5) Luckily, Canada’s legislation has been updated
over the years to reflect new types of crime, and/or ways of committing crime
with the aid of technology.
It is difficult to theorize on the appropriateness of legislation related to cyber
crime since as mentioned earlier, there is no uniform definition of cyber crime in
Canada or a set list of crimes that fit into this category of crime. Nonetheless, we
can analyze the existing legislation in relation to the most popular, or agreed
upon in Canada, cyber crimes.
Amendments directed at cyber crime were made to the Criminal Code in 1985.
These amendments include:
§ s. 342.1 Unauthorized use of computer;
§ s. 430 (1.1) Mischief in relation to data;
§ s. 327 Possession of device to obtain telecommunication facility or service;
§ s. 326 Theft of telecommunication service.
Then, in 1997, the Criminal Law Improvement Act made additional various
amendments to the Criminal Code, including section 342.2, possession of device
to obtain computer service.
As technology has not only created new crimes, but also changed the way
traditional crimes are perpetrated, the criminal justice system, in response, had to
Cathy F. Maltais Page 58 11/23/2005
make parallel adaptation. Child pornography is a good example. It was illegal in
Canada to possess child pornography long before the Internet was born. But,
with the wide spread use of the Internet as a criminal tool, revisions had to be
made to legislation to make it illegal to download and view child pornography
online. Bill C15A, which received Royal Assent on 10 June 2002, includes
amendments to child pornography provisions that address the propagation of
such material on the Internet. Among the provisions, the Bill created an offence
against luring (s.172.1) or exploiting children through the Internet and made it a
crime to transmit, make available, export and intentionally access child
pornography on the Internet. It also introduced tougher sentences for those found
guilty of committing an offence. (PSEPC 2003) Additionally, this piece of
legislation gives Canadian judges the power to proscribe Canadabased child
pornography sites and to order the forfeiture of materials or computers used in
the crime.
In other cases, minor revisions to legislation have been required to ensure that
offences are defined in a way that captures the new technological aspects of the
crime and that the necessary law enforcement responses are permitted. For
some other computer crimes, no revisions at all were required. In the case of
cyber stalking, or online harassment for example, the law has not required
changes to adapt to technology. The harassment clause in the Criminal Code is
broad enough to be applied in all cases no matter what means are used to track
or terrorize the victim. (s.264)
Although Canada has strong legislation against child pornography; with or
without computers, some argue that there are still weaknesses in areas of the
law in relation to other crimes committed solely with the use of technology.
However, according to the Information Technology Security Strategy (ITSS)
Legal Issues Working Group, the fact that not all computer crimes have their
specific offence in the Criminal Code should not be seen as a weakness since
law is flexible. ‘Sometimes the law can apply to a wide variety of circumstances.
Cathy F. Maltais Page 59 11/23/2005
It is not necessary to have a new law for every new technology. Courts have
historically demonstrated a willingness to apply old legal principles to new
technological circumstances.’ (DoJ n.d.) The Criminal Code has created an
assortment of offences that have general application in or out of an electronic
context. Computer sabotage, including the destruction of hardware and erasure,
destruction or alteration of data or creation and dissemination of computer
viruses can be prosecuted under mischief provisions. Electronic economic
crimes can be prosecuted using traditional offences such as fraud, theft, forgery,
breach of trust and so on. Amendments to the Criminal Code in 1985 make it
clear that forgery applies to computer documents. Unauthorized entry into a
computer system can be prosecuted as fraud if a person falsely represents him
or herself to be as having authority to debit the account and use of computer
time. Where a person falsely assumes the identity of a lawful user, a charge of
personation may be in order (s.403). The Code also makes it an offence to
‘fraudulently and without color of right obtain any computer service’, and to use a
computer system in an unauthorized fashion (s.342.1(1)(a)). (DoJ n.d.)
Unlike some federations, notably Australia and the United States, criminal law
in Canada is solely federal in jurisdiction, although it is administered
provincially. This reduces the amount of laws that have to be amended or
created to adjust to new events or criminal outlets, such as technology.
Canadian legislation appears to be adequate for cyber crimes such as online
child pornography, but may be lacking in other areas of cyber offences.
Actions such as spamming are not legislated in Canada as of yet (like it is in
the United States and Australia). But, as a whole, it seems that it is not
appropriate legislation that is missing, but rather, the use of the available
legislation. This goes back to the lack of cyber crime investigations, which is
due in part to lack of funding and resources for law enforcement.
Cathy F. Maltais Page 60 11/23/2005
Punishment / sentencing
While in general legislation in Canada is in line with current technology, there is
also the issue of punishments/sentences that go with the instituted offences. It is
impossible to establish the level of punishment that is adequate for all cyber
criminals because the types of crimes are so broad in scope. In the cases of
many traditional crimes, sentencing has already been established by case law
(like child pornography). For new crimes, such as hacking, the jury is still out, so
to speak. These types of crimes have different impacts, based on the victim, the
type of damage (financial, reputation, etc.) and the legislation qualifying these
acts as offences is still fairly recent. Every new case builds case law. For
example, a male in the United States was sentenced to 10 years of community
supervision for having child pornography on his computer. Another example is
an Australian male who was sentenced to oneyear imprisonment for sale and
distribution of pirated computer games. In Canada, a women was jailed for 90
days and put on probation for 2 years for telecommunications fraud involving
organized crime (Smith, Grabosky & Urbas 2004)
As with most crimes, there is a constant debate on what is appropriate for
punishment. Cyber crimes are just new crimes added to the debate. Does it
make sense to put a recreational hacker in prison? Does the punishment fit the
crime? Is the answer to establish a constructive punishment regime, where
hackers have to provide their computer expertise to a said company or agency to
help them counter future hacker attacks? For example, this kind of ‘punishment’
regime has been done in the past where notorious hackers have been hired by
law enforcement to work for them. Smith, Grabosky & Urbas (p. 126 2004)
believe that ‘although conventional punishments of imprisonment and fines will
continue to be used in appropriate cases, it is likely that some judges will
experiment with a range of conditional orders. Some of these may result in legal
challenges or be counterproductive in reducing crime, but carefully framed
conditional orders could enhance the effectiveness of judicial punishment in
Cathy F. Maltais Page 61 11/23/2005
certain cases by making constructive use of the motivational factors that drive
many cyber criminals.’
The first everCanadian conviction for distribution of child pornography (in 1995),
held a sentence of 2 years probation and 150 hours of community service.
(Smith, Grabosky & Urbas 2004, p.174) The first sentence to be administered
under the newest piece of Canadian legislation related to the Internet is with
regards to Internet luring. On November 24, 2004, Sergio Arana Martinez was
found guilty of luring a child through the Internet and was sentenced to 21
months time served. Ontario Superior Court Justice Bruce Hawkins said the
sentence was within the acceptable legal range.
Besides ensuring that cyber crimes are covered by Canadian legislation, policy
makers have to ensure that all legislation is adapted or created to reflect all
aspects of technology. One example of this is with the protection of personal
information through electronic channels and the safeguarding of ecommerce in
Canada. Bill C6, the Personal Information Protection & Electronic Document Act
(PIPEDA) was given assent on April 13, 2000. PIPEDA is a provision taken by
the Federal Government to improve the security of individual privacy and to
counter abusive use by organizations in the collection, use and disclosure of
personal information for unreasonable purposes. The Act comprises two parts.
Part 1 establishes the rules for governing the collection, use and disclosure of
personal information. Part 2 creates an electronic alternative for doing business
with the Federal Government. (DoJ 2002, p.14) The PIPEDA is meant to give
Canadians the confidence to use the Internet as a place to do business. It also
makes it easier to conduct electronic commerce on a national and international
scale in a secure environment.
Canada is advanced on substantive law (offences) but there are still a number of
challenges in presenting computerbased evidence in court. Law enforcement
cyber crime investigations also require clearer procedures and powers for
evidence gathering and searching. The relevant legislation to be renewed in
order to rectify a piece of this issue concerns Lawful Access. ‘Lawful Access is
Cathy F. Maltais Page 62 11/23/2005
the interception, authorized by law, of communications and the lawful search and
seizure of information, including computer data. The police and national security
agencies use lawful access to investigate specific cases of serious crimes, such
as drug trafficking, money laundering, child pornography, murder and terrorism.’
(PSEPC 2003) The topic in Canada has been somewhat controversial over the
last few years. While police chiefs across the country have been asking for
greater Criminal Code powers to monitor email, web surfing, instant messaging,
etc, the public and many private sector organizations, such as Internet Service
Providers (ISP), have been against it for privacy reasons. The fear is that this
would provide law enforcement with powers to act as big brother and monitor
everyone’s email and Internet usage. The existing provisions on lawful access
date back to 1974 and have only been updated once in 1980. It is fair to say that
while technology has evolved considerably since then, Canada's lawful access
laws have not kept pace. Increasingly complex technologies are challenging
conventional lawful access methods. (DoJ 2003). Nonetheless, research in this
paper indicates that most police services across the country do not have the
time, funding or trained resources to investigate cyber crime. Hence, while it is
important to consider granting police greater powers of electronic interception,
the issue is largely rhetorical without granting them additional funding to use
these powers
Legislative Resources in Canada
In order to prosecute cyber offenders arrested under Canadian legislation, the
Department of Justice Canada has established an eProsecution Secretariat
consisting of four lawyers. They monitor the impact of technology on the work of
prosecutors and participate in a variety of projects, both within the Department of
Justice and outside, that relate to technology and the practice of criminal law.
The eprosecution Secretariat was formed in June 2001. It not only joins the
Canadian provinces and territories on a working group on cyber crime, it also
Cathy F. Maltais Page 63 11/23/2005
helps guide police and prosecutors through the mysteries of microchips,
cyberspace and electronic games and other technology.
The Secretariat also offers cyber crime training, as well as frontline assistance, to
Crown counsel and police. (Baer n.d.) Often, police officers turn to Crown
prosecutors to ensure that evidence is being collected properly. But prosecutors
recognize they too need help in preparing to prosecute for technologybased
crimes. Accordingly, the Secretariat has developed, in conjunction with the
United States Department of Justice (USDoJ) and the FBI, a computer crime
training course for Canadian Crown prosecutors. The course includes six
modules, focusing on computer crime in general, hardware and software
interactions, computer networks, electronic evidence gathering, trial issues, and
crime scenarios. In addition to Federal Crown counsel, provincial prosecutors,
judges, and police officers have taken this twoday course. (Baer n.d.)
There are also lawyers at the provincial government level that are dedicated to
cyber/electronic crime, such as in the Ontario Ministry of the Attorney General.
