Faculty of Arts, Postgraduate Studies For the MA … · Faculty of Arts, Postgraduate Studies ... Cyber Stalking/ Harassment ... cyber crime instead of merely playing catch up

Managing Cyber Crime: an Assessment of Canadian Law Enforcement Responses

By Cathy F. Maltais

Thesis submitted to the Faculty of Arts, Postgraduate Studies In partial fulfillment of the requirements

For the MA degree in Criminal Intelligence

Faculty of Arts Charles Sturt University, Australia

© Cathy F. Maltais, Canada, October 2005

The cyber battlefield is real. It’s a place where computers are used instead of guns, data packets instead of bullets, and firewalls are used instead of barbed wire.

Richard Tracey

Cathy F. Maltais Page 2 11/23/2005

CHAPTER 1..........................................................................................................5 Problem Definition________________________________________________ 6 Purpose and Justification of Study ___________________________________ 7 Methodology ____________________________________________________ 8

Qualitative Interviews.......................................................................................8 Qualitative – Surveys .........................................................................................9 Qualitative – Literature Reviews ......................................................................11 Quantitative – Content Analysis .......................................................................12

Analysis ______________________________________________________ 12 Limitations of research and study ___________________________________ 12 Definitions_____________________________________________________ 13

CHAPTER 2........................................................................................................15 Introduction____________________________________________________ 16 History of Cyber Crime ___________________________________________ 17 Definition of cyber crime __________________________________________ 18

Cyber Crime Definitions ...................................................................................19 International Definitions ...................................................................................22

Types of Cyber Crime____________________________________________ 23

Child Pornography and Luring .........................................................................23 Cyber Stalking/ Harassment ............................................................................23 Identity Theft ....................................................................................................24 Spoofing and Phishing .....................................................................................24 Dissemination of Offensive Materials...............................................................25 Cyber Terrorism...............................................................................................25 Spamming........................................................................................................25 Computer Viruses ............................................................................................26 Hacking............................................................................................................27 Denial of Service Attacks .................................................................................27 Piracy...............................................................................................................28 Fraud ...............................................................................................................28

CHAPTER 3........................................................................................................31 Statistics in Canada _____________________________________________ 32

CHAPTER 4........................................................................................................35 Prevention efforts in Canada ______________________________________ 36


CHAPTER 5........................................................................................................42 Training_______________________________________________________ 43

Cyber Crime Training in Canada......................................................................43 Cyber Crime Training Internationally................................................................47

CHAPTER 6........................................................................................................56 Assessment of Canadian legislation _________________________________ 57

Punishment / sentencing..................................................................................60 Legislative Resources in Canada.....................................................................62

International Legislation __________________________________________ 64

Legislation in other countries ...........................................................................67

CHAPTER 7........................................................................................................71 Analysis of Law Enforcement Reactions______________________________ 72

Ontario Provincial Police (OPP) ......................................................................72 Sureté du Québec (Quebec Provincial Police)................................................73 Royal Canadian Mounted Police......................................................................73 Public Safety and Emergency Preparedness Canada .....................................75 Level of Priority in Canadian Police Services...................................................77 Who should counter cyber crime in Canada? ..................................................80 Is Canadian Law Enforcement Well Equipped to Fight Cyber Crime?.............81 Addressing Cyber Crime..................................................................................83

Conclusion ____________________________________________________ 87

Summary of Recommendations.......................................................................88 APPENDIX A – CONSENT FORM __________________________________ 94 APPENDIX B – SURVEY _________________________________________ 95 APPENDIX C – POLICE SERVICE SURVEY RESPONDENTS BY PROVINCE _____________________________________________________________ 99 APPENDIX D COURSES AT THE CPC____________________________ 100 APPENDIX E – ATLANTIC POLICE ACADEMY CYBER CRIME COURSE _ 106 REFERENCE LIST _____________________________________________ 107


Certificate of Authorship

I hereby declare that this submission is my own work and that, to the best of my knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the award of any other degree or diploma at Charles Sturt University or any other educational institution, except where due acknowledgment is made in the thesis. Any contribution made to the research by colleagues with whom I have worked at Charles Sturt University or elsewhere during my candidature is fully acknolwedged.

I agree that this thesis be accessible for the purpose of study and research in accordance with the normal conditions established by the Executive Driector, Library Services or nominee, for the care, loan and reproduction of theses.

Cathy F. Maltais Canada

October 2005


CHAPTER 1


Problem Definition

There have been numerous technological advancements over the last decade.

These advancements, while of immense benefit for the population, have also

brought opportunities for criminal activity. Traditional crimes that have been

fought for centuries are now being perpetuated in a different environment, with

different tools, targeting different victims. As technology has been evolving at a

very fast pace, it has become clear that law enforcement and government

officials need to put resources, tools and time in place in order to keep up with

cyber crime instead of merely playing catchup.

As with many other types of crime, each country/nation deals with it in its own

way, but most of the time there are common denominators: legislation,

prevention, enforcement, prosecution and so forth. However, cyber crime is still

relatively new and not every country has laws to prosecute it or found it to be a

priority to train its law enforcement agencies to counter and prevent it from

happening. For example, preliminary research found that countries such as

France, Italy and Lebanon did not have any specific computer or cyber crime

legislation as recent as 2000. As well, countries such as New Zealand, Iran,

Sudan and Vietnam while making progress on adopting legislation specific to

computer/cyber crime, had not implemented anything in 2000. (McConnell 2000)

The question that came to mind was where did Canada fit in this picture in 2005?

In 2003, 64.3% of Canadian households had at least one regular Internet user.

(Statistics Canada 2004). This adds up to a lot of potential victims of cyber

crime, or perpetrators of it. In a country so technologically inclined, is law

enforcement ready and able to face these new types of crimes? Are Canadian

law enforcement agencies adequately resourced and trained for it? Is

appropriate legislation available to support law enforcement officers and

prosecute offenders? Where is cyber crime in the list of priorities of government

agencies? The answers to these questions help draw a portrait of how Canadian

law enforcement is responding to cyber crime.


Purpose and Justification of Study

After broad literary research through journals, police service business reports

and other sources, as well as communicating with the Royal Canadian Mounted

Police (RCMP), the Canadian Security Intelligence Service (CSIS), Public Safety

and Emergency Preparedness Canada (PSEPC) and the Canada Border

Services Agency (CBSA), it was evident that these questions did not have

accessible published answers. Hence, the aim of this study is to begin to provide

some, at least baseline, analysis or tentative answers to these questions so that

a clearer national picture is available to assess which Canadian agencies are

countering cyber crimes, which are not, and why not. From preliminary research,

it was already clear that there was no national policy provided to municipal law

enforcement agencies on countering, or preventing, cyber crime. Some police

departments do not deal with cyber crime at all, whereas others have

sections/staff dedicated to investigating it or preventative measures in their

jurisdiction. Hence it was important to provide an assessment, in part an audit, of

what different law enforcement agencies are doing in Canada. This was done in

order to provide a more cohesive and assertive response to disrupting this new

trend of crime, as a nation, for the protection of its population.

Statement of Research Objective

“Managing Cyber Crime: An Assessment of Canadian Law Enforcement

Responses.” The objectives of this research are the following:

Discover what the current state of response to cyber crime is in Canada;

Discover the available resources related to cyber crime for Canadian law

enforcement (in the form of human resources, training, legislation);

Discover the level of priority cyber crime has for law enforcement

organizations in Canada;

Establish recommendations for further study and possible improvements to

the state of the response to cyber crime in Canada.


Methodology

The present paper undertakes both qualitative and quantitative research

methodologies in order to answer specific questions.

Qualitative Interviews

A number of potential interviewees were approached by means of a formal letter

explaining the research purpose and objective and soliciting their participation in

an interview, sent by email. This mode of communication was chosen for two

reasons; firstly to speed up the process and secondly, being that the research

relates to cyber crime, it was thought appropriate that the medium researched

should be utilized as much as possible during the research. The letters were

adjusted for each potential interviewee, based on their field of expertise.

Other requests were made verbally while meeting potential interview candidates

at conferences or within my work environment. The progress of replies was

recorded on a spreadsheet for the duration of the research.

Once participants agreed to participate, they were asked to read and sign a

consent form (see Appendix A), in order to ensure their rights were protected.

When interviews were done in person, they were recorded on a digital voice

recorder when the interviewee gave his/her consent. This type of recording

enabled faster transcription of the interview through computer software, which

transcribes the recording into a transcript in a very short time. Interviews done

by telephone were recorded by note taking, and the ones done by email were

saved electronically.

Interview questions were tailored for each interviewee, based on their work

environment and area of expertise.

Six interviews were done with individuals from Canadian law enforcement

agencies and government departments involved with the field of cyber crime.


Only one interview was conducted with someone outside of Canada (from

Australia). These interviews were conducted in order to receive educated

opinions and nonpublished data from respondents other than the ones

surveyed. The interviews took place between November 2004 and February

2005. Participant organizations were selected based on their mandates and

involvement with cyber crime. Individuals within the selected organizations were

recruited based on their positions (level of involvement with cyber crime) within

their organizations as well as through personal contacts.

One of the most important interviews (with a highly qualified expert lawyer) had

to be postponed indefinitely as he became ill and had to be on sick leave for an

extended period of time. This interview was not replaced with a colleague from

the same office, as it was the specific knowledge this person holds that was

sought. This knowledge includes years of research and experience related to

cyber crime, which is not applicable to others in the same office.

Qualitative – Surveys

Surveys were sent to municipal police services as well as provincial police

services with questions on priorities, resources dedicated to cyber crime, past,

present and future situations in order to receive current data that would not

otherwise be available by other means.

The questionnaire was designed to avoid biased, directional or offensive

questions. The questionnaire included openended questions to allow

responders to fill in the requested information in their own words as well as

closedended questions, which forced the subject to respond within a specified

listing of possible answers. (see Appendix B)

The survey was Internet based. This was judged to be the most appropriate

medium for conducting the survey. For one, the research is about crimes that

happen in cyberspace, in the electronic environment. Hence, it seemed fitting to


collect information in this manner from law enforcement personnel who deal with

crimes committed in this environment. It was felt that the responders would have

a level of comfort in responding to a survey in this context. Additionally, an

online survey process proved to be less expensive and less time consuming than

distributing a paper version throughout Canada.

The survey was posted at http://www.project8.ca/CyberResearch. Participants

were able to select the language of their choice (French or English) and simply

press the submit button when they had completed answering the survey.

In order to reach as many participants as possible, a small portion of surveys

were mailed or faxed, as not all law enforcement departments are on the Internet

or have published email addresses at present time.

The progress of replies was recorded on a spreadsheet for the duration of the

research.

56 survey requests were emailed to Canadian police services (municipal and

provincial) on December 20, 2004.

12 nondeliverables responses were received.

2 completed surveys were received initially. A logical explanation for this low

level of response is because of the Christmas holidays. The survey was sent

out even at this date close to Christmas as police services usually function

7/24, 365 days a year. It was resent after the holidays, as response was

very low before Christmas.

A second email was sent out as a follow up on January 31, 2005 to 44 police

services (initial 56 minus the 12 nondeliverables).

19 completed surveys were received.

33 surveys were sent by regular post between January 31 and February 3,

2005, to police services who did not have any published electronic contact

information.

http://www.project8.ca/CyberResearch


5 completed surveys were received by mail and/or electronically out of this

mail out.

A total of 26 responses were received (see Appendix C for general geographical

areas of responders). Although there was a potential for 89 responses in total if

we count the paper and electronic requests, the initial targets were the ones with

electronic contact information. Overall, a 29% response rate was experienced.

But the response rate for the targeted electronically was 38%. This level of

response, although lower than 50%, is still a defendable sample in regards to the

objectives of this research. It was later found that many cities were

amalgamated over the last 2 years in the province of Quebec. This means that

up to 5 police services can now be one. This could account for the low response

rate in Quebec (nonresponse from 17 of them; of which 15 were paperbased

sent my regular mail).

Each survey responder was asked if the name of their police service could be

used for referencing purposes in the research. Any responder that indicated that

they did not want their police service named in the research, have not been

named in order to respect their wishes for anonymity. It is important to note that

the quoted views/opinions expressed by all survey responders, are views held by

each individual responder and not by their employer, unless stated otherwise.

Qualitative – Literature Reviews

Literature reviews on Canadian legislation (Criminal Code, the Personal

Information Protection and Electronic Documents Act (PIPEDA), Provincial Police

Acts, etc) law enforcement annual reports and business plans (over 50) and

other literature relevant to the subject were researched.


Quantitative – Content Analysis

A content analysis of data retrieved from police services records from across

Canada on cyber crime related prevention programs, training courses, statistics,

and resources involved, was also done.

Analysis

Data was assimilated (e.g. transcription of tape recordings, categorizing,

compiling) and then analyzed to detect any trends and answer the questions

posed at the launch of the research.

Limitations of research and study

This study is limited to an analysis of data related to the past and present cyber

crime situation in Canada. Any forecast or predictions on the future evolution of

cyber crime, including new technologies and types of offenders, are not

discussed though this study but may precipitate further discussions on what is

‘over the horizon’.

Many references and data were accessed online and included journals and

government publications. Though in some areas of cyber crime, such as

statistical data on occurrences of cyber crime and prosecutions of cyber

criminals, access to data was problematic as these areas remain under

researched globally, and in Canada.

Another clear limitation of the research was interviews. The interviews cannot be

regarded as sufficiently representative. Firstly, responders were not

representative of the whole subject. Cyber crime touches many different fields of

work and interest, other than law enforcement (such as Finance, Revenue, E

government, etc). The interviews were therefore a mix of many backgrounds,

which is positive as it provided a better understanding of the cyber crime situation

in Canada. But the numbers interviewed were low (7 in total) as they all came

from separate agencies. A larger number of interviewees in each agency would


have assisted in determining if the information received from the interviewees

was integral to each agency, or only to the person interviewed. It was very

difficult to find several interviewees in each agency, as within most, the number

of employees whose work is dedicated or related to cyber crime is very low,

when existent. The interviewees were selected based on their knowledge of

cyber crime. All asked to remain anonymous since they agreed to the interviews

individually, and not on behalf of the organization they represented.

The answers collected from the survey were solely voluntary; therefore it is

possible that those who responded had a higher interest in the subject, than

those who did not.

Definitions

While most definitions are explained in the body of the research report, certain

terms are more technical than others. A short list of the more uncommon terms

has been included below for ease of reading.

Blogger: Web log is a journal kept on the Internet. This journal is often updated daily and contains all information that the person maintaining the Blog (Blogger) wishes to share with the world. Also applies to websites dedicated to a particular topic and being updated with the latest news, views and trends. (Optymise n.d.)

IP: As in ‘IP address’. Number consisting of 32 bits that is used to identify the host within the Internet. It is specified by numbers of the decimal system (0255) separated by dots (e.g. 195.129.33.1). Each packet contains information about where it was sent from (source IP address) and to which address it is to be delivered (destination IP address). (Glossary n.d.)

Phishing: This term is used to describe a con by sending an email to an end user with the depiction that the email was sent from a legitimate establishment, but the true intent is to gather personal information of the enduser with the intent to use this information fraudulently. (Symmetric Triangle n.d.)

Spam: An inappropriate attempt to use a mailing list, or USENET or other networked communications facility as if it was a broadcast medium


by sending the same message to a large number of people who didn't ask for it. Mass junk Email. (University of Arizona n.d.)

