While there are now many laws regulating use of the Internet that have been designed to prevent cybercrimes and punish those who perpetrate them, enforcing those laws is proving to be difficult. Law enforcement agencies tasked with catching cybercriminals face the challenge of dealing with ever-evolving technology as well as criminals who are experts at finding new ways to infiltrate computer systems. In addition, they also face complex, sometimes insurmountable, jurisdictional issues.
As technology becomes more complex and cybercriminals become more knowledgeable and experienced, cybersecurity is becoming a difficult challenge for today’s law enforcement personnel.
As the Internet has grown, both state and federal lawmakers have passed laws to regulate its use. For example, there are laws against cyberbullying, cyberstalking, theft of wireless services, spamming and gaining unauthorized access to protected systems.
Many of these laws did not exist until recent years. However, to the frustration of crime victims, many of the criminals who commit cybercrimes are never brought to justice. Even though some law enforcement agencies have cybercrime divisions, they are not always able to catch cybercriminals. There are a variety of reasons why this is the case, from jurisdictional issues to the methods of gathering evidence.
Many of these issues were outlined in a recent article written for TechRepublic by Deb Shinder, a book author and technology consultant. The information below is based upon her findings.
A central question faced by law enforcement officials is this: When a crime happens on the Internet, where, exactly, does it take place? Is it at the terminal of the victim, the criminal or where the server for one or the other is located? Such geographic issues are important in determining which agency should handle the investigation of a crime. This is important, as laws vary from city to city and state to state.
Another issue is determining whether the alleged offense was civil (which involves actions between two individuals) or criminal (which involves someone violating local, state or federal law). The lines between the two can be blurred online – for example, is a company losing a person’s personal data a civil offense or a crime?
Also, while some cybercrimes might be considered criminal, there may not be a law written that is specifically against the action. And since federal agencies don’t investigate state or local crimes, and vice versa, determining the exact criminal offense is important before an investigation can even be launched.
Another factor that slows cyber investigations is that in the online world, there are many different ways to cloak identity. For example, there are services that will mask a user’s IP address by directing traffic through different servers, making it difficult to track the exact location of an Internet user’s access.
While some advocate stricter guidelines for accessing the Internet, doing so simultaneously raises privacy issues. Outside of America, in countries where those who speak out against the government often find themselves jailed or worse, making it easy to identify them could have terrible consequences.
Information from the Internet is easily manipulated and changed. As Shinder points out, it’s “actually just a collection of ones and zeroes represented by magnetization, light pulses, radio signals or other means. This type of information is fragile and can be easily lost or changed.”
The nature of the Internet also makes it difficult to establish a chain of custody of evidence. Some cybercriminals are able to create programs that delete or change all the information they have if the system is accessed by someone other than themselves.
Cybercriminals can also use other people’s hard drives to store information, making it even more difficult to track them down and also sometimes leading to people being accused of crimes they did not commit.
Law enforcement leaders are making headway in investigating cybercrimes. For example, there are tools that allow investigators to look at digital information without tampering with it, and there are also improved methods of retrieving deleted data. Tracking software is also making it more difficult for people to remain anonymous. This has been particularly effective, Shinder notes, in crimes where the suspect is not very tech-savvy, such as fraud or cyberstalking. There are also movements among lawmakers in all 50 states, as well as countries around the world, to draft consistent cyber laws that will make it easier to navigate jurisdictional issues.
Cybercrimes pose a serious threat to millions of people across the globe. As technology expands, so do the techniques used by these criminals. Fortunately, law enforcement now seems to be able to at least keep pace with these criminals. With advances in cybersecurity tools and practices, now is a great time, for anyone with an interest in helping make the Internet a safer place, to explore a career in law enforcement.