They have created a Task Force on Internet Crimes against Kids. The taskforce
is a special working group established in June 2004 and is made up of crown
prosecutors and police who work on child pornography and luring cases. They
are working on developing policies, tools, best practices and training to improve
the way these crimes are investigated and prosecuted in Ontario. (Attorney
General 2004)
Canada is well legislated to prosecute crimes perpetrated through the use of
computers or the Internet. The main issue is providing training or educating all
legislative participants (judges, lawyers, police) as well as the public. As survey
responder 6 from Alberta stated, ‘making new laws alone, is not the answer.
Capital investment in law enforcement for extra personnel, training and
technology will go further to assist in countering cyber crimes.’
Cathy F. Maltais Page 64 11/23/2005
International Legislation
When the issue of cyber crime is elevated to the international scene, the
problems and shortfalls are magnified. ‘The development of the Internet and
other new technologies has changed the nature of transnational crimes.’ (Clifford
2001, p.169) With cyber crime, criminals no longer need a physical nexus with a
particular country to commit a crime in that country. In order to effectively
address cyber crime as a new form of transnational crime, concerted
international cooperation is required. This can only happen, however, if there is
a common structure for understanding what the problem is and what solutions
there may be.
Michael O’Brien (n.d.) lists a number of problems surrounding international
cooperation in the area of computer crime and criminal law:
1. The lack of global consensus on what types of conduct should
constitute a computerrelated crime;
2. The lack of global consensus on the legal definition of criminal
conduct;
3. The lack of expertise on the part of police, prosecutors and the
courts in this field;
4. The inadequacy of legal powers for investigation and access to
computer systems, including the inapplicability of seizure powers to
intangibles such as computerized data;
5. The lack of harmonization between the different national procedural
laws concerning the investigation of computerrelated crimes;
6. The transnational character of many computer crimes;
7. The lack of extradition and mutual assistance treaties and of
synchronized law enforcement mechanisms that would permit
international cooperation. Or, the inability of existing treaties to take
Cathy F. Maltais Page 65 11/23/2005
into account the dynamics and special requirements of computer
crime investigation.
Many points raised by O’Brien are well understood by some global leaders. For
example, French President, Jacques Chirac once stated that ‘what we need is
the rule of law at an international level, a universal legal framework equal to the
worldwide reach of the Internet.’ (Clifford 2001, p.173) Cooperation between
countries is key, but it is a great task to get countries to agree, when an action
might be a crime in one nation but not in the other. In the case of Europe, the
Council of Europe (CoE) CyberCrime Convention was initiated as a European
response to dealing with cyber crime. The main objective of the Convention is to
pursue a common criminal policy aimed at the protection of society against cyber
crime, especially by adopting appropriate legislation and fostering international
cooperation.
The Convention is the product of four years of work by Council of Europe
experts, but also by the United States, Canada, Japan and other countries that
are not members of the organization. It is the first international treaty on crimes
committed via the Internet and other computer networks, dealing particularly with
infringements of copyright, computerrelated fraud, child pornography and
violations of network security. It also contains a series of powers and procedures
such as the search of computer networks and interception. (CoE 2001)
The treaty seeks to control Internet crimes by requiring signatory nations to
create a specific, uniform body of laws to deal with unauthorized access,
interference, fraud and forgery, child pornography and copyright infringement.
The treaty has three primary objectives. The harmonization of national laws
which define offences, the definition of investigation and prosecution procedures
to cope with global networks and the establishment of a rapid and effective
system of international cooperation.
The signing and ratification process for the Convention started with 34 countries
(including the external supporters United States, Canada, South Africa and
Cathy F. Maltais Page 66 11/23/2005
Japan) signing and 5 countries (Albania, Croatia, Estonia, Hungary and
Lithuania) ratifying the main convention by March 2004 (out of 49 potential
countries). Following the first 5 ratifications, the Cyber Crime Convention came
into force on July 1 2004. (CoE 2001) Eleven countries have now ratified the
Treaty. The Convention is presently in force in Cyprus, Romania, Slovenia, and
the Former Yugoslav Republic of Macedonia in addition to the initial five.
Denmark and Bulgaria are expected to ratify it on October 1 st and August 1 st ,
2005 respectively. However, other European countries such as France, Italy and
Germany have yet to do so (CoE 2001).
Canada is ranked among the top countries that have fully or substantially
updated their laws without ratification of the European Convention along with
Australia, Estonia, India, Japan, Mauritius, Peru, Philippines, Turkey, and the
United States. (McConnell 2001) Canada has updated related statutory laws
and Canadian political officials have strong confidence that existing laws provide
sufficient coverage against the remaining categories such as aiding and abetting
cyber crimes and computerrelated forgery. It is difficult to assess if that is
correct until these crimes are investigated and brought before justice on a greater
scale. Nevertheless, there is pressure from the Canadian Association of Chiefs
of Police (CACP) on the government to ratify the Convention since it contains
one remaining clause that requires updating in Canadian legislation. This clause
of the Convention relates to production orders. Production orders are obtained to
compel persons not under investigation (third parties) to produce, at a specified
time and place and in a specified form, data or documents (or to prepare and
produce a document based on data or documents) relevant to the commission of
an alleged offence under any federal law. Production orders are issued in
circumstances similar to those under which a search warrant would be issued,
but production orders may be less invasive than a search warrant since law
enforcement officials would not be required to search the premises of the third
party. Also, such orders allow for the acquisition of information held outside
Canada where it is under the control of a custodian in Canada. Furthermore, by
specifying the time and place at which the material must be produced, as well as
Cathy F. Maltais Page 67 11/23/2005
the form of the documents, such orders may speed up the investigative process.
These orders are difficult to obtain in Canada in relation to new technologies. No
regulations exist to place specific obligations upon Internet service providers, as
well as other technology providers, to provide free and timely interception by law
enforcement. At present time, communication service providers can lawfully
charge a fee to law enforcement for requesting information and/or interception
and it rarely concludes in realtime monitoring availability. This limits the
effectiveness of an order of the court. Lawful Access is the piece of legislation
that requires updating to reflect the necessary changes. As discussed earlier,
current Lawful Access provisions date back to 1974 and have only been updated
once in 1980. If Lawful Access were updated as CACP is requesting, then it
would be in line with the remaining clause in the Convention, addressing traffic
data, anticipatory orders and so forth.
Legislation in other countries
Not surprisingly, legislation can differ from country to country. The CoE was
created to help establish, and standardize approaches to cyber crime across
European countries. But the convention does not encompass all nations of the
world, and not all members have ratified; therefore there are still great
discrepancies between jurisdictions. Countries such as Australia and the United
States have either similar laws to Canada’s, or provisions to establish them.
Countries that hold very different penal codes, as well as different levels of
sentencing towards penal infractions, do so in regards to cyber crime as well.
Examples of significant differences in sentencing and penal codes can be found
in Zambia, Singapore, China and Arab Countries where culture, religion and
political dictatorship apply to the virtual world as much as to the real world.
For example, in many countries governed by authoritarian regimes, censorship
and punishment for so called ‘cyber offences’ can be quite arbitrary. For
example, a study of eleven countries carried out by the Cairobased Arabic
Network for Human Rights Information (HRINFO), titled The Internet in the Arab
Cathy F. Maltais Page 68 11/23/2005
World: A New Space of Repression? finds many of the area's estimated 14
million Internet users facing shutdowns of Web sites, the closing of Internet cafes
and prosecution for a variety of crimes, real or imagined.
The HRINFO study finds the most active censorship in Syria, Egypt, Libya,
Tunisia, Yemen and Saudi Arabia. These countries use a variety of tools,
including criminal prosecution, to stop Internet use by any of a number of
political, social or religious groups. In most of these countries, Internet cafes
have been shut down, Web sites blocked and numerous users sentenced to
prison terms. (etopics 2005)
Internet censorships and closures in Arab countries could perhaps at first glance
be seen as an advantage by many western countries who are increasingly
tracking jihadists’ use of the internet for communicating with likeminded and
planning terrorists attacks. However, research has shown that censorship
applies only to what the governing power does not want his citizens to have
access to. Therefore, an antiAmerican government might not only allow anti
American content on the Internet; it might censor in some cases more moderate
points of view being transmitted throughout cyber space.
Despite still many irregularities across the globe in cyber crime legislation and
enforcement activity, strong and consistent international cooperation is still a
critical factor to sending a message to cyber criminals that they can be caught
and prosecuted. A recent example of the kind of cross jurisdictional international
cooperation that is required was with a very successful crossjurisdictional
Internet child pornography investigation that occurred partly in Australia in 2004.
The investigation, codenamed Operation Auxin, began in March 2004 and
culminated in September 2004 with the execution of approximately 400 search
warrants across all Australian capital cities and a number of regional and country
areas. Auxin was the Australian arm of Operation Falcon (a worldwide
investigation into the trafficking of online child sex images). There were
hundreds of arrests of child pornography subscribers, not only in Australia, but
Cathy F. Maltais Page 69 11/23/2005
also in the United States and Britain. The U.S. charged a Belarusbased child
pornography enterprise and a Florida credit card billing service in this global
Internet pornography and moneylaundering ruse involving thousands of paid
memberships to some dozens of pornography websites. If this type of large
transnational law enforcement operation reoccur on a steady basis, countries
who are not active cyber crime treaty participants, or do not have appropriate
legislation, may be more inclined to look at the issue seriously. Though for many
nations it is not just a question of a greater willingness to adopt appropriate
legislation and sign treaties but also their ability to develop sustainable
specialized skill sets in their law enforcement communities so that they are able
to participate in such cross jurisdictional operations. For many, at present,
attending to basic law enforcement objectives is challenging enough. The other
issue for law enforcement in Canada to consider is while more cross jurisdictional
investigations might scare off amateurs or first time offenders, they may only in
the end push hardcore and group criminals into utilizing even more advanced
technology to continue to conduct their illicit business. Therefore law
enforcement needs to learn from such crossjurisdictional investigations as
Operation Auxin and how the cyber criminal changes his/her exploitation of
technology based on policing activity. The ability to switch to using new emerging
technologies or changing modus operandi needs to be more effectively reflected
in new legislation than has been the case.
However, there are examples that show law enforcement is at least attempting to
respond to a rapidly changing threat environment. The U.S.’ AntiPhishing Act
shows that although law enforcement and legislation find it difficult to keep ahead
of technology, they can at least keep pace.