Spoofing: Spoofing is a technique where source IP address in a packet is faked to make recipients suppose that packets are coming from trustworthy IP addresses. (Glossary n.d.)


CHAPTER 2


Introduction

The Internet is arguably the most powerful tool since the invention of the printing

press for accelerating a ‘free flow’ of ideas and learning. An estimated 7.9 million

(64%) of the 12.3 million Canadian households have at least one member who

uses the Internet regularly (2003), either from home, work, school, a public library

or another location. (Statistics Canada 2004) Canada is one of the most

sophisticated users of information and telecommunication technologies in the

world. Canadians rely on computerized systems in many facets of their daily life,

from transportation and communications, to health care and commerce. While

these technologies confer numerous advantages, their illicit use results in

complex security challenges. (PSEPC 2003) This has created a group of

crimes, commonly referred to as cyber crime, which includes new types of crime,

and old ones committed in new ways. One of the main fears regarding

technology and crime is the much wider availability of contact, and thus available

pool of victims, which is possible through the use of telecommunication and

Internet technologies.

Technology has also permitted individuals involved in criminal activities to

conduct such activities with reduced chances of detection. The technologies

facilitate the production, storage and retrieval as well as transmission of material

very quickly and unobtrusively. Encryption software is becoming increasingly

sophisticated but at the same time also increasingly userfriendly.

The speed at which Internet access is becoming available is growing

exponentially. The Internet as it is known today was created barely a decade

ago. In 1989 there were only 100,000 computers connected to the Web. Today, it

is estimated that there are 300 million around the world. Globally, Canada and

the United States account for more than half of cyberspace users (56%). In fact,

they outstrip Europe considerably (24%) as well as Asia and the Pacific (17%).

(DoJ 2002, p.5)


However, the majority (60%) of Canadians don’t believe enough is being done to

protect Internet consumers from cyber crime, and half (52%) feel threatened.

Seven in ten (72%) say cyber criminals have less of a chance of being caught

than a criminal in the ‘real world’ and half (47%) believe that cyber crime will

become more serious. Only a quarter (24%) of Canadians believe enough is

being done to protect Internet consumers against cyber crime. (Ipsos 2001)

It is because of statistics like these that it is important to assess the cyber crime

situation in Canada. Not only do the statistics show that there are a rapidly

increasing number of people connected to the Internet, it shows there are an

increasing number of potential victims. The pool of potential offenders is also

growing. All of the above suggests that it is even more critical to have an

assessment of Canadian law enforcement responses in order to establish if

Canada is well equipped to counter cyber crime.

History of Cyber Crime

It is difficult to determine when the first crime involving a computer actually occurred. The computer has been around in some form since the abacus, which is known to have existed in 3500 B.C. in Japan, China and India. In 1801 profit motives encouraged Joseph Jacquard, a textile manufacturer in France, to design the forerunner of the computer card. This device allowed the repetition of a series of steps in the weaving of special fabrics. So concerned were Jacquard’s employees with the threat to their traditional employment and livelihood that acts of sabotage were committed to discourage Mr. Jacquard from further use of the new technology. A computer crime had been committed. (O’Brien n.d.)

Certainly all crimes strictly related to the Internet can only be as old as the

Internet is, but crimes such as fraud and embezzlement perpetrated with the help

of a computer have clearly been around for some time. August Bequai wrote a

book, ‘Computer Crime’ in 1978. In the book’s preface, Bequai provides us with

a brief reminder that computer crime has been around for decades. Though more


importantly, in the excerpt from the preface below, Bequai also provided an early

warning in 1978 of what would happen if law enforcement did not evolve at the

same rate as technology and it’s illicit exploitation.

Like gunpowder, the computer is here to stay. Its positive impact has been immense, and will continue to grow with time. However, on the negative side of the ledger, the computer enables a small group of individuals to steal sums of money that would have the gangsters of the 1920s blush. Computer technology has enabled groups of political zealots or criminals to terrorize cities at the push of a button. A product of the electronic revolution, the computer criminal strikes anywhere and everywhere. […] He represents the criminal of the future. Our laws are challenged by him, and our jurists are left stunned. What makes this criminal more dangerous than any before him is that, should our system of laws fail to meet his threat, he may, in fact, ring the death knoll of our entire system of justice. The stakes are high indeed. (p.xi)

Definition of cyber crime

There has been great deal of debate among experts on what constitutes cyber

crime and identifying terminology which best describes it. Grabosky, Russell and

Urbas (2004) define cyber crime as a term that encompasses ‘any proscribed

conduct perpetrated through the use of, or against, digital technologies.’ (p.6)

The Encyclopedia Britannica defines cyber crime as ‘any use of a computer as

an instrument to further illegal ends, such as committing fraud, trafficking in child

pornography and intellectual property, stealing identities, or violating privacy.’

(2005) This debate is ongoing and there is still no internationally recognized

definition with resulting in cyber crime terms themselves denoting different things

in different jurisdictions. Some of the different terms used as identifiers for this

type of crime are computer crimes, electronic crime, cyber crime, technological

crime and high tech crime. The term cyber crime will be used in this research

report unless otherwise specified.

The debate for a uniform definition is not new. Back in the 1970s, when

computer crime was seen as more of an economic/whitecollar crime, Bequai


(1978, p.3) stated that there was no widely accepted definition of computer

crime. She stated that ‘some authorities define it as making use of the computer

to steal large sums of money. Others include theft of services within this

definition, as well as invasion of privacy. Some take an open approach to the

problem, viewing it as the use of a computer to perpetrate any scheme to defraud

others of funds, services and property.’

Research findings and consultations with many Canadian police services and

government departments show that there is still no standardized definition of

cyber crime in Canada, nor is there a uniform usage of the term.

There are a number of definitions and expressions used by Canadian law

enforcement, government and private organizations to refer to cyber crime. The

RCMP speaks of cyber crime as technological crime whereas PSEPC refers to it

as high tech crime.

Cyber Crime Definitions

The definition used for the purposes of this research, its interviews and surveys

is the one utilized by PSEPC since they provide policy leadership and deliver

programs and services related to national security and emergency management,

policing, law enforcement and borders, corrections and crime prevention, in

Canada. They also ensure policy consistency among the six agencies that report

to the Minister (RCMP, CSIS, CBSA, Canada Firearms Centre (CFC),

Correctional Service of Canada (CSC) and National Parole Board (NPB)).

PSEPC defines cyber crime in two separate categories, while referring to it as

hightech crime.

The first category of hightech crimes is ‘traditional crimes’ that are now being committed with the use or aid of a computer. This includes computerassisted crimes such as money laundering, the distribution of child pornography, the sale of illegal drugs, Internet fraud, illegal gambling, and hate propaganda. In addition, new technologies can also be used to shield, store or communicate criminal/terrorist activities.


The second category of hightech crime includes crimes directed against a computer or a computer network itself, or "pure" hightech crime. Pure hightech crime include such offences as unauthorized use of computer systems (e.g. hacking) and mischief in relation to data (e.g. denial of service attacks and virus transmission). (PSEPC 2003)

However, in the cyber crime law enforcement community, as discussed earlier,

major domestic and international players continue to define cyber crime

differently. The fact that definitions are different means there are different crimes

they point to, which prohibits adequate statistical gathering and increases

international and domestic miscommunications, as two parties may not be

referring to the same thing when discussing cyber crime.

The following definitions will serve to highlight the several differences in

definitions from various public and private organisations in Canada.

The RCMP says of technological crime that it refers to the use of computers or

other hightech equipment in the commission of a criminal act. Examples might

range from the personal possession of digitized child pornography on a home

computer to attacks on whole networks of interconnected computers. (RCMP

n.d.a)

Foreign Affairs Canada’s (FAC) definition goes one step further from PSEPC’s

interpretation of cyber crime. They agree that cyber crime ‘consists of specific

crimes dealing with computers and networks (such as hacking) and the

facilitation of traditional crime through the use of computers (child pornography,

hate crimes, Internet fraud).’ (FAC n.d.) But, in addition to cyber crime, they add

computersupported crime, which covers the use of computers by criminals for

communication and document or data storage. While these activities might not

be illegal in and of themselves, they are often invaluable in the investigation of

actual crimes.

The Information Technology Association of Canada (ITAC) defines cyber crime in

two broad categories, as PSEPC does. ‘Conventional crimes that have come to


involve the use of computers, e.g., plotting a murder, distributing pornography

plus theft of electronically stored data and information. Some crimes, such as

money laundering, have been so amplified by Internet technology that they have

become almost qualitatively different. New crimes specifically related to

computer technology and the Internet, e.g., hacking or defacing websites,

creation and malicious dissemination of computer viruses.’ (ITAC 2000)

As the PSEPC definition is the one used for this research, an initial survey

question asked police services if they agreed with it. The majority of police

services surveyed agree with the PSEPC definition of cyber crime (see table 1).

For example, survey responder 7 from an Alberta police service believes that the

public views computer crime as part 1 of the PSEPC definition while the

corporate community would more likely view part 2 as more applicable. This is

an interesting theory. People are more aware of what hurts them directly; for

example, online child pornography for parents, financial loses due to hacking for

corporate CEOs.

PSEPC Definition of Cyber Crime

92%

8%

Agree Don't agree

Table 1

The reason the PSEPC definition is highly agreed upon is possibly because it

includes both categories of offences that can be perpetrated with, or with the

assistance of, computers and the Internet. It separates traditional crimes from

new crimes. This enables everyone to identify with the definition whether they


deal with online child pornography, or hacking and viruses. And the definition, in

a sense, helps to provide a common operational language for most of those

involved in law enforcement’s response to cyber crime.

International Definitions

Internationally, in the Council of Europe’s Convention on Cybercrime (spelled in

one word in the treaty), cyber crime is used as an umbrella term to refer to an

array of criminal activity including offences against computer data and systems,

computerrelated offences, content offences and copyright offences.

Researchers in the Australian Institute of Criminology also agree with the PSEPC

idea that there are new crimes due to technology as well as old crimes

committed in new ways, but this is in reference to hightech crime, not cyber

crime. They state that any crime can be considered ‘high tech’ when a computer

or other piece of technology plays a significant role in the commission of the

crime. (AHTCC 2003)

As long as there is no consistent definition of cyber crime, in Canada and

internationally, it will be difficult to maximize the potential for crossjurisdictional

cooperation. More importantly, inconsistencies in definitions also impact on how

cyber crime legislation is drafted and the ability of law enforcement to derive

consistent statistics collection as different jurisdictions refer to different types of

crime when they use the terminology ‘cyber crime’, or any of its derivatives. For

example, Canada does not use the term ‘cyber’ in its legislation. Existing

Canadian legislative powers, such as the Criminal Code, have been modified by

adding new types of crimes or ways to commit them; they have not introduced

new acts to prosecute cyber crime like other countries have, such as Australia

and Nigeria. In the Australian CyberCrime Act, cyber crimes do not include crime

identified in part 1 of the PSEPC definition (child pornography, etc).


Types of Cyber Crime

There are numerous offences and actions that are considered to be cyber crime

globally. A list of offences is attached to each different definition. The word

action is used here because not all actions referred to are offences in all

jurisdictions. Below is a list of the most common offences and actions identified

through research.

Child Pornography and Luring

Pedophiles use the Internet to exchange pornographic images of children. They

also use newsgroups and chat rooms as meeting places between them and/or to

lure children. Pedophiles who used to be isolated can now find victims without

leaving the security of their own homes.

Canada has created new offences to target criminals who use the Internet to lure

and exploit children for sexual purposes and to transmit, make available, export

and intentionally access child pornography. There are numerous examples of

this illicit activity all over the world from single pedophiles to clusters of them.

One example is the ‘Wonderland Club’. ‘The club was an international ring of

180 pedophiles that eventually had over 750 000 images of children and babies

and 1800 computerized videos of children suffering sexual abuse seized by the

police.’ (Lilley 2002, p.99) There were 1263 children involved. Unfortunately, the

Wonderland Club is just one example out of many.

Cyber Stalking/ Harassment

Many people meet each other online through chat rooms, forums, newsgroups

and so forth. Virtual acquaintances might give some of them the sense of having

a relationship with someone, although there has been no physical contact. ‘By

enabling human interaction without the constraints of physical barriers and with

the perception of anonymity, the Internet has become the ideal instrument for

individuals who wish to intimidate, threaten, and harass others.’ (FBI 2003)

The term cyber stalking has emerged to describe the use of such technology to

harass or stalk. Cyber stalking is defined as the repeated use of the Internet, e


mail, or other related digital electronic communication devices to annoy, alarm, or

threaten a specific person or group. (FBI 2003) There are a number of ways for

someone to be cyber stalked. One example is when fake ads are posted on the

Internet, providing personal information (name, address, photos) of a victim and

stating that the victim is seeking partners for sexual fantasies, such as rape. The

victim then receives phone calls, emails, visits from men who are responding to

the fake ad, and eager to fulfill the supposed fantasies. This can quickly escalate

into physical harm.

Identity Theft

There are criminals who construct mimic sites to lure customers of online

banking and other forms of electronic payments into accessing fake sites rather

than the original. These sites are designed to fraudulently strip users of their

personal (age, gender, marital status, social insurance number), financial (credit

card, account and banking login numbers), and sensitive (personal and corporate

passwords) information. Spam emails are also ways of fraudulently obtaining

personal information. In the United States, large quantities of personal

information (such as credit reports) are available to anyone for a nominal fee on

the Internet. The Internet has facilitated both the ease of use with which this type

of information can be stolen, and used.

Spoofing and Phishing

The action of constructing a mimic site is referred to as spoofing or phishing.

Spoofing refers to the technique used to gain unauthorized access to computers

by sending messages to a computer with an IP address indicating that the

message is coming from a trusted host when, in fact, the website has been

duplicated for fraudulent purposes. Phishing refers to the act of sending emails

to users falsely claiming to be trusted enterprises in an attempt to gather

personal, financial and sensitive information. Often, the emails contain a subject

and message intended to alarm the recipient into taking action. Users are then

sent to spoofed websites. (PSEPC 2004) An example of spoofing is an email


claiming to be from a system administrator requesting users to change their

passwords to a specified string and threatening to suspend their account if they

do not do this. The perpetrator then has the password to access the user’s

accounts.

Dissemination of Offensive Materials

There is an abundance of content on the Internet which is considered by some to

be objectionable. Well known examples include, among much else, sexually

explicit materials, racist propaganda and instructions for the fabrication of

incendiary and explosive devices. (Graycar 2000). Some of this is illegal in

certain countries, although thought to be merely offensive in others. In Iran, for

example, it is illegal to criticize the government online; whereas in western

countries such as Canada this is perceived as free speech and is clearly legal.

Cyber Terrorism

Terrorists have proven skillful at online marketing, adept at drawing out data

offered by the billionsome pages of the World Wide Web. There are also

countless examples of how terrorists use this new medium to deliver threats and

to disseminate horrific images, and to communicate with others involved in

terrorism. Just like anyone, terrorists can learn about schedules and locations of

targets such as transportation facilities, nuclear power plants, public buildings,

airports and ports, and even counterterrorism measures from the Internet. The

Internet also provides terrorists with a cheap and efficient way of networking,

which not only allows them to recruit new people, but also plan and organize

specific attacks. The most feared attacks are those against power and nuclear

plants, financial systems, attacks that would cripple governmental and private

critical infrastructure.