Leahy's AntiPhishing Act of 2005 targets both the email bait and the Web site switch by entering two new crimes into the U.S. Code. The bill prohibits the creation or procurement of an email that represents itself as being from a legitimate business but is, in fact, sent with the intent to commit a fraud or identity theft. The second part of the bill prohibits the creation or procurement of a Web site that appears to be legitimate but attempts to induce the victim to
Cathy F. Maltais Page 70 11/23/2005
divulge personal information with the intent to commit a crime of fraud or identity theft. (Mark 2005)
The U.S., U.K. and Australia’s antispam acts are other examples of legislation
keeping up with technology. Phishing and spamming are relatively recent cyber
issues.
As O’Brien points out, issues surrounding expertise, extradition powers and
special requirements of cyber crime investigations all make international
cooperation the more vital, but also the more challenging. Without this
cooperation, some countries will become known as safe havens for various types
of cyber criminals.
Cathy F. Maltais Page 72 11/23/2005
Analysis of Law Enforcement Reactions
The leading agencies in Canada responsible for preventing and/or countering
cyber crime are the RCMP, the OPP, SQ and PSEPC. Cyber crime is not
necessarily a selfproclaimed priority, but research has shown that these
agencies have more resources to devote to crime, and for most, cyber crime is
part of their business plans. The SQ’s 20012004 business plan mentions that
the development of qualified resources in data processing, data protection and
telecommunication constitutes a lever, making it possible to improve their
capacity to fight effectively against the dataprocessing crimes, the telephone
frauds and the crimes committed in Internet. (SQ 2001)
Ontario Provincial Police (OPP)
The Electronic Crime Section (eCrime) of the OPP, which became operational in
2001, provides specialized investigative services to the OPP, Ontario municipal
police services and government ministries facing investigations in which
electronic equipment, and/or the Internet are identified as key elements of the
investigation. Two years after establishing the ecrime section, the OPP made a
commitment to increase capacity of electronic crime investigations as the
growth of the World Wide Web and technology as a whole has had a significant
impact on the number, and the diversity of requests for assistance received by
the ecrime Section. (OPP 2004)
In addition to the ecrime section, the Child pornography section, originally
formed in 1975, now also deals with Internet child pornography. Additionally, this
section is in charge of luring legislation offences for the province of Ontario. The
section provides advice, assistance and training to police and crown counsel
across Canada.
In their first year of operation, the ecrime section received 155 requests, and in
2002 321 requests for service. The increase was attributed to the fact that the
Cathy F. Maltais Page 73 11/23/2005
Child Pornography Section became a client and the section absorbed their
caseload at once, which included their backlog. In 2003, and 2004 (up to early
December), the e–Crime Section received 211 and 274 requests for service
respectively.
The OPP ecrime section appears to be dealing with an increasing workload.
This demonstrates either that cyber crime is increasing, or that other police
officers and services are recognising these ccrimes increasingly, and therefore
referring them to the ecrime section for investigation.
Sureté du Québec (Quebec Provincial Police)
The Division of Cyber Surveillance and Monitoring, operational since December
2001, is the SQ specialized unit that investigates and monitors cyber crime. The
Division analyzes and evaluates each crime to determine whether or not the
crime is related to the Internet, and carries out preliminary assessments of
criminal information databases, suspicious Internet activities, Internet infiltration,
child pornography, etc. The staff prepare and execute warrants and then forward
the file to the appropriate unit of the police force concerned. (Kowalski 2002)
The main crimes investigated by the SQ cyber crime unit in 2003 are drugs,
heinous content, hackers, threats, fake documents, fraud, murder, sexual
aggression, child porn and luring. (SQ 2001)
Between January 2002 and September 2002, the Division provided assistance in
309 incidents involving 185 morality incidents, 99 economic crime incidents and
99 incidents against the person. (Kowalski 2002) Unfortunately, the number of
successfully prosecuted cases is unknown at his time.
Royal Canadian Mounted Police
As experts in the forensic investigation of computers and networks, the members
of the RCMP's Technological Crime Unit provide support services to investigators
in the RCMP and other Canadian police services or government agencies.
Additionally, in the case of Internet investigations the RCMP provides services to
Cathy F. Maltais Page 74 11/23/2005
any accredited international police service or agency. RCMP support services
include collecting evidence through the search, seizure and forensic analysis of
computers and other microprocessorbased devices such as personal digital
assistants (PDAs) and providing expert testimony in criminal court proceedings.
At the request of PSEPC, members of the RCMP's Technological Crime Unit also
investigate cyber threats, or criminal activity using computer networks, that may
threaten one of Canada's critical infrastructures. This includes energy and
utilities, communications, financial services, food distribution and health care,
transportation and safety. (RCMP n.d.a)
The RCMP website (n.d.) also underlines the organization’s commitment to cyber
crime prevention in the community. The RCMPs’ website tells the public to
‘please report cyber crimes or technological crimes such as hacking, mischief to
data, network intrusions, denial of service attacks, computer viruses or trojans to
your local police service.’ Yet, research demonstrates that local police have
minimal resources, equipment or expert knowledge to deal with these types of
crime. Many survey responders said that they refer technological crime, such as
hacking, to the RCMP. This appears to be a contradiction, which most likely
contributes to the RCMP’s selfprofessed backlog of cyber crime cases. Through
an interview, a member of the RCMP stated that the cases are dealt with my
order of priority. If a request for assistance comes from the FBI to assist with an
international ring of cyber pedophiles, it will be treated before a municipal police
request for assistance regarding a local hacker. The technological group is not
proactive in seeking Internet criminals; they are only reactive to requests they
receive. This is in part due to the fact that the number of resources the
technological crime unit has is too low to start eradicating the backlog of
requests. It does not leave any resources to be proactive.
Cathy F. Maltais Page 75 11/23/2005
Public Safety and Emergency Preparedness Canada
As mentioned earlier, PSEPC is the leading agency in providing policy leadership
and program and service delivery in the areas of national security and
emergency management, policing, law enforcement and borders, corrections and
crime prevention. Although their definition of cyber crime has one part related to
traditional crimes committed in a new way, the focus of PSEPC activities in
relation to cyber crime is on part 2 of their definition. Through PSEPC the
Government of Canada is the first signatory to an agreement to participate in
Microsoft’s Security Cooperation Program (SCP), a global initiative launched by
Microsoft. The SCP is a worldwide program that provides a structured way for
governments and Microsoft to engage in cooperative security activities in the
areas of computer incident response, attack mitigation, and citizen outreach.
(Microsoft 2005)
Also, the Canadian Cyber Incident Response Centre (CCIRC), which serves as
Canada’s focal point for dealing with cyber threats to Canada’s critical
infrastructure since early 2005, is under PSEPC’s umbrella. The CCIRC
provides cyber security services such as incident response coordination and
support, monitoring and threat analysis, as well as technical advice and
awareness for critical infrastructure owners and operators. The CCIRC provides
this cyber protection leadership and expertise at the national and international
levels. (PSEPC 2005)
A number of other government and private sector agencies are involved with
cyber crime. The Society for the Policing of Cyberspace (POLCYB) is an
example of a Canadian organization whose priority is cyber crime. POLCYB was
incorporated as a notforprofit society in British Columbia in 1999. Their goal is
to enhance international partnerships among public and private professionals to
prevent and combat crimes in cyberspace. It seeks to establish a permanent
network for international criminal justice and corporate sectors to share
knowledge, information, and resources to prevent and combat cyberspace
Cathy F. Maltais Page 76 11/23/2005
crimes. It also facilitates educational forums to enhance understanding of the
work undertaken by international criminal justice and corporate agencies in
preventing and combating Cyberspace crimes and to provide public education on
information security. (POLCYB 2002)
Internationally, there are numerous government and private sector agencies that
are involved in stopping cyber crime. In the U.S., the FBI’s third priority is to
‘protect the United States against cyberbased attacks and hightechnology
crimes.’ (FBI 2003b) The FBI plays two very important roles in cyberspace. First,
it is the lead law enforcement agency for investigating cyber attacks by foreign
adversaries and terrorists. The potential damage to the United States' national
security from a cyberbased attack includes devastating interruptions of critical
communications, transportation, and other services. Additionally, such attacks
could be used to access and steal protected information and plans. Second, the
FBI also works to prevent criminals, sexual predators, and others intent on
malicious destruction from using the Internet and online services to steal from,
defraud, and otherwise victimize citizens, businesses, and communities. (FBI
2003b)
In Australia, all major police forces have a unit that deals with cyber crime or a
form of it. Additionally, the Australian Federal Police (AFP) hosts the Australian
High Tech Crime Centre (AHTCC) with its own High Tech Crime Team (HTCT).
The ‘significant strength of the AFP is its national and international organization,
including a worldwide network of 31 liaison posts in 28 countries staffed by 45
AFP officers. In addition, the AFP hosts Interpol within Australia, the G8 24hour
hotline, and investigative teams in all Australian capitals. These capabilities in
countering high tech crime are some of the key reasons the AFP was chosen to
host the AHTCC.’ (AFTCC 2003) The AHTCC is comprised of members from all
State and Territory police services and they also partner with many public and
private stakeholders involved in educating the public.
Cathy F. Maltais Page 77 11/23/2005
Level of Priority in Canadian Police Services
In Canada, of the 26 police services who have responded to the survey, 39%
stated that cyber crime is a priority for their service although not all of them have
the resources to fulfill this priority. Some services do have enough resources to
have a unit that deals strictly with cyber crime, such as the SQ; others have to
farm these investigations out to existing sections (such as the OPP) or units
within their organization (such as fraud or economic crime sections). Other
services would like to deal with these crimes, but cannot afford to do so without
taking resources away from other areas. This point was highlighted by survey
responder 8 from an Ontario police service who made the following comment: ‘It
should be noted that I believe that this service would like to be able be more
involved in the investigation of cyber crimes however we do not have the
resources presently.’
Survey responder 7 from Alberta put the issue of prioritizing cyber crime this way
when he said that he believed ‘community demand has dictated the service will
(publicly at least) maintain cyber crime as a priority, however there are no
additional resources and these investigations simply compete for the same
limited time required for all other complaints, investigations and response to call.’
Responses were similar elsewhere amongst survey responders. For example,
survey responder 1 from Saskatchewan also stated that it is a priority but the
organization can’t realize that priority due to insufficient resources. These
statements show willingness to deal with cyber crime, but without the appropriate
resources to do so. Priorities have to be addressed first.
Within the Rothesay (New Brunswick) Police Service, the Major Crime and Street
Crimes Unit work on the more traditional crimes and with the assistance of the
member from the Computer Crimes Unit, they work on the computer within the
traditional crime. The member from Computer Crimes works solely on computer
crimes. The Lethbridge (Alberta) Police Service has officers who investigate
cyber crimes on an as needed basis from the Major Crimes and Economic
Cathy F. Maltais Page 78 11/23/2005
Crimes units. In addition, front line street patrol officers investigate the more
straightforward lowlevel crimes. However, even if a police service views cyber
crime as a corporate priority, training and technical resources for specialized
investigations can be expensive and time consuming for smaller police services.
For some police services, cyber crime is not a priority. Survey responder 9 from
an Ontario police service stated that if it were a priority, they would get the
resources from elsewhere and train the personnel. Survey responder 2 from
Saskatchewan stated that it is not a priority ‘in the sense that there is no
dedicated unit or integrated unit that focuses its entire mandate towards cyber
crime. Available human resources are the main challenge.’
Having a corporate mission to prioritize cyber crime is one thing, but clearly a
tangible sign of true prioritization in when resourcing is in line with corporate
intent. Resourcing of course relates to human and capital expenditure that is
directly used on cyber crime. The number of resources dedicated to counter
cyber crime varies by police service. Table 3 shows the number of police officers
per surveyed police service (P.S.) as well as the number of officers who work on
cyber crime within each of these services (on either part 1 or part 2 cyber crimes
as per the PSEPC definition of cyber crime). Municipal police services were
simply identified by their province to keep confidentiality agreement with
responders.
Cathy F. Maltais Page 79 11/23/2005
P.S. in Ontario
P.S. in New
Brunswick
P.S. in Ontario
P.S. in Alberta
P.S. in Prince Edw
ard Island
P.S. in Quebec
P.S. in Ontario
P.S. in Alberta
P.S. in New
Brunswick
P.S. in Alberta
P.S. in Quebec
P.S. in Ontario
P.S. in Manitoba
P.S. in Ontario
P.S. in Quebec
P.S. in Alberta
P.S. in Nova Scotia
P.S. in Saskatchewan
P.S. in Quebec
P.S. in Ontario
P.S. in Quebec
P.S. in British Colum
bia
P.S. in Nova Scotia
SQ
OPP
168 98 550
12
6
220 1119 52
33
131 4134 137 74 79 240 1200 54 350 125 119 130 211 4000 5222 5411
0.1 0.1 0.2 0.05 0 0 0 0.5 1.3 0
6
0 0.45 0 0 2
0.1 2.2
0 0 0 0 2
22 24
0 2 4 6 8
10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 50
# of full time officers who work on cyber crimes # of officers in police service
Table 3
For most, the time dedicated to cyber crime does not come close to having one
full time member dealing with this type of crime. Survey responder 8 from
Ontario is the only one officer in his service that is able to investigate cyber
crime. But he spends a mere 10% of his time on this task since he is a full time
member of the Sexual Assault Child Abuse Unit and can only do it when he has
time. He is the only officer with the proper courses but does not have a mandate
to investigate these offences. The service has no resources dedicated to cyber
crime although they have a standalone computer, which is supposed to be used
Cathy F. Maltais Page 80 11/23/2005
for online investigations. But they do not have the time to work on online
investigations.
An OPP member stated that any one of their 5,000 front line members may end
up investigating a traditional cyber crime. ‘The 9 members of the eCrime
Section assist all other OPP and municipal police investigators specifically by
forensically extracting data from target computer media and analyzing this data
allowing frontline officers to continue their traditional cyber crime investigations.’
(OPP Pers. Comm. 2004) There are 15 members of the Child Pornography
Section that deal exclusively with online child pornography.
A review of police service literature (e.g.: business and strategic plans),
interviews and surveys show that there are significant differences from one
municipal police force to the other in regards to dealing with cyber crime.
Provincially, the two main provincial police services seem to be on equal footing
in regards to resources and priority level of cyber crime. The SQ and the OPP
both have a section dedicated to cyber crime and both have put this type of crime
in their priority statements. As seen in table 3, the SQ has the equivalent to 22
officers working full time on cyber crime, while the OPP has 24.
Who should counter cyber crime in Canada?
Research and survey results suggest that there may well not be enough
resources within law enforcement agencies to contain cyber crime in Canada.
This then begs the question, are the underfunded, and in many cases under
skilled, police services the most appropriate authorities to deal with cyber crime?
The majority of surveyed police services believe that all police services
(municipal, provincial and federal) should be involved in the investigation of cyber
crime. There were a couple representatives of services that believed it should
fall within the RCMP’s mandate and some others who think that on top of all
levels of policing, other government departments should be involved, such as the
Cathy F. Maltais Page 81 11/23/2005
Department of National Defense (DND) and the CRA. A few services believe
that only police services with over a certain number of officers should have to
investigate this type of crime. The issue does not seem to be the who, but the
how. Without adequate trained resources, it is difficult for police services to
disrupt this type of crime.
Survey responder 3 from New Brunswick brings forth the idea of having mixed
units. He states:
I believe that Cyber crimes should be fought by all members of all agencies, I believe that mixed units should be formed regionally in order to help counter these crimes, not only would you gather experience and different points of view, but you also put together budgets and equipment. Instead of having three police forces with three mainframes, you use one mainframe for all three and spend the remaining money on other software or hardware needed.
As outlined in the Training section, this is presently being done for other types of
crimes in Canada, like Proceeds of Crime/Money Laundering. Members from the
RCMP, the CBSA, regional police forces, and others all form part of one team,
and investigate a specific type of crime, like money laundering. This
arrangement could certainly be established for cyber crime as well. As a step
further, Canada should consider looking at the AHTCC in Australia as a model
for a permanent national mixed unit. The AHTCC have brought together people,
skills and technology from a range of jurisdictions.
Is Canadian Law Enforcement Well Equipped to Fight Cyber Crime?
When asked if Canadian law enforcement is well equipped (with resources,
training, tools, legislation, etc) to counter cyber crime, most survey responders
did not think it is. (see table 4)
Cathy F. Maltais Page 82 11/23/2005
Is Canadian Law Enforcement Well Equipped to Fight Cyber Crime?
73%
15%
12%
No Yes Yes for certain crimes
Table 4
The following are reactions from a range of police service survey responders to
the question. For example, survey responder 10 from a New Brunswick police
service believes that ‘there is a lack of emphasis on this crime. As for what could
be done, there is a need for better training.’ Survey responder 3 from New
Brunswick believes that ‘as any other crimes, we are behind and will always be.
Criminals and/or terrorist have unlimited funding and time, opposed to law
enforcement where we run out of budget. Leaders want results and want them
as quick as possible, therefore that has a big impact on countering these crimes.’
Survey responder 5 from the O.P.P has a twofold opinion in regards to this
question.
Canadian law enforcement is excellent at this task at this time. This is a relatively new area of expertise and therefore limited budgets and human resources have been allocated to cybercrime issues without realization that most crime has a link to forensic computer evidence. Unfortunately this type of work is often done in the background like other forensic work and therefore does not receive due attention. Education of senior management and money managers would be helpful so cybercrime matters are elevated and Canadian law enforcement can be resourced
Cathy F. Maltais Page 83 11/23/2005
properly. This is always difficult as there are competing interests for limited tax dollars.
Addressing Cyber Crime
On the survey question relating to whether cyber crime needs to be addressed
today, only one surveyed police service did not believe that cyber crime is an
issue that needs to be addressed.
The majority of responders made comments that indicated that this was a
contemporary law enforcement problem that needed a response today. For
example, survey responder 6 from Alberta suggested that cyber crime is an
emerging and evolving crime trend that continues to get more and more
sophisticated. Statements like these show that police services are aware of this
type of crime, even though most of them do not address them. An interviewed
federal government employee working on the egovernment initiative expressed
a similar point of view; she indicated that it was a problem that needed managing
today. She said:
This is a definite priority that is recognized by other governments internationally, and resonates strongly with all communities across Canada. In addition, while I recognize that efforts made today will be costly, I fear that procrastination will increase the sophistication of cyber criminals and hence difficulty of any task to control/expose their activities in the future, as well heighten the risk that more individuals will be harmed and organizations will lose money.
Her comments encapsulate what is at stake if law enforcement procrastinates or
if there is insufficient funding to counter cyber crime. The reality is that money
spent today to train and educate law enforcement specialists would be money
saved in the long run. While more training and money doesn’t necessarily directly
translate into more arrests, the greater investment in this area of law
enforcement is bound to have an enhanced impact on the activities of cyber
criminals than is the case currently.
Cathy F. Maltais Page 84 11/23/2005
Research has shown that cyber crime priorities are set by each police service
individually. This has the potential for further disparities on a national definition of
cyber crime. Additionally, if some police services choose to disregard cyber
crimes as a whole, then this type of crime will keep increasing without any
obstructions. Perhaps the priority setting for cyber crime issues could be set by
the Canadian Association of Chiefs of Police (CACP) until relevant government
agencies provide further guidance and policies on the issue. This was the view
of survey responder 10 from New Brunswick who believes that cyber crime is an
issue that should be addressed by CACP. By CACP addressing the issue of
cyber crime, they could evaluate the situation and decide if it should be made a
priority for their membership and if so, put required pressure on government for
what they decide is required for law enforcement. CACP is dedicated to the
support and promotion of efficient law enforcement and to the protection and
security of the people of Canada. CACP established an ecrime committee in
2002 with the mandate to establish a leadership role in the development of an
administrative policy and standards for technologybased investigations. The
mandate includes the promotion of interagency cooperation in the detection and
investigation of internetbased crime and the establishment of training standards.
They are also involved in the identification of effective cooperation strategies to
combat ecrime at local, provincial, national and international levels, and to
facilitate public education on information security. (CACP 2003) Based on their
mandate, it is a reasonable conclusion that they should not only be putting
pressure on the Canadian government for additional funding to disrupt cyber
crime, but also pushing agencies for a greater prioritization of cyber crime issues.
With the support of it’s membership, through its member police chiefs and other
senior police executives the CACP represents in excess of 90% of the police
community in Canada, the CACP should be more influential than individual police
services. However, their website shows no activity beyond 2002 for the ecrime
committee; this could simply mean that their website lacks updating about
committees, or that the committee has yet to make recommendations in regards
to cyber crime. One can speculate that because government is not putting
Cathy F. Maltais Page 85 11/23/2005
pressure on cyber crime issues, the CACP is not focusing on it either. This could
become a vicious circle and end up with no one looking at the issue closely
enough.
This research has demonstrated that Canadian law enforcement agencies
require funding, training and government support in order to embark with a
unified front, on disrupting cyber crime in Canada. The consequences of the
Canadian government not acting to counter cyber crime could be severe. A
number of survey responders believe that Canada could become a haven for
electronic crime and that this type of criminality would be beyond our control if we
do not act seriously. Survey responder 2 from Saskatchewan said: ‘Canada
may become an electronic safe haven for those who engage in such criminal
activity if they were to suspect that our efforts to investigate and deal with the
issues offer a significant amount of impunity compared to other jurisdictions.’