Spamming

‘Spam refers to unsolicited email, mostly commercial, advertising a product or

service that is mass mailed to thousands of email addresses at a time, filling

people’s Inboxes. Spam does not refer to legitimate commercial email for which


consumers have given their consent. Spam is often a source of scams, viruses

and offensive content.’ (Stop Spam Here n.d.)

Although not a crime in Canada, spamming is a major problem and takes up

valuable time and increases costs for consumers, business and governments.

Although the spamming itself might not be illegal, the consequences and/or

content of many spam emails are fraudulent. Legislative and policymaking

bodies across the world are studying this Internet action. In 2004, the U.S.

established the AntiSpam Act and Australia the Spam Act. In Canada, the

Minister of Industry established a Special Task Force on Spam in May 2004 to

oversee the implementation of a comprehensive action plan to reduce the

volume of unsolicited commercial email. While the Task Force is still consulting,

early consultations had most key stakeholders asking for current legislation, such

as PIPEDA, to be adapted to counter spam.

Computer Viruses

The spreading of viruses is another form of cyber crime. An example of this is

with the lovebug virus, which crippled at least 45 million computers worldwide

and caused billions of dollars worth of damage. (BBC News 2001) A computer

virus is program code, which can attach itself to other programs and corrupt data

and damage hardware. In addition to infecting other programs, the virus may

damage data by way of Data Diddling, Trojan Horses or Logic Bombs. A virus

may do nothing more than temporarily interrupt the computer service to display a

message on the screen, or it may bring down the infected computer system.

Software or hardware containing a virus can come from many sources such as

public domain software, bulletin boards, the Internet, computer club software, a

friend or colleague's diskette, or commercial packages that have been tampered

with. (RCMP n.d.b)


Hacking

Hackers form the first breed of criminals to take advantage of technology to

further their needs. There are several types of hackers in cyber space. For

example, there are recreational hackers, which may appear relatively benign.

Many are attracted by the challenge of gaining access to a system and showing

up failings in the company's security. But they can still cause damage that result

in a financial loss for their victims. There are criminalminded hackers whose

motives may include financial gain, sabotage or revenge. There are political

hackers who are political activists, sometimes called hacktivists. This type of

hacker often defaces web sites in an attempt to put across their message and

discredit their opponents. In May and June 1999, numerous American web sites

were attacked and defaced. Targeted sites included the U.S. Senate, U.S. Army

and other U.S. government departments. (Lilley 2002, p.19) There are many

other documented cases where unsophisticated hackers have caused significant

damage to computer systems around the world, Mafiaboy being the most notable

Canadian example. Mafiaboy was a 15yearold hacker who crippled several

highprofile Web sites such as cnn.com, amazon.com, eBay and Dell.com. The

sites were bombarded with thousands of simultaneous messages, which

prevented legitimate users from accessing the sites. He also hacked into

computers, many of them located at American universities such as Harvard and

Yale. The highprofile Mafiaboy case raised concerns both in the United States

and Canada about Internet security.

Denial of Service Attacks

Another cyber crime is ‘denial of service’ attack. This is done by a web site being

flooded with data with the intention of making it crash, and preventing legitimate

users from gaining access. It can take hours for the company to regain control,

by which time it may have suffered considerable financial losses. (BBC News

2001)


Piracy

Software piracy means a loss of potential revenue to the companies that

manufacture games and programs. Programs can be downloaded from the

Internet and copied onto CDROMs. The MP3 format has made it possible to

distribute digital music files via the Internet. Musicians complain that it deprives

them of royalties. ‘Digital technology permits perfect reproduction and easy

dissemination of print, graphics, sound, and multimedia combinations. The

temptation to reproduce copyrighted material for personal use, for sale at a lower

price, or indeed, for free distribution, has proven irresistable to many.’ (Graycar

2000) There is no agreed upon cost of piracy to companies, but many state that it

is in the high millions.

Fraud

Many types of fraud are being perpetrated by the exploitation of the Internet.

Financial scams and getrichquick schemes have been given a new lease on life

on the Internet. For example, the share price of a company can be inflated by

false rumors of a takeover. Online auction sites also offer opportunities for fraud,

with money pocketed and goods not delivered. A credible looking website that

provides no way of checking that the site owner is legitimate may also conceal an

Internet scam. (BBC News 2001)

There are undoubtedly other crimes committed in cyber space, or with its

assistance, and more will most likely come to light as technology continues to

evolve. There is already evidence of telecommunications equipment being used

to facilitate organized drug trafficking, gambling, prostitution, money laundering

and trade in weapons (in those jurisdictions where such activities are illegal.)

The types of cyber crime the Canadian population seem to be more aware of are

child pornography and child luring. One can speculate that it is because there

have been a number of cases in the media and because children are vulnerable

individuals and require the most protection. An assessment of a large number of


Canadian police service websites shows that 83% of websites posting Internet

prevention information have a section on safety tips specifically for children.

Technology has not only created further crimes and ways of committing existing

crimes as outlined above, but it has also added a burden on the seizure and

examination of evidence by law enforcement (hard drives, emails, removable

devices, etc.) The use of encryption technology may place criminal

communications beyond the reach of law enforcement in the near future.

Technology (cell phones, blackberries, computers, etc) has to be taken in

consideration when investigating almost any type of crime.

As the examples of cyber crime listed earlier demonstrate, a number of crimes

are old ones committed in a new way and/or with a new tool. The list could be

extended if we took all existing crimes and added technology to the mix. It is

very difficult to draw a line somewhere and know where cyber crimes start and

finish. A highranking criminal lawyer who deals with cyber crime cases in

Canada has commented through an interview that ‘computers are one of the few

technologies that call for technology specific laws. Another technology with the

same impact is the automobile (considering all the driving offences). The

impaired driving, dangerous driving, reckless driving, these are investigated by

specialized officers because the technology is the forceful element of the distinct

criminality reflected in the offence. We would not call it a motor vehicle offence if

bank robbers used a car to get away from a robbery.’ (Pers.Comm. 2005)

Therefore, why are we calling it cyber stalking when a stalker uses the Internet to

stalk his/her victim? Should we keep the traditional crimes titled as they are

deemed illegal in the criminal code and simply add to it that it was committed with

the computer or the Internet as a tool? Or do we need to categorize them in

order to draw importance and education towards them?

Some traditional crimes are further defined by justice and law enforcement based

on details of the crime, such as armed robbery vs. robbery. The term armed is a

qualifier to the crime that is robbery. Therefore, cyber could be a qualifier for


stalking, fraud, child pronography, etc. We would have fraud, and cyber fraud;

stalking and cyber stalking; child pornography and cyber child pornography, etc.

The crimes that would purely be computer crime in nature would be crimes such

as hacking or virus spreading as these can only be done with the use of

computers and/or the internet. These are things that should be considered, in

addition to international defintions, when deciding on one uniform definition for

the country.

The PSEPC definition of cyber crime has been used for the purposes of this

research. As stated previously, PSEPC provides policy leadership and delivers

programs and services in the areas of national security and emergency

management, policing, law enforcement and borders, and corrections and crime

prevention in Canada. It also ensures policy cohesion among the six agencies

that report to the Minister, including the RCMP. Their definition is used in this

research because they are the central Canadian organisation responsible for

overseeing policing and law enforcement.

The importance of a uniform defiontion is further important for organisations to be

able to gather apporpriate statistics on the same crimes. The following chapter

will adress the issue of statistical gathering in regards to cyber crime.


CHAPTER 3


Statistics in Canada

It is difficult to quantify cyber crime in Canada. Until a few months ago, no one

was gathering uniform statistics on any crimes related to cyber space, computers

or technology. The Canadian Centre for Justice Statistics (CCJS), in co

operation with the policing community, collects policereported crime statistics

through the Uniform Crime Reporting (UCR) survey. The UCR Survey, also

known as UCR2 following a few revisions, was designed to measure the

incidence of crime in Canadian society and its characteristics. Data from the

UCR Survey provide key information for crime analysis, resource planning and

program development for the policing community. Municipal and provincial

governments use the data to aid decisions about the distribution of police

resources, definitions of provincial standards and for comparisons with other

departments and provinces. To the federal government, the UCR survey

provides information for policy and legislative development, evaluation of new

legislative initiatives, and international comparisons. To the public, the UCR

survey offers information on the nature and extent of policereported crime and

crime trends in Canada. As well, media, academics and researchers use this

data to examine specific issues about crime. (Statistics Canada 2004b)

There has never been mention of computer, cyber, technological or electronic

crime in the list of crimes reported since the survey came into force in 1962.

There is a category titled Other Criminal Code offences that involve the

remaining offences that are not classified as violent or property incidents

(excluding traffic). Examples are mischief, bail violations, disturbing the peace,

arson, counterfeiting, prostitution and offensive weapons. (Statistics Canada

2004b, p.78) Some cyber crimes that fall within these categories (i.e.: mischief)

would fall in this UCR category, but the reporting of it would not show any

differences in regular mischief or computer related mischief.


Following a study in 2002 on the feasibility of collecting statistics on cyber crime

in Canada, cyber crime has been added to the UCR survey. The cyber crime

variable is composed of two fields. The first field flags whether the incident

involved a computer or the Internet. The second field identifies the type of cyber

crime. The definition of cyber crime used for the UCR is ‘a criminal offence

involving a computer as the object of the crime or the tool used to commit a

material component of the offence.’ (Statistics Canada 2005) This is the

definition also used by the Canadian Police College.

Respondents to the UCR survey continue to use the existing survey violation

codes (e.g., fraud, criminal harassment, sale of illegal substances) and, in

addition, flag whether or not the incident involved a computer or the Internet.

The respondent is also able to identify the type as Target, Instrument or

Unknown. Cyber crimes specifically aimed at disrupting computers or the

Internet are to be scored as the target of the crime (e.g., computer hacking,

defacing websites and unauthorized use of computer systems). Cyber crimes

that use computers or the Internet to commit the crime are scored as the

instrument / tool of the crime (i.e.: distribution/ sale of child pornography over the

Internet, criminal harassment via emails, or fraud perpetrated over the Internet).

(Statistics Canada 2005)

Since January 2005, statistics on cyber crime are being collected by Canadian

Police Services in Canada. In addition to Canada only recently beginning

formally collecting statistics on cyber crime, there are additional issues that

cannot be resolved in the short term which impact on the accuracy of data

currently being collected. One significant problem is that the lack of public

awareness of some cyber offences, can mean that such offences may not be

identified as crimes and remain unreported. Alternatively, the victim of the online

crime may know that it is a crime but may either not know which authority to

report it to or not bother.


Public authorities appear to have become increasingly conscious of the need to

provide online services for the reporting of cyber crimes, which hopefully will

begin to capture more of this crime data for those victims reluctant for whatever

reason to go to a police station. Websites such as CyberTip.ca have been

established for the online reporting of cyber crime to assist the Canadian

population in reporting cyber crime when danger is not imminent. The

Vancouver Police Service as well as the SQ both offer online reporting of crime

as well. The RCMP offers a link to RECOL, a website for online reporting of

economic crime. However, what is lacking is the promotion of these services to

the public. If Cybertip.ca is the preferred method for reporting, according to the

government, then that should be made public to all citizens.

Differences in definitions of cyber crime across Canada may also impact on the

accuracy of statistical collections. What is reported might be believed to be cyber

crime but is not, or what is not reported isn’t because the person is not aware

that it is cyber crime. The definition of cyber crime, once a national one is

established, should be promoted hand in hand with prevention information, so

that the public fully understands what crimes the prevention efforts are trying to

prevent.


CHAPTER 4


Prevention efforts in Canada

The Canadian government, law enforcement agencies and private sector

organizations in Canada are making significant efforts in providing preventive

information related to cyber crime to the public. These efforts take the form of

numerous websites and publications available to the public to educate them.

Some of the government departments, which host preventive information in

regards to cyber crime, are as follows:

Industry Canada and the Office of Consumer affairs:

Offer tips for safe online shopping; denunciation of websites with latest

scams in Canada and U.S. and additional information.

Provides a guide to consumer protection for online merchants. The guide

includes security information merchants need to provide their customers,

including actual examples of web pages with what should appear on them.

Public Safety and Emergency Preparedness Canada:

Alerts and Advisories is a webpage updated daily with new viruses, worms,

etc. that PSEPC is aware of, and the possible solutions for the public to

eradicate them from their computer systems. Papers that are not related to

specific viruses are also posted from time to time. For example, in August

2004, a Best practices for preventing online identity theft chronicle was

posted on the website. (PSEPC 2004)

Royal Canadian Mounted Police:

The RCMP website contains prevention information on economic crime,

hacking, etc. The RCMP is also involved in the National Youth Strategy to

Promote Safe, Wise and Responsible Internet Use, to which there is a link.


Additionally, the government has a number of strategies and task forces looking

into various types of cyber crime. For example, there is the Canadian Strategy

to Promote Safe, Wise and Responsible Internet Use. The strategy aims to

increase public awareness of issues relating to illegal and offensive Internet

content by providing parents and teachers with access to a broad collection of

tools and resources, highlighted in a 24page booklet. Such a government

initiative was imperative particularly since as of March 30, 1999, Canada

became the first country in the world to connect all of its schools and public

libraries to the Internet. (Industry Canada 2002)

All of the federal government departments in Canada have, or will by the end of

2005, a presence on the World Wide Web, with many offering online services

(e.g., filing taxes), due to the Government Online initiative. ‘The goal of the

Government OnLine initiative is to use information and communication

technology to provide Canadians with enhanced access to improved citizen

centered, integrated services, anytime, anywhere and in the official language of

their choice.’ (GOL n.d.) This shows that the government is very aware of the

potential the Internet offers. Along with the further development of an online

public service capability, even a cursory browse of many government websites

also demonstrates that they are starting to promote greater online safety.

This development is particularly discernable amongst Canadian police services’

as they enhance their websites. Varied information can now be found on police

service websites, including prevention information. In this research, seventy

three Canadian police service websites were visited in search of cyber crime

prevention information. At the time of the research, the total of active Canadian

police service websites equaled seventythree. (see table 2)


Cyber Crime Prevention on Police Service Websites

41%

59%

Yes No

Table 2

Of the 41% who host prevention information on their website, 83% have specific

online safety information for children. Other prevention information found on

police service websites relates to identity theft, ecommerce and general Internet

practices to follow. This is great information for the public to have, but is only

available to them if they go searching for police websites. However, the same

messages need to be provided in other ways especially to the less computer

literate in the community. Unfortunately, within police services themselves, not

many have the resources or time to dedicate to nononline prevention efforts.

Most officers who offer information presentations or other forms of cyber crime

prevention to the public do so in addition to regular community policing duties.

For example, survey responder 1 from Alberta states that his police service has

one officer who works part time to prevent, as well as investigate, cyber crime.

He states further that they have virtually nowhere to go to get assistance and

expertise.

Another police service, the Lethbridge (Alberta) Police Service, has chosen to

incorporate cyber crime with regular prevention efforts. They have a crime


prevention officer and a public affairs officer who raise awareness of cyber

crimes in all of its forms.

Another major factor in the current insufficient levels of prevention strategies

adopted by Canadian law enforcement agencies relates to corporate intent.

While resourcing to do this activity is essential, it is clear that heads of agencies

need to also formalize prevention strategies in their corporate business planning.

There are still many police services that believe it is not their mandate to prevent

cyber crime, but only to investigate it. However this is changing slowly in some

agencies. For example, one of the Peel (Ontario) Police Service’s goals and

performance objectives is to ‘reduce child abuse, sexual assault and Internet

pedophilia’ as well as ‘increase public and business community awareness of the

risks associated with communicating and conducting commerce electronically.’

(Peel Police Service 2002) These goals and performance objectives should be

part of every police service’s strategic plan. Research also suggest that heads of

law enforcement agencies in Canada still need to do more in their business

planning to signal their desire to tackle cyber crime prevention strategies

including public education. A review of over fifty police services’ strategic or

business plans and/or goals and performance objective documents found less

than ten mentioning a remote version of Peel’s goals and objectives towards

electronic crime and/or online child pornography specifically.

All parties involved in cyber space could do much more to promote a safe usage

of the Internet. Regrettably, it often takes a lot of time, or tragedies, before major

prevention campaigns are born through the use of impact media like television

commercials and billboards. Over the last 10 years or so, we have seen this kind

of publicity campaign in Canada in regards to drinking and driving as the fatal

consequences were increasing at an alarming rate.

The present preventive efforts regarding cyber crime are significantly more than

what was being done just a few years ago when the Internet was still relatively


new. But, much more is still needed. Although Canada does not hold statistics

for the numbers of cyber crime perpetrated annually, the RCMP, the SQ and the

OPP all say that it is increasing at an alarming rate. Additionally, research

reports such as the 2005 McAfee Virtual Criminology Report provide evidence

that cyber crime is increasing rapidly, worldwide. This is why the government

should get more involved by promoting online safety. It is good to have

information on government websites and police services websites, telling people

what to do to keep their identities protected, their kids safe from illegal or

offensive material; but other media should be utilized so that it reaches people

even before they get involved in online activities. Television is still a powerful

medium, which reaches young and old, rich and poor. Governments pay to have

publicities on television and the radio in regards to health matters (i.e.: smoking),

drinking and driving, and so forth. They could start a campaign advising people

that although cyber space does not seem real, it is, and the consequences of

negligence or naïveté can be very real as well. Play commercials targeting

different populations, as well as different cyber crimes. A law could also be

passed to oblige libraries and Internet cafes to have documentation on safe

online practices next to computer terminals. Public figures/celebrities could get

involved. So many things can be done if the need for it is recognized.

Despite growing evidence that the government is increasing its involvement in

cyber safety and cyber crime prevention strategies, such preventive work is

clearly not their responsibility alone. At a microlevel, cyber safety is the

responsibility of everyone who is involved in the use of computers and the

Internet.

For example, within the private sector, there are a number of organizations, such

as CyberTip.Ca, the Society for the Policing of Cyberspace (POLCYB), and the

Canadian Association of Internet Providers that provide prevention information,

as well as other services related to cyber crime. But, there is definitely more that


online service providers could do to provide Internet safety information, such as

providing cyber safety information to new subscribers.

CanCERT is another of Canada’s resources that helps prevent and reduce

computer crime in Canada. CanCERT is Canada’s first national Computer

Emergency Response Team. While understanding privacy and legal concerns,

they are committed to client confidentiality and the improvement of IT security.

This organization was established in 1998 by EWACanada Ltd and operates on

a twentyfour hour basis. CanCert is a nongovernmental organization. The

mission of CanCERT is to be the trusted centre for the collection and

dissemination of information related to networked computer threats,

vulnerabilities, incidents and incident response for Canadian government,

business and academic organizations. (CanCERT 2003)


CHAPTER 5


Training

One of the main issues with technology is that it is constantly evolving, at an

incredible speed.

Experts say that more information has been produced in the last 30 years than was produced in the previous 5,000 years. It is estimated that the total body of knowledge now doubles every five years. As Neil Postman stated, technological change is not additive; it is ecological. A new technology does not merely add something; it changes everything. Becoming dependent upon the existing skills and capabilities of people is no more sustainable in the knowledge age than allowing rustout and obsolescence of physical assets would have been in the industrial age. As we move forward, western economies will continue to shift from being primarily labor intensive to becoming knowledge/mind intensive. (OPP n.d.)

It is critical for law enforcement to keep up to date with new technologies and

how criminals are exploiting them.

Cyber Crime Training in Canada

While large police services can sometimes afford university and other expensive

professional development for their officers, most Canadian police services are

small or mediumsized and have to rely on courses available at the Canadian

Police College (CPC) or their regional training centres.

The CPC, managed by RCMP, is the entity in charge of developing and providing

adequate courses to Canadian police services. There are also six regional

bodies that provide training to six different regions of the country. There is the

Atlantic Police Academy (Atlantic provinces), the Saskatchewan Police College

(prairies provinces), the Justice Institute of BC (British Columbia), Ontario Police

College (Ontario) and l'École nationale de police du Québec (Quebec).

The CPC offers a number of courses on cyber crime investigative techniques and

electronic search and seizure to police services across Canada. A list of cyber


crime related courses presently offered at the CPC, with brief descriptions of

each course, can be found in Appendix D.

All the courses offered show that training needs are being addressed. However,

there are a number of disadvantages for police in accessing the suite of training

outlined in the appendix. For example, each municipal police service (MPS) has

to pay to send students to attend these courses and attendance is on a voluntary

basis for the majority of survey responders. Additionally, spaces are limited per

intake. If individual officers do not show interest in cyber crime/technology, then

they will not be obliged to attend any available courses on the subject, unless the

service has a specialized cyber crime unit thus making training mandatory for

members of the unit. Since MPS operate on limited budgets, they are more likely

to use training funds to up the skills of officers on high profile issues and related

technology (i.e.: terrorism, radiation detection tools) before they use it on crimes

they often see as peripheral to their mandate.

Seventythree percent of surveyed police services recognize there is training

available to inservice officers, but for most as discussed earlier, it is not

mandatory and the funding is often not available to send officers. Survey

responder 2 from a Saskatchewan police service stated that ’availability to

participate in such courses is dependent on need, priority, cost and budget

considerations.’ Survey responder 20 from an Ontario police service stated that

training is only available if the administration chooses to send someone.

Another problem that was identified in this research was that while training can

be seen as expensive and not always a priority, making full use of the specialized

training back in the ‘home police agency’ is not always optimal. For example,

the Guelph (Ontario) Police Service sent someone to the CPC to attend training,

but the service does not have the funding to establish a technological crime unit.

Another problem associated with cyber crime training for Canadian police is that

only one of the cyber crime courses conducted at the CPC is offered in French.


This further limits the possible intake of students as French is the mother tongue

of 23% of Canadians. (Statistics Canada n.d.)

However, training issues in cyber crime do not just appear in the delivery of

specialized training to serving officers working in the area, they are also

problematic much earlier in the officers’ career, at their respective academies.

While the provincial police academies provide recruit training by region and some

of them also offer courses for inservice officers, very few are on cyber crime.

This is likely to continue to impact on many Canadian law enforcement agencies’

anticyber crime capability in the future.

For example, the Atlantic Police Academy offers courses for inservice officers.

However there is only one course related to Cyber crime listed in their calendar,

titled Internet Crime for inservice officers (see Appendix E). The École

nationale de police du Québec provide all training for new recruits for municipal

police services in the province of Quebec. This facility offers professional

courses, but none related to cyber crime.

The situation is the same at the Justice Institute of BC and the Ontario Police

College. This means that all police officers in the provinces of Quebec, British

Columbia and Ontario must obtain cyber crime training at the Canadian Police

College, or from other institutions. The technological crime unit of the Montreal

Police Service (SPVM) is an example of a Quebec police service that has gone

to other institutions seeking training. In addition to the courses at the CPC, the

unit has received basic training from a local college and have also obtained

training from American companies.

The Saskatchewan Police College does not have any cyber crime related

courses on its 2005 calendar for inservice officers. However, survey responder

2 from Saskatchewan states that an introductory overview is included in the

syllabus taught to all police recruits at the Saskatchewan Police College.


Survey responder 3 from a New Brunswick police service was the only survey

responder who indicated that there is one full day of training, per year, on

computer related crime offered to all members of his force. Another police

service states that they provide training on seizing computers and investigating

crimes involving email, such as threats. Survey responder 4 from a Prince

Edward Island police service says their recruits receive emailtracing training.

Out of all the police services surveyed in this research, the Ontario Provincial

Police (OPP) appears to have taken the most advantage of what courses are on

offer. Survey responder 5 from the O.P.P stated that they take them at every

available opportunity. ‘When the courses are available, it is mandatory for

officers in the eCrime section to take them.’ The OPP, being a provincial police

service, has more funds available for training and more officers who are

dedicated to dealing with cyber crime to send on training. Being from the same

province as where the courses are offered could also be another reason why

they take most advantage of the courses combined with the fact that cyber crime

is a high priority for the OPP.

Given the difficulties in accessing training at the CPC, other police services are

coming up with their own ‘home grown’ solutions to cyber crime training needs.

For example, the London (Ontario) Police Service did this in 2003. A goal

articulated in their 2003 Business Plan was to train and develop investigators on

Internet crime. According to their yearinreview document, there has been a

100% increase in trained investigators. (London Police Service 2003) The

Calgary (Alberta) Police Service has also been proactive in finding training to

help prevent crime and address issues related to cyber crime threats. ‘The Crime

Prevention Unit launched the Hybrid and Hive, a 32hour training course offered

by the University of Calgary for police officers and corporate security

professionals.’ (Calgary Police Service 2003)


As indicated in Appendix A there are clearly courses available, from beginner to

more specialized ones and according to the CPC, there are more being planned

and developed to ensure training is up to date with technology. But, the CPC

also states that their budget ‘is not sufficient to meet rising demand and to

respond with the degree of innovation required to produce trained police officers

to meet the new challenges of organized crime, terrorism and hightech crime.’

(CPC n.d.)

Cyber Crime Training Internationally

The need for cyber crime training was recognized by a group of international

experts who met in Ottawa, Canada in February 2004 as a result of a CPC

initiative. The group, now known as the International Cybercrime Training Action

Group (ICTAG), share their knowledge and ideas on how global training can be

harmonized. As a first step, the ICTAG members agreed to list particulars of their

cybercrime courses on an online database currently being developed by the

United States National White Collar Crime Centre. This will allow law

enforcement agencies from around the world to review available cybercrime

training and determine which training courses might be helpful to their

investigators.

This will be a useful tool to Canadian police services as there are numerous

courses available outside of Canada that our law enforcement agencies do not

currently access. In the U.S., there are many private organisations that provide

training to law enforcement agencies as well as government established training

programs. The Computer Crimes and Intellectual Property Section (CCIPS) of

the U.S. Department of Justice hold training and public outreach at the core of

their mission. The FBI’s Investigative Computer Training Unit (ICTU) provides

investigative computer instruction, training, and curriculum development to FBI

and other law enforcement personnel worldwide. Primarily, ICTU trains FBI agent

recruits, field agents and professional support staff, domestic and international


law enforcement officers attending the National Academy, and other law

enforcement officers. Training covers a variety of computer topics including how

to use the computer as an investigative tool, communications device, research

platform, and a tool for examining and/or analyzing digital evidence. (FBI n.d.)

There are several other government programs at the federal, state and local

levels that provide training, like The Computer & Financial Investigations Division

(CFI) at the Federal Law Enforcement Training Center (FLETC) who designs,

develops and provides training on high tech crimes and investigations.

The National Centre for Policing Excellence in the United Kingdom has started a

project titled Cybercrime Investigation: Developing an International Training

Program for the Future. This is an innovative international collaborative program

between law enforcement and academia to harmonize cyber crime training

across international borders to aid the fight against cyber crime. The program

allows for transfer of academic credit from country to country so that investigators

will be able to communicate effectively during investigations with people who can

be identified as having similar knowledge and skills. A register of those who have

successfully completed the training and who receive the status of European

CyberCrime Investigator (ECCI) is being created in order to enhance the capacity

for international operational collaboration. The training material is being made

available to all countries so that they may deliver a harmonized training program.

The development of this training course is intended for all 28 EU and candidate

countries as well as Norway, Switzerland, Interpol and Europol to harmonize

cyber crime training across EU borders. This project proves that it is possible to

transcend international borders and that it is acceptable for countries with

different cultures and legal systems to cooperate on this type of crime; at least on

the training front. (POLCYB 2004)

ICTAG is evaluating such training programs currently in place around the world

to address issues ranging from hacking, child pornography, fraud and scams to

accessing evidence in drug investigations. (CPC 2004) The work ICTAG is


doing is a very positive step forward in providing additional adequate training on

cyber crime to Canadian police officers. However, as long as training remains on

a voluntary basis and attendance is to be paid by each police service, it will be

difficult for MPS to catch up and stay current with the technology advancements

used by criminals. The CPC estimates that 5% of the Canadian police

population is trained at the CPC each year. (CPC n.d.) Since this 5% includes all

types of training available at the CPC, approximately 40 courses at the moment,

(i.e.: drug investigation, case management), and the intakes aren’t as frequent as

for other courses, the percentage of the police population being trained on cyber

crime is likely to be significantly lower than the 5% being trained overall. Another

factor, which prevents the number of police officers being trained from rising, is

that ‘usually, students who attend […] courses possess ten or more years of

experience as a police officer.’ (CPC n.d.) Therefore, younger officers who could

potentially be more interested in the technological side of policing, have to wait

many years before being allowed to receive training related to technological

crime. For example, survey responder 6 from an Alberta police service says

recruits receive the basic what to do from field training officers. He says that

‘cyber crime investigation is too technical to teach as part of the plethora of

information given in basic recruit training. The reality is that a recruit would not

be responsible to investigate this type of crime alone.’ But it would be a logical

deduction to say that today’s police recruits are more aware of technology, and

might therefore require less training than veterans would in order to grasp the

technological jargon. There could at least be a brief overview of online

investigations added to recruit curriculum, so that all recruits can recognize the

different types of cyber crimes, and know how to handle technological evidence,

if ever they are put in a situation where they have to secure an area with

technological equipment, for example.

Since it is now a fact that drug dealers and organized crime are increasingly

taking advantage of cyber space and technology (like blackberries) to conduct

their business, experienced officers/investigators require training as well since


the ways crimes used to be committed are changing constantly, now using the

cyber environment. In order to provide this training in a less expensive and more

convenient way than sending officers for training at the CPC, a number of options

could be explored.

To lessen the cost of sending officers to Ottawa for training, ontheroad training

could be implemented to reach as many services as possible, reducing the cost

of travel and lodging for participants. The fees paid by MPS would only have to

be for the training costs to the CPC and not travel, lodging and meals, which

could translate into considerable savings. For example, a 10 day course at the

CPC which costs 500$ in tuition, costs an additional 1128$ for lodging and meals

at the College. Even if tuition had to be increased slightly to cover the travel

costs of the trainer, the savings would still be significant as the above amounts

for lodging and meals do not include airfare or other transportation costs for all

participants going to Ottawa to receive training.

The regional police academies could also enter into partnerships with the CPC to

have some of the courses available regionally. This would make it easier to

reach more MPS and at the same time increase the number of yearly intakes

available to the country.

There are also private organizations that provide different types of training to law

enforcement that could be exploited, such as CyberLawEnforcement.org.

Another possibility would be to increase online training to reach more officers

nationally. The Internet searching training courses from the CPC are good

examples of self directed learning. They cost 150$ each and can be taken

anywhere in the country where the Internet is available.