The following are additional reactions, from municipal police services, on what
the consequences might be if the Canadian Government failed to act to counter
cyber crime.
The consequences would be severe. If we fall behind, it is always harder and is much more difficult to catch up. In major investigations seizing a computer is becoming very commonplace. Plus the number of offences that are committed using a computer has increased faster than any other field. When you look at this on a local level it is huge; however on a national or international level it is enormous. With the threat of organized crime and terrorist groups out there we have to get a handle on Cyber Crime as soon as we can. We need laws with teeth, and funding for all Police Services to counter this on every level. (Guelph Police Pers. Comm. 2005)
Survey responder 10 from New Brunswick judges that ‘if it is not addressed
adequately, police will be unable to keep up with the demand generated from
such crimes. [Also], this crime will increase in the future and police officers will
not be able to keep up with the demand due in part to the lack of training.’
Cathy F. Maltais Page 86 11/23/2005
Survey responder 11 from an Ontario police service believes that cyber crime will
only increase to a magnitude that will be beyond our control and comprehension
if it is not addressed. Survey responder 7 from Alberta asserts that cyber crime
has far reaching implications ranging from jurisdictional issues for both police and
the courts, to exploitation of vulnerable members of society, to national security,
to economic consequences for consumers.
Finally, survey responder 5 from the O.P.P sums up well what the stakes are for
law enforcement and society if law enforcement fails to successfully counter
cyber crime:
A core mandate of any police service is to protect public safety, property and infrastructure. Failure to do so would have severe consequences. Failing to investigate these crimes leaves perpetrators free to continue committing the crimes against persons and/or property. Failure to continue investigations that have been started due to lack of resources and competing interests for cybercrime investigators time, results in charges being dismissed and accused free to continue committing crimes against persons and/or property. Failure to investigate internetbased crime in general would also result in severe consequences, as it would jeopardize public confidence in the Internet, impacting the Internet economy, and a public loss in government Internet solutions for service delivery.
Cathy F. Maltais Page 87 11/23/2005
Conclusion
This research identified many areas where there are currently deficiencies in
Canada’s law enforcement response to cyber crime. Although the small number
of survey responses (overall, a 29% response rate was experienced, but the
response rate for the targeted electronically was 38%), and limited number of
interviews, it is believed that the goal of the research was reached. The goal of
the research was to assess Canadian law enforcement responses to cyber
crime. The objectives of the research were to discover the following:
What the current state of response to cyber crime is in Canada;
The available resources related to cyber crime for Canadian law enforcement
(in the form of human resources, training, legislation);
The level of priority cyber crime has for law enforcement organizations in
Canada;
Establish recommendations for further study and possible improvements to
the state of the response to cyber crime in Canada.
The issues identified all through the research, and summarized below are issues
that will undoubtedly come back to surface should a research of a broader scope
be undertaken. The survey responses and interview collected in this research
provide an impression of some general views about what’s right and wrong about
Canadian law enforcement responses to cyber crime, from law enforcement
officers themselves. Recommendations related to each issue are summarized
and further described in order to offer starting points to future research. It is
hoped that this research will prompt government officials in doing a more
comprehensive cross agency analysis of capabilities regarding cyber crime. A
followup study on the one done in 2002, the Feasibility of collecting statistics on
cyber crime in Canada, would be the perfect opportunity to look at the other
aspects of cyber crime in Canada. The research of 2002 prompted the update of
the UCR survey by adding the cyber crime element in January 2005 for police
Cathy F. Maltais Page 88 11/23/2005
services to collect appropriate statistics. A followup study could potentially yield
similar positive results; this time with a sample of official government statistics.
Summary of Recommendations
A followup study to the 2005 Feasibility of collecting statistics on cyber crime
in Canada, would be the perfect opportunity to look at the other aspects of
cyber crime in Canada.
A national definition of cyber crime and agreement on terminology would
assist Canada greatly in unifying all efforts involved in reducing or preventing
this criminal trend. It would be a logical next step to take the definition used
in the UCR survey, and make it the definition of cyber crime for Canada.
Additional allocation of funding for those deemed responsible for the
investigation of cyber crime is necessary in order to increase the level of
knowledge and expertise; whether it be decided to have this responsibility in
all police services on centralized in the provincial or federal governments.
The Canadian public requires more outlets and a greater awareness of cyber
crime reporting mechanisms, and cyber crime in general.
All levels and areas of government, as well as the public requires
A good place to address all issues and validate the suggested recommendations
could be for the government to commission a parliamentary report on Canada’s
response to cyber crime; a report much like this one but with greater detail and
scope to deliver official recommendations for possible government policy
changes.
Cathy F. Maltais Page 89 11/23/2005
The issues identified can broadly be grouped into two clusters. First there are the
issues of a lack of consensus on what constitutes cyber crime and data collected
about its various forms. Second, there is still a general lack of law enforcement
capability (coordination, intelligence, investigation, priority setting and training) in
dealing with cyber crime in Canada.
In the first category, the research highlighted the need for a uniform definition of
cyber crime, and terminology identifying it in the Canadian law enforcement
community. While a global definition would be ideal, as it would assist much
needed multijurisdictional cooperation, Canada should try to resolve agency
differences now, that relate to what constitutes cyber crime. A national definition
and agreement on terminology would assist Canada greatly in unifying all efforts
involved in reducing or preventing this criminal trend. It would be a logical next
step to take the definition used in the UCR survey, and make it the definition of
cyber crime for Canada. Police Services are now reporting statistics based on
this definition, therefore it would only make sense that it be the definition and
terminology used by all. Law enforcement history is replete with examples of
agencies not defining aspects of criminality in uniform ways, which hamper
further our collective understanding of the nature of illicit markets.
Once the decision is made on the definition and appropriate cyber crime lexicon,
everyone (the public, policy makers, lawyers, police and corporate world) has to
be made aware of it along with the consequences of committing such crimes and
the resources for victims to file their complaints and be heard.
Canada, like other modern western economies, has played a key role in both the
development of information technology and in the efforts to deal with new
challenges that arise from its use. Solutions to the new challenges posed by
information technology are inherently horizontal in nature and require an
inclusive approach to policy development, involving a wide variety of
stakeholders both in the public and private sectors. (RCMP n.d.a) Various
Cathy F. Maltais Page 90 11/23/2005
government departments and agencies within Canada deal with cyber crime. In
addition to police, federal government departments working on national security
and criminal justice, the private sector, foreign policy and critical infrastructure all
have to get more seriously involved in the ongoing efforts to develop solutions to
this increasingly prevalent crime. The United States believe that taken in total,
illegal cyber activities may soon become one of the principal longterm threats to
the homeland. The FBI Director named cyber crime the nation's number one
criminal problem. (Bureau of Justice Statistics 2001) Short of pulling the plug on
computers, as Grabosky (2000) suggests, to better manage cyber crime, nations
need to equip themselves with proper legislation, law enforcement and private
and public awareness in order for this criminal problem to diminish.
This assessment of Canadian law enforcement responses to cyber crime has
shown a positive interest from police services in getting involved in this struggle;
but a lack of means to do so. Despite a common recognition by most police
services surveyed that they are committed to getting involved in the struggle
against cyber crime, there is one final fundamental issue raised by most; that is
the lack of knowledge/expertise. There are a number of areas where law
enforcement, and more broadly the Canadian Criminal Justice System, could do
more to counter this crime. One of the most important issues that came out of
the research was the relative lack of national information on many aspects of
cyber crime and/or an insufficient sharing and coordination of information. A first
step in countering cyber crime is to map the criminal environment, a near
impossible task without reliable intelligence and data. Governments and the
police community rely on this information to help them enforce policies and
procedures as well as allocating resources to investigate and prevent the
incidence of cyber crime activity in Canada. As seen earlier, the national
collection of cyber crime statistics has only been recently (January 2005) initiated
with the adage of cyber crime as a crime element to the UCR survey. Eventually,
with statistics in hand, a more precise evaluation of cyber crime trends will be
possible.
Cathy F. Maltais Page 91 11/23/2005
Another issue realized through this research is linked to the previous one; the
reporting of cyber crime incidents by the public, to the police. Canadians not only
require more outlets and a greater awareness of reporting mechanisms, but there
is also a lot more that can be done in educating the public about what actually
constitutes a cyber crime. On the point of public education, there is a lot of
preventive information on police websites, but scarce information telling people
what to do if something wrong happens while online. Everybody knows that
getting something stolen is a crime that requires police involvement. Not
everyone knows that if you are victim of a phishing scheme and lose money, that
it is a crime. And the ones that do know that this type of fraud is a crime, might
not know where to report it, or end up at a police service who does not deal with
complaints of cyber related crimes.
Secondly, this research identified overall that Canadian law enforcement
capabilities were low in some areas, particularly in resourcing, training and
priority setting. There is general recognition that law enforcement should be
doing more. For example, the RCMP (RCMP 2001) believe that law enforcement
must be committed to developing strategic solutions and the necessary
resources required to handle increasing demands to prevent, detect and respond
to criminal activity on the Internet. However, governments must be committed in
doing this as well. A good place to start may well be for the government to
commission a parliamentary report on Canada’s response to cyber crime; a
report much like this one but with greater detail and scope to deliver
recommendations for possible government policy changes. Despite a common
recognition by most police services surveyed that they are committed to getting
involved in the struggle against cyber crime, there is one final fundamental issue
raised by most; that is the lack of knowledge/expertise. There are several
reasons for which most police services do not have cyber crime experts, the
most prevalent of which is the lack of resources. The police are mandated to
protect communities and to respond to public complaints, whether these
Cathy F. Maltais Page 92 11/23/2005
complaints involve people driving erratically on the highway, or involve groups
hacking the information highway. Canadian police services must be more
‘enculturated’ by government authorities that this is a priority for Canada. There
needs to be in some agencies, mindset shift about investigating cyber crime as
opposed to other more ‘traditional’ forms of crime. But cultural change also
requires commitment regarding resources and funding to hire and/or train experts
to respond to these types of crimes. Additionally, the benefits would be
enormous if police services had the ability to be proactive instead of strictly
reactive to cyber crime complaints. If government does not want to put the
mandate in municipal police service’s hands, then an appropriate agency to refer
cases to is required. Alternatively, if the mandate is to fall within the provincial
and federal police services, they need additional resources if they have to take
on the national responsibility of cyber crimes. Perhaps the answer is to create
one central organization such as the AHTCC in Australia, (whether within the
RCMP or PSEPC by altering the mandate of the Canadian Cyber Incident
Response Centre, or on its own) to deal with all cyber crime cases. This
organization could be staffed with police officers, civilians, public servants from
other departments such as CRA, CBSA and other relevant stakeholders under
one roof. There could be a triage mechanism for all incoming requests for
assistance, then a distribution by milieu of expertise to inhouse staff and/or
international liaisons/partnerships, and so on.