Hiring technology experts, as civilians, to work on cyber crime, is also an

alternative to sending police officers for new training, thus eliminating the need to

backfill their positions while they are away. For example, survey responder 18

from an Alberta police service agreed that such an alternative to the current

training deficiencies in this specialized form of policing needed to be looked at.


He indicated that he doesn’t see the investigation of cyber crimes as a job to be

done exclusively by police officers. He believes that what is most important is

the ability to contract and retain highly skilled people. Although in contrast,

survey responder 7 from Alberta held the opposite view. He stated that although

it might be tempting to turn over this task to civilians, there is significant benefit in

having the investigative skills and instincts gleaned only from front line police

work applied in the cyber environment. He believes that in time, Canadian police

services will have members with policing experience who are also comfortable in

a cyber environment. He adds that presently it seems investigators have either

one or the other skill. The issue with this theory is that if we have to wait for time

for all members to have the requisite technical skills, many criminals will avoid

detection in the meantime, and they will also have found new innovative ways to

commit regular crime via new technology and new cyber crimes by the time law

enforcement catches up with their training.

The two main provincial police services, the Sureté du Quebec (SQ) and the

Ontario Provincial Police (OPP,) are the only survey responders whom hire and

utilize civilians within their services to work on cyber crime.

In contrast, the FBI, in the United States, has no quandary with hiring civilians to

work on cyber crime; their problem is with keeping them on staff. A government

official has stated that ‘the FBI's inability to recruit and keep the best available IT

talent has proven to be one of the biggest challenges facing the government's

Internet Crime Complaint Center (I3C). We can't recruit and keep the best

available minds in the IT world. […] They come, stay a few years and move on

because, ultimately, we can't pay what the industry pays for talent.’ (Naraine

2004)

Despite the current debate in some Canadian agencies on how best to acquire

optimal technical skill bases in countering cyber crime, a multidisciplinary

approach is likely to prove helpful. Dr. MarcelEugene LeBeuf (2000), researcher


at the Police Sciences School at the CPC believes in creating multidisciplinary

teams.

Traditional criteria for choosing investigators are responding less and less to new requirements within the police for countering cybercrime. Investigators will have to learn to develop new skills for handling and managing technology. It is probably easier, though, to train technology experts to become investigators, than viceversa. Nevertheless, this is the challenge that the police will have to face to create and keep specialized teams of cybercrime investigators. It is perhaps time to create multidisciplinary teams that reflect criminality’s diversity. In this case, expertise will complement each other positively.

This approach has proven successful namely with Money Laundering/Proceeds

of Crime. Integrated Proceeds of Crime Units (IPOC) are scattered across the

country. The units include the RCMP, Department of Justice, Canada Revenue

Agency (CRA), Canada Border Services Agency (CBSA), Public Works and

Government Services Canada (PWGSC) and PSEPC. Officers from provincial

and local police forces also participate in IPOC units. There are numerous

examples of success across the country, where these joint efforts have resulted

in seizing large amounts of money suspected to be terrorist financing or

proceeds of crime, and arrest of the perpetrators.

In the state of California in the United States, cyber crime courses are mandatory

by law for all senior police officers. S. 13515.55 of the California Penal Code

states the following:

Every city police officer or deputy sheriff at a supervisory level who is assigned field or investigative duties shall complete a high technology crimes and computer seizure training course certified by the Commission on Peace Officer Standards and Training by January 1, 2000, or within 18 months of assignment to supervisory duties. Completion of the course may be satisfied by telecourse, video training tape, or other instruction. This training shall be offered to all city police officers and deputy sheriffs as part of continuing professional training. The training shall, at a minimum,


address relevant laws, recognition of high technology crimes, and computer evidence collection and preservation. (Penal Code n.d.)

This demonstrates that California believes cyber crime is serious enough that law

enforcement should be trained to recognize and contain these types of crimes.

In Canada, we make it mandatory for all senior federal government officials to be

bilingual in the country’s official languages, French and English. Those who are

in management positions and are not bilingual are sent on language training for

months (sometimes up to 24), until they reach the required level of fluency in

their second language. Their public service salaries are paid in full while they are

attending language training. The government has imposed this because Canada

is a bilingual country and its government should reflect that. Such an investment

in the linguistic capability of its personnel is clearly significant and it begs the

question why the government has not applied the same level of resourcing

priority in regards to law enforcement policy, priorities and training. If, like the

Californian government, the Canadian government made it obligatory for police

services in Canada to have one expert, or a percentage of their employees

trained to investigate cyber crime, then this would not only force police services

to provide training to their officers, it would also show them that cyber crime is

taken seriously by the government and needs to be dealt with.

Provincial governments could make cyber crime training mandatory by adding it

to their respective acts or instilling a new rule that would be supported by existing

sections of their act. Police services in Canada are accountable in at least four

ways: (Seagrave 1997) administratively, politically, legally and to the community.

Provincial Police Acts provide accountability framework for municipal and

provincial police services. For example, sections 1 through 6 of the Quebec

Police Act make training mandatory (basic, advanced and inservice training), but

do not list which types of training. Unfortunately, it is not likely that government

will support this type of training as it would require providing additional funding

and there are several levels of government and policy makers involved

(municipal, provincial, federal).


Regrettably, history has shown that in order to get a specific type of crime on the

government’s priority list, something disastrous has to happen, like the terrorist

attacks on the United Stated on 11 September 2001 (911). Following 911,

terrorism became one of the top priorities for the RCMP as well as many police

services in metropolitan areas. An RCMP investigator declared through an

interview that where there were minimal resources working on terrorism pre911,

resources were being pulled from other high priority areas/cases, to work on

terrorism issues post911.

It is not far fetched to think that it might require an electronic 911 for cyber crime

to reach priority status. Had officials discovered that terrorists used the Internet

for their operational planning and implementation of the events of 911, then it is

highly likely that resources would have been pushed towards Internet related

crime. Survey responder 7 from Alberta stated that ‘politicians and

administrators simply do not seem to grasp the enormity of the Internet and the

impact it has and will bring to Canadian communities in terms of crime. Like

anything else, cyber crimes are not in the face of communities until something

tragic happens and therefore does not receive the proactive measures necessary

to properly deal with cyber issues.’ This has proven to be true time and time

again. Once something is brought to light by the media, the public becomes

aware and if it is felt that the issue is important enough, the public will speak up

and the government will have to address it. For example, online child

pornography was becoming much more frequent in the news over the last 5

years. Consequently, the criminal code was updated in 2002 to ensure that

online child pornography would be covered; later, luring children through the use

of the Internet was added as an offence.

Technology should be made a priority within police services and government as

a whole in order to counter cyber crime appropriately. While some areas have


embraced this fact of the new millennium, others have procrastinated, such as

many police services, with the excuse of no funding or resources. These

excuses, although accurate in most case, need to be overcome. Not only do law

enforcement agencies have to keep up to date with the constant change that

technology brings, they have to catch up to all the existing technology and how

criminals have been taking advantage of it. The face of crime is changing, so

should the face of the law. Although the legislation has been updated

considerably over the years, it is lost if powerful, affordable and accessible

training is not implemented nationally for all law enforcement. Without training

related to new technologies used by criminals, law enforcement might be missing

many opportunities to enforce the updated laws.


CHAPTER 6


Assessment of Canadian legislation

Cyber Crime can only be fought if there is appropriate legislation to prosecute the

offenders. August Bequai stated, in 1978, that we needed to awaken to a ‘serious

and growing problem, a problem aggravated by an antiquated and

overbureaucraticized legal apparatus. At stake is our very form of government,

for if we fail to adapt our legal system to the needs of an evergrowing

technology, we will lose.’ (p.5) Luckily, Canada’s legislation has been updated

over the years to reflect new types of crime, and/or ways of committing crime

with the aid of technology.

It is difficult to theorize on the appropriateness of legislation related to cyber

crime since as mentioned earlier, there is no uniform definition of cyber crime in

Canada or a set list of crimes that fit into this category of crime. Nonetheless, we

can analyze the existing legislation in relation to the most popular, or agreed

upon in Canada, cyber crimes.

Amendments directed at cyber crime were made to the Criminal Code in 1985.

These amendments include:

§ s. 342.1 Unauthorized use of computer;

§ s. 430 (1.1) Mischief in relation to data;

§ s. 327 Possession of device to obtain telecommunication facility or service;

§ s. 326 Theft of telecommunication service.

Then, in 1997, the Criminal Law Improvement Act made additional various

amendments to the Criminal Code, including section 342.2, possession of device

to obtain computer service.

As technology has not only created new crimes, but also changed the way

traditional crimes are perpetrated, the criminal justice system, in response, had to


make parallel adaptation. Child pornography is a good example. It was illegal in

Canada to possess child pornography long before the Internet was born. But,

with the wide spread use of the Internet as a criminal tool, revisions had to be

made to legislation to make it illegal to download and view child pornography

online. Bill C15A, which received Royal Assent on 10 June 2002, includes

amendments to child pornography provisions that address the propagation of

such material on the Internet. Among the provisions, the Bill created an offence

against luring (s.172.1) or exploiting children through the Internet and made it a

crime to transmit, make available, export and intentionally access child

pornography on the Internet. It also introduced tougher sentences for those found

guilty of committing an offence. (PSEPC 2003) Additionally, this piece of

legislation gives Canadian judges the power to proscribe Canadabased child

pornography sites and to order the forfeiture of materials or computers used in

the crime.

In other cases, minor revisions to legislation have been required to ensure that

offences are defined in a way that captures the new technological aspects of the

crime and that the necessary law enforcement responses are permitted. For

some other computer crimes, no revisions at all were required. In the case of

cyber stalking, or online harassment for example, the law has not required

changes to adapt to technology. The harassment clause in the Criminal Code is

broad enough to be applied in all cases no matter what means are used to track

or terrorize the victim. (s.264)

Although Canada has strong legislation against child pornography; with or

without computers, some argue that there are still weaknesses in areas of the

law in relation to other crimes committed solely with the use of technology.

However, according to the Information Technology Security Strategy (ITSS)

Legal Issues Working Group, the fact that not all computer crimes have their

specific offence in the Criminal Code should not be seen as a weakness since

law is flexible. ‘Sometimes the law can apply to a wide variety of circumstances.


It is not necessary to have a new law for every new technology. Courts have

historically demonstrated a willingness to apply old legal principles to new

technological circumstances.’ (DoJ n.d.) The Criminal Code has created an

assortment of offences that have general application in or out of an electronic

context. Computer sabotage, including the destruction of hardware and erasure,

destruction or alteration of data or creation and dissemination of computer

viruses can be prosecuted under mischief provisions. Electronic economic

crimes can be prosecuted using traditional offences such as fraud, theft, forgery,

breach of trust and so on. Amendments to the Criminal Code in 1985 make it

clear that forgery applies to computer documents. Unauthorized entry into a

computer system can be prosecuted as fraud if a person falsely represents him

or herself to be as having authority to debit the account and use of computer

time. Where a person falsely assumes the identity of a lawful user, a charge of

personation may be in order (s.403). The Code also makes it an offence to

‘fraudulently and without color of right obtain any computer service’, and to use a

computer system in an unauthorized fashion (s.342.1(1)(a)). (DoJ n.d.)

Unlike some federations, notably Australia and the United States, criminal law

in Canada is solely federal in jurisdiction, although it is administered

provincially. This reduces the amount of laws that have to be amended or

created to adjust to new events or criminal outlets, such as technology.

Canadian legislation appears to be adequate for cyber crimes such as online

child pornography, but may be lacking in other areas of cyber offences.

Actions such as spamming are not legislated in Canada as of yet (like it is in

the United States and Australia). But, as a whole, it seems that it is not

appropriate legislation that is missing, but rather, the use of the available

legislation. This goes back to the lack of cyber crime investigations, which is

due in part to lack of funding and resources for law enforcement.


Punishment / sentencing

While in general legislation in Canada is in line with current technology, there is

also the issue of punishments/sentences that go with the instituted offences. It is

impossible to establish the level of punishment that is adequate for all cyber

criminals because the types of crimes are so broad in scope. In the cases of

many traditional crimes, sentencing has already been established by case law

(like child pornography). For new crimes, such as hacking, the jury is still out, so

to speak. These types of crimes have different impacts, based on the victim, the

type of damage (financial, reputation, etc.) and the legislation qualifying these

acts as offences is still fairly recent. Every new case builds case law. For

example, a male in the United States was sentenced to 10 years of community

supervision for having child pornography on his computer. Another example is

an Australian male who was sentenced to oneyear imprisonment for sale and

distribution of pirated computer games. In Canada, a women was jailed for 90

days and put on probation for 2 years for telecommunications fraud involving

organized crime (Smith, Grabosky & Urbas 2004)

As with most crimes, there is a constant debate on what is appropriate for

punishment. Cyber crimes are just new crimes added to the debate. Does it

make sense to put a recreational hacker in prison? Does the punishment fit the

crime? Is the answer to establish a constructive punishment regime, where

hackers have to provide their computer expertise to a said company or agency to

help them counter future hacker attacks? For example, this kind of ‘punishment’

regime has been done in the past where notorious hackers have been hired by

law enforcement to work for them. Smith, Grabosky & Urbas (p. 126 2004)

believe that ‘although conventional punishments of imprisonment and fines will

continue to be used in appropriate cases, it is likely that some judges will

experiment with a range of conditional orders. Some of these may result in legal

challenges or be counterproductive in reducing crime, but carefully framed

conditional orders could enhance the effectiveness of judicial punishment in


certain cases by making constructive use of the motivational factors that drive

many cyber criminals.’

The first everCanadian conviction for distribution of child pornography (in 1995),

held a sentence of 2 years probation and 150 hours of community service.

(Smith, Grabosky & Urbas 2004, p.174) The first sentence to be administered

under the newest piece of Canadian legislation related to the Internet is with

regards to Internet luring. On November 24, 2004, Sergio Arana Martinez was

found guilty of luring a child through the Internet and was sentenced to 21

months time served. Ontario Superior Court Justice Bruce Hawkins said the

sentence was within the acceptable legal range.

Besides ensuring that cyber crimes are covered by Canadian legislation, policy

makers have to ensure that all legislation is adapted or created to reflect all

aspects of technology. One example of this is with the protection of personal

information through electronic channels and the safeguarding of ecommerce in

Canada. Bill C6, the Personal Information Protection & Electronic Document Act

(PIPEDA) was given assent on April 13, 2000. PIPEDA is a provision taken by

the Federal Government to improve the security of individual privacy and to

counter abusive use by organizations in the collection, use and disclosure of

personal information for unreasonable purposes. The Act comprises two parts.

Part 1 establishes the rules for governing the collection, use and disclosure of

personal information. Part 2 creates an electronic alternative for doing business

with the Federal Government. (DoJ 2002, p.14) The PIPEDA is meant to give

Canadians the confidence to use the Internet as a place to do business. It also

makes it easier to conduct electronic commerce on a national and international

scale in a secure environment.

Canada is advanced on substantive law (offences) but there are still a number of

challenges in presenting computerbased evidence in court. Law enforcement

cyber crime investigations also require clearer procedures and powers for

evidence gathering and searching. The relevant legislation to be renewed in

order to rectify a piece of this issue concerns Lawful Access. ‘Lawful Access is


the interception, authorized by law, of communications and the lawful search and

seizure of information, including computer data. The police and national security

agencies use lawful access to investigate specific cases of serious crimes, such

as drug trafficking, money laundering, child pornography, murder and terrorism.’