There are unquestionably many different options that can be brought forth and
evaluated. What is important is that Canada have qualified people to investigate
cyber crime, whether in a hundred different police services, or under one
organization.
As pointed out earlier, this research has demonstrated that Canadian law
enforcement agencies require funding, training and government support in order
to embark on a unified assail against cyber crime. It is believed that the
consequences of the Canadian government not acting to counter cyber crime
Cathy F. Maltais Page 93 11/23/2005
could be severe, as detailed earlier in a sample of comments from survey
responders. While it would appear that Canada is not facing a worstcase
scenario of being a ‘haven for cyber criminals’, this research provides at least
some support to the view that law enforcement still does not have a full
understanding of the nature of the threats or how to control them. Whatever the
risks of not fully being engaged in countering this activity, the multiple
consequences of ‘not knowing’ your threat environment as it is today are
worrying enough, let alone what awaits us over the horizon.
Relevant literature in 1978 foreshadowed that law enforcement needed to better
prevent cyber criminals’ use of technology to commit crimes (Bequai, 1978). It
seems that twentyseven years later we have identified some similar conclusions
reached by Bequai about the cyber activities of terrorists, fraudsters, sexual
predators and other criminals who commit crimes. However, the assessment of
Canadian Law enforcement’s response to their activities suggests that while our
understanding of these crimes may be better, our capabilities to detect, prevent,
or reduce them are still ominously insufficient.
Cathy F. Maltais Page 94 11/23/2005
APPENDIX A – CONSENT FORM
CONSENT FORM MANAGING CYBER CRIME: AN ASSESSMENT OF CANADIAN LAW
ENFORCEMENT RESPONSES
Research Project: Managing Cyber crime: an Assessment of Canadian Law Enforcement Responses
Researcher: Cathy F. Maltais 309, A.Primeau, Gatineau, QC, J8R 1C2 (819) 6439962 [email protected]
I, ______________________________ [print name] consent to participate in the research project titled “Managing Cyber Crime: an assessment of Canadian law enforcement responses.”
I understand that I am free to withdraw my participation in the research at any time and that if I do I will not be subjected to any penalty or discriminatory treatment.
The purpose of the research has been explained to me, and I have been given the opportunity to ask questions about the research and received satisfactory answers.
I permit the investigator to tape record my interview as part of this project.
I understand that any information or personal details gathered in the course of this research about me are confidential and that neither my name nor any other identifying information will be used or published without my written permission.
PolicingEHRC, Charles Sturt University, has approved this study. I understand that if I have any complaints or concerns about this research I can contact:
Presiding Officer PolicingEHRC Charles Sturt University Locked Bag 2005, Goulburn, NSW, 2580 Fax. 02 48 232 786
Any issues you raise will be treated in confidence and investigated fully and you will be informed of the outcome.
Signed by ____________________________________
Date ____________________________________
APPENDIX B – SURVEY
Many people and organizations have different definitions or views of what Cyber Crime is. In order to answer the questions on this survey, we are using the definition provided by Public Safety and Emergency Preparedness Canada (PSEPC), which is split into two parts (labeled as PART 1 and PART 2). It is important that you answer the questions to reflect either parts of or the whole definition as not every organization identifies with the full definition.
PSEP defines cyber crime (also referred to as computer crime, electronic crime or high tech crime) as follows:
QUESTIONS PART 1 of
definition
PART 2 of
definition
Definition as a whole
Q1 Do you agree with the above definition? If you only agree with Part 1 or Part 2, please indicate in the appropriate box; if you agree with the whole definition, please indicate in the last box.
COMMENTS:
Q2 How many officers work for your Service?
Computer systems offer some new and highly sophisticated opportunities for criminal activities and they create the potential to commit traditional types of crimes in nontraditional ways. There is an ongoing debate amongst experts on what exactly constitutes a computer or "cyber" crime; however, experts generally agree that hightech crime falls into two broad categories:
• The first category of hightech crimes is "traditional crimes" that are now being committed with the use or aid of a computer. This includes computerassisted crimes such as money laundering, the distribution of child pornography, the sale of illegal drugs, Internet fraud, illegal gambling, and hate propaganda. In addition, new technologies can also be used to shield, store or communicate criminal/terrorist activities. (PART 1)
The advent of computer technology within our society has also created a host of new types of offences and abuses.
• The second category of hightech crime includes crimes directed against a computer or a computer network itself, or "pure" hightech crime. Pure hightech crime includes such offences as unauthorized use of computer systems (e.g. hacking) and mischief in relation to data (e.g. denial of service attacks and virus transmission). (PART 2)
Taken together, hightech crime includes the broad spectrum of criminal activity including pure computer crimes targeted to computer systems or their contents and computer assisted crimes.
Cathy F. Maltais Page 96 11/23/2005
ANSWER
QUESTIONS PART 1 of
definition
PART 2 of
definition
Definition as a whole
Q3 How many officers work on preventing cyber/electronic crime? If some work on preventing Part 1 of the definition and others on Part 2, please put numbers in appropriate box. If your number is for the definition as a whole, put number in the last box. If none, please explain why in the box below. (i.e.: Not enough resources, not a priority, no trained personnel, etc.)
COMMENTS:
Q4 What percentage of the above officers' time is dedicated to this task of preventing cyber crime?
COMMENTS:
Q5 How many officers work on countering and investigating cyber/electronic crime? If some work on countering Part 1 of the definition and others on Part 2, please put numbers in appropriate box. If your number is for the definition as a whole, put number in the last box. If none, please explain why in the box below. (i.e.: Not enough resources, not a priority, no trained personnel, etc.)
COMMENTS:
Q6 What percentage of the above officers' time is dedicated to this task of countering cyber crime?
COMMENTS:
Q7 Is cyber/electronic crime a priority for your Service? If only one of the parts of the definition is a priority, please mark appropriate box. If it is a priority with the definition as a whole, then mark last box. If no, please explain why in the box below. (i.e.: Not enough resources, no trained personnel, not an issue in your area, etc.)
COMMENTS:
Cathy F. Maltais Page 97 11/23/2005
QUESTIONS PART 1 of
definition
PART 2 of
definition
Definition as a whole
Q8 Are there any courses related to cyber/electronic crime as part of your Service's training program for new recruits ? If there are some related to Part 1, but not Part 2, and vice versa, please mark in appropriate box. If yes, please list them in the box below.
COMMENTS:
Q9 Are courses/training available to your current officers on cyber/electronic crime, such as courses offered by the Canadian Police College ? If there are some related to Part 1, but not Part 2, and vice versa, please mark in appropriate box. If yes, please list them in the box below and indicate if they are mandatory or offered on a voluntary basis.
COMMENTS:
Q10 Do you hire civilians to work on cyber/electronic crime? If yes to work on Part 1, but not Part 2, and vice versa, please mark in appropriate box. If yes, please indicate in the box below your hiring criteria and how many you employ.
COMMENTS:
Q11 Are your recruitment pre requisites (medical, physical, etc) the same for people interested in working with technology/cyber crime as those interested in countering “street” crime? If yes to work on Part 1, but not Part 2, and vice versa, please mark in appropriate box.
COMMENTS:
Q12 Who do you think should counter cyber/electronic crime in Canada ?
COMMENTS:
Q13 Do you believe Canadian law enforcement is well equipped to counter cyber/electronic crime? If yes to counter Part 1, but not Part 2, and vice versa, please mark in appropriate box. If no, what do you think is lacking? What do you think could be done?
Cathy F. Maltais Page 98 11/23/2005
COMMENTS:
QUESTIONS PART 1 of
definition
PART 2 of
definition
Definition as a whole
Q14 Do you believe that cyber/electronic crime is an issue that needs to be addressed by law enforcement? If yes to Part 1, but not Part 2, and vice versa, please mark in appropriate box. If no, please identify in the box below who you think should address it.
COMMENTS:
Q15 Do you believe that cyber/electronic crime should be addressed today? If yes to Part 1, but not Part 2, and vice versa, please mark in appropriate box.
COMMENTS: Q16 What do you think might be the consequences if the Canadian Government failed to act
to counter cyber crime? In addition, please rate the consequences severe to low and state your reasons.
ANSWER:
YES NO Q17 Can we contact you if we have further questions? Q18 Can we use your name in the report if required for referencing? Q19 Can we use your Service’s name in the report if required for referencing? Q20 Would you like to receive a copy of the research report once it is completed?
Police Service: Name: Position/rank/: Email/phone number:
COMMENTS:
APPENDIX C – POLICE SERVICE SURVEY RESPONDERS BY PROVINCE
Canada’s population 31 946 300 (Statistics Canada 2004c)
§ The RCMP polices all of Yukon, Northwest Territories and Nunavut. § The RCMP also polices communities that do not have their own police service in
BC, AB, SK, MB, NB, NS and PEI. § In Ontario and Quebec, the Provincial Police Services (OPP and SQ) police the
majority of communities where there is no municipal police service. § In Newfoundland, the Newfoundland Constabulary polices most communities.
7 542 800
12 392 700
517 000
937 000
137 900
751 400
1 170 300 995 400
3 201 900
4 196 400
42 800
31 200
= Participant Municipal Police Service
= Participant Provincial Police Service
Cathy F. Maltais Page 100 11/23/2005
APPENDIX D COURSES AT THE CPC
Canadian Internet Child Exploitation Course – 10 days
This course is designed to prepare investigators in their investigations and
prosecutions of online offences related to the sexual exploitation of children.
This course covers topics such as how to:
Identify the offence;
Form an opinion on whether they believe the images viewed are child
porn;
Take a computer apart;
Write a child exploitation related search warrant;
Use both online tools and more traditional techniques to gather evidence;
Execute a search warrant;
Prepare a press release;
Prepare a release and conditions;
Testify in court;
Update appropriate databases;
Describe future challenges;
Interview possible pedophiles;
Describe the psychological impact this job has on them. (CPC, n.d.)
To be eligible to attend this course, the potential student must be currently
working fulltime, investigating child exploitation crimes or be sanctioned to
investigate child exploitation crimes and have completed the INTSTB course,
or its equivalent.
Computer Forensic Examiner (CMPFOR) – 15 days
This course is for law enforcement officers who may be required to seize and
analyze potential digital evidence found on computer hardware. During this
course, the specialized forensic foundations and practical skills required to
recognize, recover, examine and document findings when dealing with
personal computer systems are covered.
This course covers topics such as:
Cathy F. Maltais Page 101 11/23/2005
Computer hardware;
Hard disk topology;
Law and evidence;
Forensic seizure of computer data;
Modern computer file systems;
Windows forensic software. (CPC n.d.e)
To be eligible to attend this course, the potential student must obtain 75% on
a preadmission exam.
Cybercrimes Investigative Techniques (CYBER) – 10 days
This course is designed to give students adequate skills to identify potential
avenues of investigation when dealing with cyber crimes.
This course covers topics such as:
Internet security issues and fraud concerns;
Internet security problems and safeguards;
World Wide Web and search engine technology;
PGP (Pretty Good Privacy) encryption;
Considerations in developing an effective research plan;
Introduction of TCP/IP;
Electronic Mail;
Usenet (how to break down Usenet postings);
IRC (Netmeeting, ICQ, Hotline);
Telnet;
Undercover investigations (CPC n.d.f).
To be eligible to attend this course, the student must be an experienced
investigator with a requirement to do online investigations. Course applicants
must also have successfully completed the CMPFOR course or demonstrate
his/her proficiency using DOS commands. These requirements limit the
potential intake of students because potential students whom do not have the
DOS skills might still be interested in doing online investigations. The course
prerequisites do not mirror the contents of the course. The CMPFOR course
focuses on computer forensics whereas this one focuses on the Internet.
Cathy F. Maltais Page 102 11/23/2005
One can investigate online crime without doing the forensics of the computers
used in the commission of the crimes. It’s like saying that a homicide
detective needs to be able to perform an autopsy in order to learn how to
investigate a homicide.
Internet Searching Techniques Basic (INTSTB) 1620 hours self directed learning
This course serves as an introduction to the Web as a police intelligence tool.
It takes students through many of the advanced features of both the better
and lesser known search tools as well as resources of specific interest to the
law enforcement community.
This course covers topics such as:
Most popular search engines;
Meta search sites, mega search site and advanced search queries;
Newsgroups and web forums research;
Web sites authoring. (CPC n.d.b)
There are no prerequisites to attend this course.
Internet Searching Techniques Intermediate (INTSTI) 2535 hours, self directed learning
Following through on the skills gained during the basic Internet Searching
Techniques course (INTSTB), this course introduces students to the principals
of Open Sources Research and the Intelligence Analysis process.
This course covers topics such as:
The use of the Internet as an investigative tool;
Search engine mechanics;
Advanced browser functionality;
Specialized databases and search tools. (CPC n.d.c)
To be eligible to attend this course, the student must be familiar with basic
search engine use as outlined in the basic course (INTSTB). It is highly
recommended that students complete the basic course before taking this
course.
Cathy F. Maltais Page 103 11/23/2005
Internet Searching Techniques Advanced (INTSTA) 3040 hours, self directed learning
This course illustrates how an investigator may be exposed online and the
techniques and tools that can be employed to effectively overcome this
problem.
This course covers topics such as:
Introduction to Internet Architecture and Network Analysis Tools;
Introduction to online privacy and anonymity;
Advanced anonymity tools;
Maintaining online security. (CPC n.d.a)
To be eligible to attend this course, the student must have completed the
INTSTI course and be able to install software applications such as
VisualRoute, MultiProxy and ZoneAlarm.
Network Principles and Investigative Techniques (NPITC) – 10 days This course provides investigators with the technical level of knowledge and
skills necessary to complete common searches, seizures and investigations
involving a network.
To be eligible to attend this course, the student must be established as a high
tech crime investigator, and have successfully completed the CMPFOR
course, or have the equivalent knowledge.
Network Intrusion and Incident Investigation (NETINT) – 10 days
This course is designed to arm high tech crime investigators with the basic
knowledge and skills necessary to evaluate a network intrusion complaint,
determine the need to investigate the incident, and complete a successful
investigation of the incident when warranted.
This course covers topics such as:
InterNetworking concepts;
The fundamentals of TCP/IP;
Network security;
How networkbased exploits operate;
Cathy F. Maltais Page 104 11/23/2005
How a Network Incident is handled and investigated;
Introduction to intrusion detection;
Network traffic and logbased analysis. (CPC n.d.g)
To be eligible to attend this course, the student must be a Technological
Crime Investigator assigned to investigate network intrusion cases, have
successfully completed the CMPFOR, the NPITC and the Linux course. It is
also highly recommended that students complete the INTSTB course before
taking this course.
Using the Internet as an Intelligence tool (INTINT) – 5 days
This course was developed to assist investigative personnel in becoming
more proficient in Internet based online research activities and as an
introduction to Internet and computer related investigations.
This course covers topics such as:
Using the Internet as an Effective Police Research Tool;
Search Engine Fundamentals handson and indexing patterns;
Introduction to USENET newsgroups, Web Forums and Blogs;
Newsgroup search fundamentals (handson);
Searching Exercise (handson);
Web Browser advance features overview (book marking, monitoring and
finding);
Overview Open Source Intelligence and the Intelligence Analysis
Process;
Introduction to Web site mapping tools (handson);
Introduction to Internet architecture;
Introduction to Trace Route and associated tools;
Desktop firewalls (handson);
Introduction to Internet Relay Chat;
Web site design basics;
Introduction to Advanced Research Tools.
Students that have completed the online Internet searching basic,
intermediate and advanced Course should not attend this course. (CPC n.d.d)
Cathy F. Maltais Page 105 11/23/2005
This course is targeted at those with limited Internet experience and is open to
various people, from administrative to enforcement.
Linux Forensic Techniques (LINUX) – 10 Days – online technological course
This course is designed specifically for experienced technological crime
investigators who possess a basic knowledge of the Linux operating system
and who may be required to seize and/or analyse computer hardware running
Linux. This course takes an indepth look at some aspects of the Linux
operating system and the Second Extended File System. The course
addresses the forensic analysis of a Linux based system as well using a Linux
based system as an investigative / analysis tool.
This course covers topics such as:
Linux basics review;
Second Extended File System structure;
Proper seizing procedure;
Imaging;
Searching;
Data recovery;
Linux tools and utilities;
Linux forensics using Windows tools. (CPC n.d.h)
To be eligible to attend this course, the student must have passed the
CMPFOR, completed an online general Linux course and have successfully
passed the preadmission exam. In addition, the student must be an
investigator with a mandate to perform forensic analysis of personal
computers.
The CPC also offers a Macintosh course titled “Macintosh Electronic Search
and Seizure”.
The CPC is also planning to introduce courses in ‘Advanced Cyber Crimes’.
Cathy F. Maltais Page 106 11/23/2005
APPENDIX E – ATLANTIC POLICE ACADEMY CYBER CRIME COURSE
Internet crime course 5 Days
This course is designed for Police Officers involved in investigative duties,
which may be called upon to investigate Internet related offences. He/she is
expected to have a working knowledge of Internet search engines and email
prior to the start of the course.
This course covers topics such as:
Introduction to PC Hardware;
Networks;
Internet (Introduction, history, configuration, bandwidth, IP addresses,
PING, TRACEROUTE, SCANNING, Ports);
Security (Passwords, encryption, virii, trojans, and firewalls);
Hacking;
ISP’S;
Warrants and Charges;
Tech Crime Units;
Advanced Internet (Spam, Spoof, IRC, Chat, ICQ, FTP, WWW);
Email;
Child Pornography. (Atlantic Police Academy 2005)
Cathy F. Maltais Page 107 11/23/2005
REFERENCE LIST
Agence FrancePresse (AFP) 2005, Plus de 500 internautes pédophiles arrêtes dans 12
pays, 16 March 2005, Madrid, Spain, viewed 16 March 2005, < http://www.cyberpresse.ca/outil/imprimer.php?id=T1RVNU1qa3k=>.
Atlantic Police Academy 2005, homepage, Canada, viewed 15 February 2005, <http://www.hollandc.pe.ca/APAInService/InServiceCalendarWide.htm>.
Attorney General 2004, McGuinty Government and Police Join Forces to go After Internet Predators and Child Pornographers, last updated 13 October 2004 Ontario, Canada, viewed 28 March 2005, < http://www.attorneygeneral.jus.gov.on.ca/english/news/2004/20041013 internetnr.asp>.
Australian High Tech Crime Centre (AHTCC) 2003, homepage, Australia, viewed 31
January 2005, <http://www.ahtcc.gov.au/police_act.htm>.
Baer, N n.d., eProsecutions at the crossroads of computers and crime, Department of
Justice Canada, Ottawa, Canada, last updated 26 September 2003, viewed 18 February 2005, < http://canada.justice.gc.ca/en/dept/pub/jc/vol3/no1/page4.html>.
BBC News 2001, Life of Crime Part 5, United Kingdom, viewed 14 February 2005, < http://news.bbc.co.uk/hi/english/static/in_depth/uk/2001/life_of_crime/cybercri minals.stm>.
Bequai, A 1978, Computer Crime, Lexington Books, Canada and United States.
Britannica Concise Encyclopedia 2005, from Encyclopædia Britannica Premium
Service. viewed October 22, 2005, http://www.britannica.com/ebc/article9396775
Bureau of Justice Statistics 2001, An Overview of OJP Bureaus, Offices, and COPS Information Technology Initiatives, United States.
Calgary Police Service 2003, Annual Report 2003, Calgary, Canada.
Canadian Police College (CPC) n.d., homepage, last updated 30 September 2004, Ottawa, Canada, viewed 8 February 2005, <www.cpc.gc.ca
>.
Canadian Police College (CPC) 2004, International Cybercrime Training Action Group,
homepage, Ottawa, Canada, viewed 12 August 2004, < http://www.cpc.gc.ca/ictag/ictag_e.htm>.
Canadian Police College (CPC) n.d.a, last updated 30 September 2004, INTSTA,
Cathy F. Maltais Page 108 11/23/2005
Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intsta_e.htm>.
Canadian Police College (CPC) n.d.b, last updated 30 September 2004, INTSTB, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intstb_e.htm>.
Canadian Police College (CPC) n.d.c, last updated 30 September 2004, INTSTI, Ottawa,
Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intsti_e.htm>.
Canadian Police College (CPC) n.d.d, last updated 30 September 2004, INTINT, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intint_e.htm>.
Canadian Police College (CPC) n.d.e, last updated 30 September 2004, CMPFOR, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/cmpfor_e.htm>.
Canadian Police College (CPC) n.d.f, last updated 30 September 2004, CYBER, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/cyber_e.htm>.