(PSEPC 2003) The topic in Canada has been somewhat controversial over the

last few years. While police chiefs across the country have been asking for

greater Criminal Code powers to monitor email, web surfing, instant messaging,

etc, the public and many private sector organizations, such as Internet Service

Providers (ISP), have been against it for privacy reasons. The fear is that this

would provide law enforcement with powers to act as big brother and monitor

everyone’s email and Internet usage. The existing provisions on lawful access

date back to 1974 and have only been updated once in 1980. It is fair to say that

while technology has evolved considerably since then, Canada's lawful access

laws have not kept pace. Increasingly complex technologies are challenging

conventional lawful access methods. (DoJ 2003). Nonetheless, research in this

paper indicates that most police services across the country do not have the

time, funding or trained resources to investigate cyber crime. Hence, while it is

important to consider granting police greater powers of electronic interception,

the issue is largely rhetorical without granting them additional funding to use

these powers

Legislative Resources in Canada

In order to prosecute cyber offenders arrested under Canadian legislation, the

Department of Justice Canada has established an eProsecution Secretariat

consisting of four lawyers. They monitor the impact of technology on the work of

prosecutors and participate in a variety of projects, both within the Department of

Justice and outside, that relate to technology and the practice of criminal law.

The eprosecution Secretariat was formed in June 2001. It not only joins the

Canadian provinces and territories on a working group on cyber crime, it also


helps guide police and prosecutors through the mysteries of microchips,

cyberspace and electronic games and other technology.

The Secretariat also offers cyber crime training, as well as frontline assistance, to

Crown counsel and police. (Baer n.d.) Often, police officers turn to Crown

prosecutors to ensure that evidence is being collected properly. But prosecutors

recognize they too need help in preparing to prosecute for technologybased

crimes. Accordingly, the Secretariat has developed, in conjunction with the

United States Department of Justice (USDoJ) and the FBI, a computer crime

training course for Canadian Crown prosecutors. The course includes six

modules, focusing on computer crime in general, hardware and software

interactions, computer networks, electronic evidence gathering, trial issues, and

crime scenarios. In addition to Federal Crown counsel, provincial prosecutors,

judges, and police officers have taken this twoday course. (Baer n.d.)

There are also lawyers at the provincial government level that are dedicated to

cyber/electronic crime, such as in the Ontario Ministry of the Attorney General.

They have created a Task Force on Internet Crimes against Kids. The taskforce

is a special working group established in June 2004 and is made up of crown

prosecutors and police who work on child pornography and luring cases. They

are working on developing policies, tools, best practices and training to improve

the way these crimes are investigated and prosecuted in Ontario. (Attorney

General 2004)

Canada is well legislated to prosecute crimes perpetrated through the use of

computers or the Internet. The main issue is providing training or educating all

legislative participants (judges, lawyers, police) as well as the public. As survey

responder 6 from Alberta stated, ‘making new laws alone, is not the answer.

Capital investment in law enforcement for extra personnel, training and

technology will go further to assist in countering cyber crimes.’


International Legislation

When the issue of cyber crime is elevated to the international scene, the

problems and shortfalls are magnified. ‘The development of the Internet and

other new technologies has changed the nature of transnational crimes.’ (Clifford

2001, p.169) With cyber crime, criminals no longer need a physical nexus with a

particular country to commit a crime in that country. In order to effectively

address cyber crime as a new form of transnational crime, concerted

international cooperation is required. This can only happen, however, if there is

a common structure for understanding what the problem is and what solutions

there may be.

Michael O’Brien (n.d.) lists a number of problems surrounding international

cooperation in the area of computer crime and criminal law:

1. The lack of global consensus on what types of conduct should

constitute a computerrelated crime;

2. The lack of global consensus on the legal definition of criminal

conduct;

3. The lack of expertise on the part of police, prosecutors and the

courts in this field;

4. The inadequacy of legal powers for investigation and access to

computer systems, including the inapplicability of seizure powers to

intangibles such as computerized data;

5. The lack of harmonization between the different national procedural

laws concerning the investigation of computerrelated crimes;

6. The transnational character of many computer crimes;

7. The lack of extradition and mutual assistance treaties and of

synchronized law enforcement mechanisms that would permit

international cooperation. Or, the inability of existing treaties to take


into account the dynamics and special requirements of computer

crime investigation.

Many points raised by O’Brien are well understood by some global leaders. For

example, French President, Jacques Chirac once stated that ‘what we need is

the rule of law at an international level, a universal legal framework equal to the

worldwide reach of the Internet.’ (Clifford 2001, p.173) Cooperation between

countries is key, but it is a great task to get countries to agree, when an action

might be a crime in one nation but not in the other. In the case of Europe, the

Council of Europe (CoE) CyberCrime Convention was initiated as a European

response to dealing with cyber crime. The main objective of the Convention is to

pursue a common criminal policy aimed at the protection of society against cyber

crime, especially by adopting appropriate legislation and fostering international

cooperation.

The Convention is the product of four years of work by Council of Europe

experts, but also by the United States, Canada, Japan and other countries that

are not members of the organization. It is the first international treaty on crimes

committed via the Internet and other computer networks, dealing particularly with

infringements of copyright, computerrelated fraud, child pornography and

violations of network security. It also contains a series of powers and procedures

such as the search of computer networks and interception. (CoE 2001)

The treaty seeks to control Internet crimes by requiring signatory nations to

create a specific, uniform body of laws to deal with unauthorized access,

interference, fraud and forgery, child pornography and copyright infringement.

The treaty has three primary objectives. The harmonization of national laws

which define offences, the definition of investigation and prosecution procedures

to cope with global networks and the establishment of a rapid and effective

system of international cooperation.

The signing and ratification process for the Convention started with 34 countries

(including the external supporters United States, Canada, South Africa and


Japan) signing and 5 countries (Albania, Croatia, Estonia, Hungary and

Lithuania) ratifying the main convention by March 2004 (out of 49 potential

countries). Following the first 5 ratifications, the Cyber Crime Convention came

into force on July 1 2004. (CoE 2001) Eleven countries have now ratified the

Treaty. The Convention is presently in force in Cyprus, Romania, Slovenia, and

the Former Yugoslav Republic of Macedonia in addition to the initial five.

Denmark and Bulgaria are expected to ratify it on October 1 st and August 1 st ,

2005 respectively. However, other European countries such as France, Italy and

Germany have yet to do so (CoE 2001).

Canada is ranked among the top countries that have fully or substantially

updated their laws without ratification of the European Convention along with

Australia, Estonia, India, Japan, Mauritius, Peru, Philippines, Turkey, and the

United States. (McConnell 2001) Canada has updated related statutory laws

and Canadian political officials have strong confidence that existing laws provide

sufficient coverage against the remaining categories such as aiding and abetting

cyber crimes and computerrelated forgery. It is difficult to assess if that is

correct until these crimes are investigated and brought before justice on a greater

scale. Nevertheless, there is pressure from the Canadian Association of Chiefs

of Police (CACP) on the government to ratify the Convention since it contains

one remaining clause that requires updating in Canadian legislation. This clause

of the Convention relates to production orders. Production orders are obtained to

compel persons not under investigation (third parties) to produce, at a specified

time and place and in a specified form, data or documents (or to prepare and

produce a document based on data or documents) relevant to the commission of

an alleged offence under any federal law. Production orders are issued in

circumstances similar to those under which a search warrant would be issued,

but production orders may be less invasive than a search warrant since law

enforcement officials would not be required to search the premises of the third

party. Also, such orders allow for the acquisition of information held outside

Canada where it is under the control of a custodian in Canada. Furthermore, by

specifying the time and place at which the material must be produced, as well as


the form of the documents, such orders may speed up the investigative process.

These orders are difficult to obtain in Canada in relation to new technologies. No

regulations exist to place specific obligations upon Internet service providers, as

well as other technology providers, to provide free and timely interception by law

enforcement. At present time, communication service providers can lawfully

charge a fee to law enforcement for requesting information and/or interception

and it rarely concludes in realtime monitoring availability. This limits the

effectiveness of an order of the court. Lawful Access is the piece of legislation

that requires updating to reflect the necessary changes. As discussed earlier,

current Lawful Access provisions date back to 1974 and have only been updated

once in 1980. If Lawful Access were updated as CACP is requesting, then it

would be in line with the remaining clause in the Convention, addressing traffic

data, anticipatory orders and so forth.

Legislation in other countries

Not surprisingly, legislation can differ from country to country. The CoE was

created to help establish, and standardize approaches to cyber crime across

European countries. But the convention does not encompass all nations of the

world, and not all members have ratified; therefore there are still great

discrepancies between jurisdictions. Countries such as Australia and the United

States have either similar laws to Canada’s, or provisions to establish them.

Countries that hold very different penal codes, as well as different levels of

sentencing towards penal infractions, do so in regards to cyber crime as well.

Examples of significant differences in sentencing and penal codes can be found

in Zambia, Singapore, China and Arab Countries where culture, religion and

political dictatorship apply to the virtual world as much as to the real world.

For example, in many countries governed by authoritarian regimes, censorship

and punishment for so called ‘cyber offences’ can be quite arbitrary. For

example, a study of eleven countries carried out by the Cairobased Arabic

Network for Human Rights Information (HRINFO), titled The Internet in the Arab


World: A New Space of Repression? finds many of the area's estimated 14

million Internet users facing shutdowns of Web sites, the closing of Internet cafes

and prosecution for a variety of crimes, real or imagined.

The HRINFO study finds the most active censorship in Syria, Egypt, Libya,

Tunisia, Yemen and Saudi Arabia. These countries use a variety of tools,

including criminal prosecution, to stop Internet use by any of a number of

political, social or religious groups. In most of these countries, Internet cafes

have been shut down, Web sites blocked and numerous users sentenced to

prison terms. (etopics 2005)

Internet censorships and closures in Arab countries could perhaps at first glance

be seen as an advantage by many western countries who are increasingly

tracking jihadists’ use of the internet for communicating with likeminded and

planning terrorists attacks. However, research has shown that censorship

applies only to what the governing power does not want his citizens to have

access to. Therefore, an antiAmerican government might not only allow anti

American content on the Internet; it might censor in some cases more moderate

points of view being transmitted throughout cyber space.

Despite still many irregularities across the globe in cyber crime legislation and

enforcement activity, strong and consistent international cooperation is still a

critical factor to sending a message to cyber criminals that they can be caught

and prosecuted. A recent example of the kind of cross jurisdictional international

cooperation that is required was with a very successful crossjurisdictional

Internet child pornography investigation that occurred partly in Australia in 2004.

The investigation, codenamed Operation Auxin, began in March 2004 and

culminated in September 2004 with the execution of approximately 400 search

warrants across all Australian capital cities and a number of regional and country

areas. Auxin was the Australian arm of Operation Falcon (a worldwide

investigation into the trafficking of online child sex images). There were

hundreds of arrests of child pornography subscribers, not only in Australia, but


also in the United States and Britain. The U.S. charged a Belarusbased child

pornography enterprise and a Florida credit card billing service in this global

Internet pornography and moneylaundering ruse involving thousands of paid

memberships to some dozens of pornography websites. If this type of large

transnational law enforcement operation reoccur on a steady basis, countries

who are not active cyber crime treaty participants, or do not have appropriate

legislation, may be more inclined to look at the issue seriously. Though for many

nations it is not just a question of a greater willingness to adopt appropriate

legislation and sign treaties but also their ability to develop sustainable

specialized skill sets in their law enforcement communities so that they are able

to participate in such cross jurisdictional operations. For many, at present,

attending to basic law enforcement objectives is challenging enough. The other

issue for law enforcement in Canada to consider is while more cross jurisdictional

investigations might scare off amateurs or first time offenders, they may only in

the end push hardcore and group criminals into utilizing even more advanced

technology to continue to conduct their illicit business. Therefore law

enforcement needs to learn from such crossjurisdictional investigations as

Operation Auxin and how the cyber criminal changes his/her exploitation of

technology based on policing activity. The ability to switch to using new emerging

technologies or changing modus operandi needs to be more effectively reflected

in new legislation than has been the case.

However, there are examples that show law enforcement is at least attempting to

respond to a rapidly changing threat environment. The U.S.’ AntiPhishing Act

shows that although law enforcement and legislation find it difficult to keep ahead

of technology, they can at least keep pace.

Leahy's AntiPhishing Act of 2005 targets both the email bait and the Web site switch by entering two new crimes into the U.S. Code. The bill prohibits the creation or procurement of an email that represents itself as being from a legitimate business but is, in fact, sent with the intent to commit a fraud or identity theft. The second part of the bill prohibits the creation or procurement of a Web site that appears to be legitimate but attempts to induce the victim to


divulge personal information with the intent to commit a crime of fraud or identity theft. (Mark 2005)

The U.S., U.K. and Australia’s antispam acts are other examples of legislation

keeping up with technology. Phishing and spamming are relatively recent cyber

issues.

As O’Brien points out, issues surrounding expertise, extradition powers and

special requirements of cyber crime investigations all make international

cooperation the more vital, but also the more challenging. Without this

cooperation, some countries will become known as safe havens for various types

of cyber criminals.


CHAPTER 7


Analysis of Law Enforcement Reactions

The leading agencies in Canada responsible for preventing and/or countering

cyber crime are the RCMP, the OPP, SQ and PSEPC. Cyber crime is not

necessarily a selfproclaimed priority, but research has shown that these

agencies have more resources to devote to crime, and for most, cyber crime is

part of their business plans. The SQ’s 20012004 business plan mentions that

the development of qualified resources in data processing, data protection and

telecommunication constitutes a lever, making it possible to improve their

capacity to fight effectively against the dataprocessing crimes, the telephone

frauds and the crimes committed in Internet. (SQ 2001)

Ontario Provincial Police (OPP)

The Electronic Crime Section (eCrime) of the OPP, which became operational in

2001, provides specialized investigative services to the OPP, Ontario municipal

police services and government ministries facing investigations in which

electronic equipment, and/or the Internet are identified as key elements of the

investigation. Two years after establishing the ecrime section, the OPP made a

commitment to increase capacity of electronic crime investigations as the

growth of the World Wide Web and technology as a whole has had a significant

impact on the number, and the diversity of requests for assistance received by

the ecrime Section. (OPP 2004)

In addition to the ecrime section, the Child pornography section, originally

formed in 1975, now also deals with Internet child pornography. Additionally, this

section is in charge of luring legislation offences for the province of Ontario. The

section provides advice, assistance and training to police and crown counsel

across Canada.

In their first year of operation, the ecrime section received 155 requests, and in

2002 321 requests for service. The increase was attributed to the fact that the


Child Pornography Section became a client and the section absorbed their

caseload at once, which included their backlog. In 2003, and 2004 (up to early

December), the e–Crime Section received 211 and 274 requests for service

respectively.

The OPP ecrime section appears to be dealing with an increasing workload.

This demonstrates either that cyber crime is increasing, or that other police

officers and services are recognising these ccrimes increasingly, and therefore

referring them to the ecrime section for investigation.