Canadian Police College (CPC) n.d.g, last updated 30 September 2004, NETINT, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/netint_e.htm>.
Canadian Police College (CPC) n.d.h, last updated 30 September 2004, LINUX, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/linux_e.htm>.
CanCERT 2003, homepage, Canada, viewed Feb.7, 2005, <http://www.cancert.ca/Home/Default.php>.
Canadian Association of Chiefs of Police(CACP) 2003, CACP Annual Review 2003, Ottawa, Canada.
Clifford, R.D. 2001, Cybercrime, the investigation, prosecution and defense of a computerrelated crime, Carolina Academic Press, United States, p.169.
Council of Europe (CoE) 2001, Convention on Cybercrime, electronic version, European
Treaty Series, No.185, Budapest, < http://conventions.coe.int/Treaty/en/Summaries/Html/185.htm>.
Death Penalty / Fear of Execution 2000, last updated 16 June 2000, viewed 2 February
2005, <http://web.amnesty.org/library/print/ENGASA170272000>.
Department of Justice Canada (DoJ) 2002, Electronic commerce, electronic version, Research & Statistics, Ottawa, Canada, <http://www.canada.justice.gc.ca/en/ps/rs/rep/qa021/qa021.html>.
Department of Justice Canada (DoJ) n.d., A Survey of Legal Issues Relating to the
Cathy F. Maltais Page 109 11/23/2005
Security of Electronic Information, last updated 24 April 2003, Department of Justice, Ottawa, Canada, viewed 31 March 2005, < http://canada.justice.gc.ca/en/ps/ec/toc.html>.
Department of Justice (DoJ) 2003, Lawful Access FAQ, last updated 14 August 2003,
Ottawa, Canada, viewed 18 September 2004, <http://canada.justice.gc.ca/en/cons/la_al/summary/faq.html>.
etopics 2005, Middle East still oblivious to cyber crime, viewed 14 February 2005, <www.e topics.com/index.asp?layout=topic_story&UserID=2003072813161689985>.
Foreign Affairs Canada (FAC) n.d., last updated 16 August 2004, Cyber Crime, Ottawa,
Canada, viewed 12 August 2004 and 22 February 2005, <http://www.dfaitmaeci.gc.ca/internationalcrime/cybercrimeen.asp>.
Federal Bureau of Investigation (FBI) 2003a Law Enforcement Bulletin, electronic version, March 2003, Vol.72, No.3, United States, < http://www.fbi.gov/publications/leb/2003/mar03leb.pdf>.
Federal Bureau of Investigations (FBI) n.d., Investigative Computer Training Unit, Virginia, United States, viewed 10 January 2005, < http://www.fbi.gov/hq/td/academy/ictu/ictu.htm>.
Federal Bureau of Investigations (FBI) 2003b, Facts and Figures 2003, United States,
viewed 10 January 2005, <http://www.fbi.gov/priorities/priorities.htm>.
Glossary n.d., viewed 30 June 2005, <www.kerio.com/manual/kwf/en/go01.html>.
Government OnLine (GOL) n.d., homepage, last updated 13 May 2004, Ottawa, Canada, viewed 23 March 2005, <http://www.golged.gc.ca/index_e.asp>.
Grabosky, P 2000, Cyber Crime and Information Warfare, Australia, viewed 8 September 2004, < http://www.aic.gov.au/conferences/transnational/grabosky.pdf>.
Graycar, A 2000, Nine types of cyber crime, electronic version, Australia, viewed 1 December 2004, < http://www.aic.gov.au/conferences/other/graycar_adam/200002 cybercrime.html>.
ITAC 2000, IIIC Common View Paper on Cyber Crime, electronic version, <http://www.itac.ca/Library/PolicyandAdvocacy/CyberSecurityandPrivacy/ITA CApprovedIICCommonViewsPaperonCyberCrime.htm>.
Industry Canada 2002, Key Indicators on ICT Infrastructure, Use and Content, Cat. No.
C2520/2002, Ottawa, Canada.
Ipsos News Centre 2001, Majority of Canadians Don’t Believe Enough is being done to
Cathy F. Maltais Page 110 11/23/2005
Protect Internet Consumers From Cyber Crime And Half Feel Threatened, Canada, viewed 12 August 2004, <http://www.ipsosna.com/news/pressrelease.cfm?id=1191&content=full>.
Kowalski, M 2002, CyberCrime: Issues, Data Sources, and Feasibility of Collecting PoliceReported Statistics, Canadian Centre for Justice Statistics, Catalogue no. 85558XIE, Ottawa, Canada.
LeBeuf, ME 2000, The implications of using information technology for police investigators in Canada, Canadian Police College, Ottawa, Canada.
Lilley, P 2002, Hacked, Attacked and Abused, Kogan Page, London, U.K.
London Police Service 2003, Year in Review 2003, London, Canada.
Mark, R 2005, Phishing: a snatch or 5 years of jail? 2005, in Internetnews.com, 6 March
2005, viewed 16 March 2005, <http://www.crimeresearch.org/news/06.03.2005/1011>.
McConnell 2001, Canadian Cyber Crime Laws Are Among the Strongest, viewed 12 August 2004, United States, < http://www.iwar.org.uk/law/resources/cybercrime/mcconnell/20010102.htm>.
McConnell 2000, Cyber Crime . . . and Punishment?, electronic version, viewed 15 July
2004, <http://www.mcconnellinternational.com/services/CyberCrime.pdf>.
Microsoft 2005, Microsoft Security Cooperation Program, last updated 3 March 2005, viewed 8 June 2005,
<http://www.microsoft.com/Industry/government/scp.mspx>.
Naraine, R 2004, FBI's CyberCrime Chief Relates Struggle for Top Talent, last updated
November 2004, viewed 8 December 2004, <http://www.findarticles.com/p/articles/mi_zdewk/is_200411/ai_n7582558>
O’Brien, M n.d., Understanding computer crime, MPRM Group Limited, Canada, viewed
6 October 2004, <http://www.mobrien.com/computer_crime.html>.
Ontario Police College (OPC) 2003, homepage, last updated 29 April 2003, Ottawa, Canada, viewed 16 February 2005, <http://www.mpss.jus.gov.on.ca/english/ police_serv/ont_police_col/overview.html>.
Ontario Provincial Police (OPP) n.d., homepage, Canada, viewed 8 December 2004, <www.opp.on.ca>.
Ontario Provincial Police (OPP) 2004, Investigations Support Bureau, Canada, viewed 8
December 2004, <http://www.gov.on.ca/opp/orginvcrime/english/isb.htm>.
Optymise n.d., webpage, Christchurch, New Zealand, viewed 30 June 2005, <http://www.optymise.co.nz/resources/glossary.asp>.
Cathy F. Maltais Page 111 11/23/2005
Peel Police Service 2002, Peel Police Service Strategic Plan 20022004, Brampton, Canada.
Penal Code Section 1351013519.12 n.d., California Penal Code, United States, viewed
15 February 2005, <http://www.leginfo.ca.gov/cgi bin/displaycode?section=pen&group=1300114000&file=1351013519.12 >.
POLCYB 2004, 2004 International Law Enforcement Cybercrime Award, Abstract from
Other Contestants, Canada, viewed 14 March 2005, < http://www.polcyb.org/Events/ILECA/04_ILECA_Other.htm>.
POLCYB 2002, The Society for the Policing of Cyberspace, Canada, viewed 29 November 2004, <http://www.polcyb.org/vision.htm>.
PSEPC 2003, Fact Sheet: Hightech Crime, last updated 29 July 2003, Ottawa, Canada,
viewed 6 October 2004<http://www.psepc sppcc.gc.ca/policing/organized_crime/FactSheets/high_tech_crime_e.asp>.
PSEPC 2004, Best Practices for Preventing Online Identity Theft, last updated 23 August 2004, Ottawa, Canada, viewed 6 October 2004, < http://www.ocipep.gc.ca/opsprods/info_notes/IN04002_e.asp>.
PSEPC 2005, Government of Canada Announces Cyber Security Initiatives, Ottawa, Canada, viewed 2 February 2005, <http://www.psepc.gc.ca/publications/news/2005/20050202_e.asp>.
RCMP n.d.a, Technological Crime, Ottawa, Canada, viewed 8 August 2004, <http://www.rcmpgrc.gc.ca/techops/tcb_e.htm>.
RCMP 2001, Hackers: A Canadian Perspective, Part II, electronic version, Criminal Intelligence Directorate, Ottawa, Canada, viewed 6 September 2004, <http://www.rcmpgrc.gc.ca/crimint/hackers_a_e.htm>.
RCMP n.d.b, Computer Crime Prevention, last updated 8 October 2003, Ottawa, Canada, viewed 26 February 2005, <http://www.rcmpgrc.gc.ca/scams/ccprev_e.htm>.
Seagrave, J 1997, Introduction to Policing in Canada, Prentice Hall Canada, Scarborough, Canada.
Smith, R.G., Grabosky, P & Urbas, G 2004, Cyber Criminals on Trial, Cambridge University Press, Australia.
Statistics Canada 2004a, Internet Use in Canada, electronic version, Ottawa, Canada,
viewed 18 October 2004, < http://www.statcan.ca/english/freepub/56F0003XIE/index.htm>.
Statistics Canada n.d., Demographic statistics, last updated 29 September 2004, electronic version, Ottawa, Canada, viewed 18 October 2004, < www.statcan.ca/Daily/English/040929/d040929d.htm>.
Cathy F. Maltais Page 112 11/23/2005
Statistics Canada 2004b, Uniform Crime Reporting Survey, last updated 27 January 2005, Canadian Crime Statistics, catalogue no.85205, Ottawa, Canada, viewed 28 January 2005, <http://www.statcan.ca/english/sdds/3302.htm>.
Statistics Canada 2005, Uniform Crime Reporting Incident Based Survey Reporting Manual, Canadian Centre for Justice Statistics, Policing Program, Ottawa, Canada.
Statistics Canada 2004c, Population by year, by provinces and territories, Ottawa, Canada, viewed 28 March 2005, <http://www40.statcan.ca/l01/cst01/demo02.htm>.
Stop Spam Here n.d., Three Key Tips for Combating Spam, Canada, viewed 24 February 2005, <http://stopspamhere.ca>.
Surete du Quebec (SQ) 2001, Stratégie 20012004 2001, Quebec, Canada.
Symmetric Triangle n.d., Glossary, viewed 30 June 2005, <http://www.symmetrictriangle.com/glossary.asp>.
The University of Arizona Library n.d., RIO Glossary, last updated 1 September 1998,
Arizona, United States, viewed 30 June 2005, <http://www.library.arizona.edu/rio/glossary.htm>.