Sureté du Québec (Quebec Provincial Police)

The Division of Cyber Surveillance and Monitoring, operational since December

2001, is the SQ specialized unit that investigates and monitors cyber crime. The

Division analyzes and evaluates each crime to determine whether or not the

crime is related to the Internet, and carries out preliminary assessments of

criminal information databases, suspicious Internet activities, Internet infiltration,

child pornography, etc. The staff prepare and execute warrants and then forward

the file to the appropriate unit of the police force concerned. (Kowalski 2002)

The main crimes investigated by the SQ cyber crime unit in 2003 are drugs,

heinous content, hackers, threats, fake documents, fraud, murder, sexual

aggression, child porn and luring. (SQ 2001)

Between January 2002 and September 2002, the Division provided assistance in

309 incidents involving 185 morality incidents, 99 economic crime incidents and

99 incidents against the person. (Kowalski 2002) Unfortunately, the number of

successfully prosecuted cases is unknown at his time.

Royal Canadian Mounted Police

As experts in the forensic investigation of computers and networks, the members

of the RCMP's Technological Crime Unit provide support services to investigators

in the RCMP and other Canadian police services or government agencies.

Additionally, in the case of Internet investigations the RCMP provides services to


any accredited international police service or agency. RCMP support services

include collecting evidence through the search, seizure and forensic analysis of

computers and other microprocessorbased devices such as personal digital

assistants (PDAs) and providing expert testimony in criminal court proceedings.

At the request of PSEPC, members of the RCMP's Technological Crime Unit also

investigate cyber threats, or criminal activity using computer networks, that may

threaten one of Canada's critical infrastructures. This includes energy and

utilities, communications, financial services, food distribution and health care,

transportation and safety. (RCMP n.d.a)

The RCMP website (n.d.) also underlines the organization’s commitment to cyber

crime prevention in the community. The RCMPs’ website tells the public to

‘please report cyber crimes or technological crimes such as hacking, mischief to

data, network intrusions, denial of service attacks, computer viruses or trojans to

your local police service.’ Yet, research demonstrates that local police have

minimal resources, equipment or expert knowledge to deal with these types of

crime. Many survey responders said that they refer technological crime, such as

hacking, to the RCMP. This appears to be a contradiction, which most likely

contributes to the RCMP’s selfprofessed backlog of cyber crime cases. Through

an interview, a member of the RCMP stated that the cases are dealt with my

order of priority. If a request for assistance comes from the FBI to assist with an

international ring of cyber pedophiles, it will be treated before a municipal police

request for assistance regarding a local hacker. The technological group is not

proactive in seeking Internet criminals; they are only reactive to requests they

receive. This is in part due to the fact that the number of resources the

technological crime unit has is too low to start eradicating the backlog of

requests. It does not leave any resources to be proactive.


Public Safety and Emergency Preparedness Canada

As mentioned earlier, PSEPC is the leading agency in providing policy leadership

and program and service delivery in the areas of national security and

emergency management, policing, law enforcement and borders, corrections and

crime prevention. Although their definition of cyber crime has one part related to

traditional crimes committed in a new way, the focus of PSEPC activities in

relation to cyber crime is on part 2 of their definition. Through PSEPC the

Government of Canada is the first signatory to an agreement to participate in

Microsoft’s Security Cooperation Program (SCP), a global initiative launched by

Microsoft. The SCP is a worldwide program that provides a structured way for

governments and Microsoft to engage in cooperative security activities in the

areas of computer incident response, attack mitigation, and citizen outreach.

(Microsoft 2005)

Also, the Canadian Cyber Incident Response Centre (CCIRC), which serves as

Canada’s focal point for dealing with cyber threats to Canada’s critical

infrastructure since early 2005, is under PSEPC’s umbrella. The CCIRC

provides cyber security services such as incident response coordination and

support, monitoring and threat analysis, as well as technical advice and

awareness for critical infrastructure owners and operators. The CCIRC provides

this cyber protection leadership and expertise at the national and international

levels. (PSEPC 2005)

A number of other government and private sector agencies are involved with

cyber crime. The Society for the Policing of Cyberspace (POLCYB) is an

example of a Canadian organization whose priority is cyber crime. POLCYB was

incorporated as a notforprofit society in British Columbia in 1999. Their goal is

to enhance international partnerships among public and private professionals to

prevent and combat crimes in cyberspace. It seeks to establish a permanent

network for international criminal justice and corporate sectors to share

knowledge, information, and resources to prevent and combat cyberspace

http://www.ocipep.gc.ca/ccirc/index_e.asp


crimes. It also facilitates educational forums to enhance understanding of the

work undertaken by international criminal justice and corporate agencies in

preventing and combating Cyberspace crimes and to provide public education on

information security. (POLCYB 2002)

Internationally, there are numerous government and private sector agencies that

are involved in stopping cyber crime. In the U.S., the FBI’s third priority is to

‘protect the United States against cyberbased attacks and hightechnology

crimes.’ (FBI 2003b) The FBI plays two very important roles in cyberspace. First,

it is the lead law enforcement agency for investigating cyber attacks by foreign

adversaries and terrorists. The potential damage to the United States' national

security from a cyberbased attack includes devastating interruptions of critical

communications, transportation, and other services. Additionally, such attacks

could be used to access and steal protected information and plans. Second, the

FBI also works to prevent criminals, sexual predators, and others intent on

malicious destruction from using the Internet and online services to steal from,

defraud, and otherwise victimize citizens, businesses, and communities. (FBI

2003b)

In Australia, all major police forces have a unit that deals with cyber crime or a

form of it. Additionally, the Australian Federal Police (AFP) hosts the Australian

High Tech Crime Centre (AHTCC) with its own High Tech Crime Team (HTCT).

The ‘significant strength of the AFP is its national and international organization,

including a worldwide network of 31 liaison posts in 28 countries staffed by 45

AFP officers. In addition, the AFP hosts Interpol within Australia, the G8 24hour

hotline, and investigative teams in all Australian capitals. These capabilities in

countering high tech crime are some of the key reasons the AFP was chosen to

host the AHTCC.’ (AFTCC 2003) The AHTCC is comprised of members from all

State and Territory police services and they also partner with many public and

private stakeholders involved in educating the public.


Level of Priority in Canadian Police Services

In Canada, of the 26 police services who have responded to the survey, 39%

stated that cyber crime is a priority for their service although not all of them have

the resources to fulfill this priority. Some services do have enough resources to

have a unit that deals strictly with cyber crime, such as the SQ; others have to

farm these investigations out to existing sections (such as the OPP) or units

within their organization (such as fraud or economic crime sections). Other

services would like to deal with these crimes, but cannot afford to do so without

taking resources away from other areas. This point was highlighted by survey

responder 8 from an Ontario police service who made the following comment: ‘It

should be noted that I believe that this service would like to be able be more

involved in the investigation of cyber crimes however we do not have the

resources presently.’

Survey responder 7 from Alberta put the issue of prioritizing cyber crime this way

when he said that he believed ‘community demand has dictated the service will

(publicly at least) maintain cyber crime as a priority, however there are no

additional resources and these investigations simply compete for the same

limited time required for all other complaints, investigations and response to call.’

Responses were similar elsewhere amongst survey responders. For example,

survey responder 1 from Saskatchewan also stated that it is a priority but the

organization can’t realize that priority due to insufficient resources. These

statements show willingness to deal with cyber crime, but without the appropriate

resources to do so. Priorities have to be addressed first.

Within the Rothesay (New Brunswick) Police Service, the Major Crime and Street

Crimes Unit work on the more traditional crimes and with the assistance of the

member from the Computer Crimes Unit, they work on the computer within the

traditional crime. The member from Computer Crimes works solely on computer

crimes. The Lethbridge (Alberta) Police Service has officers who investigate

cyber crimes on an as needed basis from the Major Crimes and Economic


Crimes units. In addition, front line street patrol officers investigate the more

straightforward lowlevel crimes. However, even if a police service views cyber

crime as a corporate priority, training and technical resources for specialized

investigations can be expensive and time consuming for smaller police services.

For some police services, cyber crime is not a priority. Survey responder 9 from

an Ontario police service stated that if it were a priority, they would get the

resources from elsewhere and train the personnel. Survey responder 2 from

Saskatchewan stated that it is not a priority ‘in the sense that there is no

dedicated unit or integrated unit that focuses its entire mandate towards cyber

crime. Available human resources are the main challenge.’

Having a corporate mission to prioritize cyber crime is one thing, but clearly a

tangible sign of true prioritization in when resourcing is in line with corporate

intent. Resourcing of course relates to human and capital expenditure that is

directly used on cyber crime. The number of resources dedicated to counter

cyber crime varies by police service. Table 3 shows the number of police officers

per surveyed police service (P.S.) as well as the number of officers who work on

cyber crime within each of these services (on either part 1 or part 2 cyber crimes

as per the PSEPC definition of cyber crime). Municipal police services were

simply identified by their province to keep confidentiality agreement with

responders.


P.S. in Ontario

P.S. in New

Brunswick

P.S. in Ontario

P.S. in Alberta

P.S. in Prince Edw

ard Island

P.S. in Quebec

P.S. in Ontario

P.S. in Alberta

P.S. in New

Brunswick

P.S. in Alberta

P.S. in Quebec

P.S. in Ontario

P.S. in Manitoba

P.S. in Ontario

P.S. in Quebec

P.S. in Alberta

P.S. in Nova Scotia

P.S. in Saskatchewan

P.S. in Quebec

P.S. in Ontario

P.S. in Quebec

P.S. in British Colum

bia

P.S. in Nova Scotia

SQ

OPP

168 98 550

12

6

220 1119 52

33

131 4134 137 74 79 240 1200 54 350 125 119 130 211 4000 5222 5411

0.1 0.1 0.2 0.05 0 0 0 0.5 1.3 0

6

0 0.45 0 0 2

0.1 2.2

0 0 0 0 2

22 24

0 2 4 6 8

10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 50

# of full time officers who work on cyber crimes # of officers in police service

Table 3

For most, the time dedicated to cyber crime does not come close to having one

full time member dealing with this type of crime. Survey responder 8 from

Ontario is the only one officer in his service that is able to investigate cyber

crime. But he spends a mere 10% of his time on this task since he is a full time

member of the Sexual Assault Child Abuse Unit and can only do it when he has

time. He is the only officer with the proper courses but does not have a mandate

to investigate these offences. The service has no resources dedicated to cyber

crime although they have a standalone computer, which is supposed to be used


for online investigations. But they do not have the time to work on online

investigations.

An OPP member stated that any one of their 5,000 front line members may end

up investigating a traditional cyber crime. ‘The 9 members of the eCrime

Section assist all other OPP and municipal police investigators specifically by

forensically extracting data from target computer media and analyzing this data

allowing frontline officers to continue their traditional cyber crime investigations.’

(OPP Pers. Comm. 2004) There are 15 members of the Child Pornography

Section that deal exclusively with online child pornography.

A review of police service literature (e.g.: business and strategic plans),

interviews and surveys show that there are significant differences from one

municipal police force to the other in regards to dealing with cyber crime.

Provincially, the two main provincial police services seem to be on equal footing

in regards to resources and priority level of cyber crime. The SQ and the OPP

both have a section dedicated to cyber crime and both have put this type of crime

in their priority statements. As seen in table 3, the SQ has the equivalent to 22

officers working full time on cyber crime, while the OPP has 24.

Who should counter cyber crime in Canada?

Research and survey results suggest that there may well not be enough

resources within law enforcement agencies to contain cyber crime in Canada.

This then begs the question, are the underfunded, and in many cases under

skilled, police services the most appropriate authorities to deal with cyber crime?

The majority of surveyed police services believe that all police services

(municipal, provincial and federal) should be involved in the investigation of cyber

crime. There were a couple representatives of services that believed it should

fall within the RCMP’s mandate and some others who think that on top of all

levels of policing, other government departments should be involved, such as the


Department of National Defense (DND) and the CRA. A few services believe

that only police services with over a certain number of officers should have to

investigate this type of crime. The issue does not seem to be the who, but the

how. Without adequate trained resources, it is difficult for police services to

disrupt this type of crime.

Survey responder 3 from New Brunswick brings forth the idea of having mixed

units. He states:

I believe that Cyber crimes should be fought by all members of all agencies, I believe that mixed units should be formed regionally in order to help counter these crimes, not only would you gather experience and different points of view, but you also put together budgets and equipment. Instead of having three police forces with three mainframes, you use one mainframe for all three and spend the remaining money on other software or hardware needed.

As outlined in the Training section, this is presently being done for other types of

crimes in Canada, like Proceeds of Crime/Money Laundering. Members from the

RCMP, the CBSA, regional police forces, and others all form part of one team,

and investigate a specific type of crime, like money laundering. This

arrangement could certainly be established for cyber crime as well. As a step

further, Canada should consider looking at the AHTCC in Australia as a model

for a permanent national mixed unit. The AHTCC have brought together people,

skills and technology from a range of jurisdictions.

Is Canadian Law Enforcement Well Equipped to Fight Cyber Crime?

When asked if Canadian law enforcement is well equipped (with resources,

training, tools, legislation, etc) to counter cyber crime, most survey responders

did not think it is. (see table 4)


Is Canadian Law Enforcement Well Equipped to Fight Cyber Crime?

73%

15%

12%

No Yes Yes for certain crimes

Table 4

The following are reactions from a range of police service survey responders to

the question. For example, survey responder 10 from a New Brunswick police

service believes that ‘there is a lack of emphasis on this crime. As for what could

be done, there is a need for better training.’ Survey responder 3 from New

Brunswick believes that ‘as any other crimes, we are behind and will always be.

Criminals and/or terrorist have unlimited funding and time, opposed to law

enforcement where we run out of budget. Leaders want results and want them

as quick as possible, therefore that has a big impact on countering these crimes.’

Survey responder 5 from the O.P.P has a twofold opinion in regards to this

question.

Canadian law enforcement is excellent at this task at this time. This is a relatively new area of expertise and therefore limited budgets and human resources have been allocated to cybercrime issues without realization that most crime has a link to forensic computer evidence. Unfortunately this type of work is often done in the background like other forensic work and therefore does not receive due attention. Education of senior management and money managers would be helpful so cybercrime matters are elevated and Canadian law enforcement can be resourced


properly. This is always difficult as there are competing interests for limited tax dollars.

Addressing Cyber Crime

On the survey question relating to whether cyber crime needs to be addressed

today, only one surveyed police service did not believe that cyber crime is an

issue that needs to be addressed.

The majority of responders made comments that indicated that this was a

contemporary law enforcement problem that needed a response today. For

example, survey responder 6 from Alberta suggested that cyber crime is an

emerging and evolving crime trend that continues to get more and more

sophisticated. Statements like these show that police services are aware of this

type of crime, even though most of them do not address them. An interviewed

federal government employee working on the egovernment initiative expressed

a similar point of view; she indicated that it was a problem that needed managing

today. She said:

This is a definite priority that is recognized by other governments internationally, and resonates strongly with all communities across Canada. In addition, while I recognize that efforts made today will be costly, I fear that procrastination will increase the sophistication of cyber criminals and hence difficulty of any task to control/expose their activities in the future, as well heighten the risk that more individuals will be harmed and organizations will lose money.

Her comments encapsulate what is at stake if law enforcement procrastinates or

if there is insufficient funding to counter cyber crime. The reality is that money

spent today to train and educate law enforcement specialists would be money

saved in the long run. While more training and money doesn’t necessarily directly

translate into more arrests, the greater investment in this area of law

enforcement is bound to have an enhanced impact on the activities of cyber

criminals than is the case currently.


Research has shown that cyber crime priorities are set by each police service

individually. This has the potential for further disparities on a national definition of

cyber crime. Additionally, if some police services choose to disregard cyber

crimes as a whole, then this type of crime will keep increasing without any

obstructions. Perhaps the priority setting for cyber crime issues could be set by

the Canadian Association of Chiefs of Police (CACP) until relevant government

agencies provide further guidance and policies on the issue. This was the view

of survey responder 10 from New Brunswick who believes that cyber crime is an

issue that should be addressed by CACP. By CACP addressing the issue of

cyber crime, they could evaluate the situation and decide if it should be made a

priority for their membership and if so, put required pressure on government for

what they decide is required for law enforcement. CACP is dedicated to the

support and promotion of efficient law enforcement and to the protection and

security of the people of Canada. CACP established an ecrime committee in

2002 with the mandate to establish a leadership role in the development of an

administrative policy and standards for technologybased investigations. The

mandate includes the promotion of interagency cooperation in the detection and

investigation of internetbased crime and the establishment of training standards.

They are also involved in the identification of effective cooperation strategies to

combat ecrime at local, provincial, national and international levels, and to

facilitate public education on information security. (CACP 2003) Based on their

mandate, it is a reasonable conclusion that they should not only be putting

pressure on the Canadian government for additional funding to disrupt cyber

crime, but also pushing agencies for a greater prioritization of cyber crime issues.

With the support of it’s membership, through its member police chiefs and other

senior police executives the CACP represents in excess of 90% of the police

community in Canada, the CACP should be more influential than individual police

services. However, their website shows no activity beyond 2002 for the ecrime

committee; this could simply mean that their website lacks updating about

committees, or that the committee has yet to make recommendations in regards

to cyber crime. One can speculate that because government is not putting


pressure on cyber crime issues, the CACP is not focusing on it either. This could

become a vicious circle and end up with no one looking at the issue closely

enough.

This research has demonstrated that Canadian law enforcement agencies

require funding, training and government support in order to embark with a

unified front, on disrupting cyber crime in Canada. The consequences of the

Canadian government not acting to counter cyber crime could be severe. A

number of survey responders believe that Canada could become a haven for

electronic crime and that this type of criminality would be beyond our control if we

do not act seriously. Survey responder 2 from Saskatchewan said: ‘Canada

may become an electronic safe haven for those who engage in such criminal

activity if they were to suspect that our efforts to investigate and deal with the

issues offer a significant amount of impunity compared to other jurisdictions.’

The following are additional reactions, from municipal police services, on what

the consequences might be if the Canadian Government failed to act to counter

cyber crime.

The consequences would be severe. If we fall behind, it is always harder and is much more difficult to catch up. In major investigations seizing a computer is becoming very commonplace. Plus the number of offences that are committed using a computer has increased faster than any other field. When you look at this on a local level it is huge; however on a national or international level it is enormous. With the threat of organized crime and terrorist groups out there we have to get a handle on Cyber Crime as soon as we can. We need laws with teeth, and funding for all Police Services to counter this on every level. (Guelph Police Pers. Comm. 2005)

Survey responder 10 from New Brunswick judges that ‘if it is not addressed

adequately, police will be unable to keep up with the demand generated from

such crimes. [Also], this crime will increase in the future and police officers will

not be able to keep up with the demand due in part to the lack of training.’


Survey responder 11 from an Ontario police service believes that cyber crime will

only increase to a magnitude that will be beyond our control and comprehension

if it is not addressed. Survey responder 7 from Alberta asserts that cyber crime

has far reaching implications ranging from jurisdictional issues for both police and

the courts, to exploitation of vulnerable members of society, to national security,

to economic consequences for consumers.

Finally, survey responder 5 from the O.P.P sums up well what the stakes are for

law enforcement and society if law enforcement fails to successfully counter

cyber crime:

A core mandate of any police service is to protect public safety, property and infrastructure. Failure to do so would have severe consequences. Failing to investigate these crimes leaves perpetrators free to continue committing the crimes against persons and/or property. Failure to continue investigations that have been started due to lack of resources and competing interests for cybercrime investigators time, results in charges being dismissed and accused free to continue committing crimes against persons and/or property. Failure to investigate internetbased crime in general would also result in severe consequences, as it would jeopardize public confidence in the Internet, impacting the Internet economy, and a public loss in government Internet solutions for service delivery.


Conclusion

This research identified many areas where there are currently deficiencies in

Canada’s law enforcement response to cyber crime. Although the small number

of survey responses (overall, a 29% response rate was experienced, but the

response rate for the targeted electronically was 38%), and limited number of

interviews, it is believed that the goal of the research was reached. The goal of

the research was to assess Canadian law enforcement responses to cyber

crime. The objectives of the research were to discover the following:

What the current state of response to cyber crime is in Canada;

The available resources related to cyber crime for Canadian law enforcement

(in the form of human resources, training, legislation);

The level of priority cyber crime has for law enforcement organizations in

Canada;

Establish recommendations for further study and possible improvements to

the state of the response to cyber crime in Canada.

The issues identified all through the research, and summarized below are issues

that will undoubtedly come back to surface should a research of a broader scope

be undertaken. The survey responses and interview collected in this research

provide an impression of some general views about what’s right and wrong about

Canadian law enforcement responses to cyber crime, from law enforcement

officers themselves. Recommendations related to each issue are summarized

and further described in order to offer starting points to future research. It is

hoped that this research will prompt government officials in doing a more

comprehensive cross agency analysis of capabilities regarding cyber crime. A

followup study on the one done in 2002, the Feasibility of collecting statistics on

cyber crime in Canada, would be the perfect opportunity to look at the other

aspects of cyber crime in Canada. The research of 2002 prompted the update of

the UCR survey by adding the cyber crime element in January 2005 for police


services to collect appropriate statistics. A followup study could potentially yield

similar positive results; this time with a sample of official government statistics.

Summary of Recommendations

A followup study to the 2005 Feasibility of collecting statistics on cyber crime

in Canada, would be the perfect opportunity to look at the other aspects of

cyber crime in Canada.

A national definition of cyber crime and agreement on terminology would

assist Canada greatly in unifying all efforts involved in reducing or preventing

this criminal trend. It would be a logical next step to take the definition used

in the UCR survey, and make it the definition of cyber crime for Canada.

Additional allocation of funding for those deemed responsible for the

investigation of cyber crime is necessary in order to increase the level of

knowledge and expertise; whether it be decided to have this responsibility in

all police services on centralized in the provincial or federal governments.

The Canadian public requires more outlets and a greater awareness of cyber

crime reporting mechanisms, and cyber crime in general.

All levels and areas of government, as well as the public requires

A good place to address all issues and validate the suggested recommendations

could be for the government to commission a parliamentary report on Canada’s

response to cyber crime; a report much like this one but with greater detail and

scope to deliver official recommendations for possible government policy

changes.


The issues identified can broadly be grouped into two clusters. First there are the

issues of a lack of consensus on what constitutes cyber crime and data collected

about its various forms. Second, there is still a general lack of law enforcement

capability (coordination, intelligence, investigation, priority setting and training) in

dealing with cyber crime in Canada.

In the first category, the research highlighted the need for a uniform definition of

cyber crime, and terminology identifying it in the Canadian law enforcement

community. While a global definition would be ideal, as it would assist much

needed multijurisdictional cooperation, Canada should try to resolve agency

differences now, that relate to what constitutes cyber crime. A national definition

and agreement on terminology would assist Canada greatly in unifying all efforts

involved in reducing or preventing this criminal trend. It would be a logical next

step to take the definition used in the UCR survey, and make it the definition of

cyber crime for Canada. Police Services are now reporting statistics based on

this definition, therefore it would only make sense that it be the definition and

terminology used by all. Law enforcement history is replete with examples of

agencies not defining aspects of criminality in uniform ways, which hamper

further our collective understanding of the nature of illicit markets.

Once the decision is made on the definition and appropriate cyber crime lexicon,

everyone (the public, policy makers, lawyers, police and corporate world) has to

be made aware of it along with the consequences of committing such crimes and

the resources for victims to file their complaints and be heard.

Canada, like other modern western economies, has played a key role in both the

development of information technology and in the efforts to deal with new

challenges that arise from its use. Solutions to the new challenges posed by

information technology are inherently horizontal in nature and require an

inclusive approach to policy development, involving a wide variety of

stakeholders both in the public and private sectors. (RCMP n.d.a) Various


government departments and agencies within Canada deal with cyber crime. In

addition to police, federal government departments working on national security

and criminal justice, the private sector, foreign policy and critical infrastructure all

have to get more seriously involved in the ongoing efforts to develop solutions to

this increasingly prevalent crime. The United States believe that taken in total,

illegal cyber activities may soon become one of the principal longterm threats to

the homeland. The FBI Director named cyber crime the nation's number one

criminal problem. (Bureau of Justice Statistics 2001) Short of pulling the plug on

computers, as Grabosky (2000) suggests, to better manage cyber crime, nations

need to equip themselves with proper legislation, law enforcement and private

and public awareness in order for this criminal problem to diminish.

This assessment of Canadian law enforcement responses to cyber crime has

shown a positive interest from police services in getting involved in this struggle;

but a lack of means to do so. Despite a common recognition by most police

services surveyed that they are committed to getting involved in the struggle

against cyber crime, there is one final fundamental issue raised by most; that is

the lack of knowledge/expertise. There are a number of areas where law

enforcement, and more broadly the Canadian Criminal Justice System, could do

more to counter this crime. One of the most important issues that came out of

the research was the relative lack of national information on many aspects of

cyber crime and/or an insufficient sharing and coordination of information. A first

step in countering cyber crime is to map the criminal environment, a near

impossible task without reliable intelligence and data. Governments and the

police community rely on this information to help them enforce policies and

procedures as well as allocating resources to investigate and prevent the

incidence of cyber crime activity in Canada. As seen earlier, the national

collection of cyber crime statistics has only been recently (January 2005) initiated

with the adage of cyber crime as a crime element to the UCR survey. Eventually,

with statistics in hand, a more precise evaluation of cyber crime trends will be

possible.


Another issue realized through this research is linked to the previous one; the

reporting of cyber crime incidents by the public, to the police. Canadians not only

require more outlets and a greater awareness of reporting mechanisms, but there

is also a lot more that can be done in educating the public about what actually

constitutes a cyber crime. On the point of public education, there is a lot of

preventive information on police websites, but scarce information telling people

what to do if something wrong happens while online. Everybody knows that

getting something stolen is a crime that requires police involvement. Not

everyone knows that if you are victim of a phishing scheme and lose money, that

it is a crime. And the ones that do know that this type of fraud is a crime, might

not know where to report it, or end up at a police service who does not deal with

complaints of cyber related crimes.

Secondly, this research identified overall that Canadian law enforcement

capabilities were low in some areas, particularly in resourcing, training and

priority setting. There is general recognition that law enforcement should be

doing more. For example, the RCMP (RCMP 2001) believe that law enforcement

must be committed to developing strategic solutions and the necessary

resources required to handle increasing demands to prevent, detect and respond

to criminal activity on the Internet. However, governments must be committed in

doing this as well. A good place to start may well be for the government to

commission a parliamentary report on Canada’s response to cyber crime; a

report much like this one but with greater detail and scope to deliver

recommendations for possible government policy changes. Despite a common

recognition by most police services surveyed that they are committed to getting

involved in the struggle against cyber crime, there is one final fundamental issue

raised by most; that is the lack of knowledge/expertise. There are several

reasons for which most police services do not have cyber crime experts, the

most prevalent of which is the lack of resources. The police are mandated to

protect communities and to respond to public complaints, whether these


complaints involve people driving erratically on the highway, or involve groups

hacking the information highway. Canadian police services must be more

‘enculturated’ by government authorities that this is a priority for Canada. There

needs to be in some agencies, mindset shift about investigating cyber crime as

opposed to other more ‘traditional’ forms of crime. But cultural change also

requires commitment regarding resources and funding to hire and/or train experts

to respond to these types of crimes. Additionally, the benefits would be

enormous if police services had the ability to be proactive instead of strictly

reactive to cyber crime complaints. If government does not want to put the

mandate in municipal police service’s hands, then an appropriate agency to refer

cases to is required. Alternatively, if the mandate is to fall within the provincial

and federal police services, they need additional resources if they have to take

on the national responsibility of cyber crimes. Perhaps the answer is to create

one central organization such as the AHTCC in Australia, (whether within the

RCMP or PSEPC by altering the mandate of the Canadian Cyber Incident

Response Centre, or on its own) to deal with all cyber crime cases. This

organization could be staffed with police officers, civilians, public servants from

other departments such as CRA, CBSA and other relevant stakeholders under

one roof. There could be a triage mechanism for all incoming requests for

assistance, then a distribution by milieu of expertise to inhouse staff and/or

international liaisons/partnerships, and so on.

There are unquestionably many different options that can be brought forth and

evaluated. What is important is that Canada have qualified people to investigate

cyber crime, whether in a hundred different police services, or under one

organization.

As pointed out earlier, this research has demonstrated that Canadian law

enforcement agencies require funding, training and government support in order

to embark on a unified assail against cyber crime. It is believed that the

consequences of the Canadian government not acting to counter cyber crime

http://www.ocipep.gc.ca/ccirc/index_e.asp


could be severe, as detailed earlier in a sample of comments from survey

responders. While it would appear that Canada is not facing a worstcase

scenario of being a ‘haven for cyber criminals’, this research provides at least

some support to the view that law enforcement still does not have a full

understanding of the nature of the threats or how to control them. Whatever the

risks of not fully being engaged in countering this activity, the multiple

consequences of ‘not knowing’ your threat environment as it is today are

worrying enough, let alone what awaits us over the horizon.

Relevant literature in 1978 foreshadowed that law enforcement needed to better

prevent cyber criminals’ use of technology to commit crimes (Bequai, 1978). It

seems that twentyseven years later we have identified some similar conclusions

reached by Bequai about the cyber activities of terrorists, fraudsters, sexual

predators and other criminals who commit crimes. However, the assessment of

Canadian Law enforcement’s response to their activities suggests that while our

understanding of these crimes may be better, our capabilities to detect, prevent,

or reduce them are still ominously insufficient.


APPENDIX A – CONSENT FORM

CONSENT FORM MANAGING CYBER CRIME: AN ASSESSMENT OF CANADIAN LAW

ENFORCEMENT RESPONSES

Research Project: Managing Cyber crime: an Assessment of Canadian Law Enforcement Responses

Researcher: Cathy F. Maltais 309, A.Primeau, Gatineau, QC, J8R 1C2 (819) 6439962 [email protected]

I, ______________________________ [print name] consent to participate in the research project titled “Managing Cyber Crime: an assessment of Canadian law enforcement responses.”

I understand that I am free to withdraw my participation in the research at any time and that if I do I will not be subjected to any penalty or discriminatory treatment.

The purpose of the research has been explained to me, and I have been given the opportunity to ask questions about the research and received satisfactory answers.

I permit the investigator to tape record my interview as part of this project.

I understand that any information or personal details gathered in the course of this research about me are confidential and that neither my name nor any other identifying information will be used or published without my written permission.

PolicingEHRC, Charles Sturt University, has approved this study. I understand that if I have any complaints or concerns about this research I can contact:

Presiding Officer PolicingEHRC Charles Sturt University Locked Bag 2005, Goulburn, NSW, 2580 Fax. 02 48 232 786

Any issues you raise will be treated in confidence and investigated fully and you will be informed of the outcome.

Signed by ____________________________________

Date ____________________________________

APPENDIX B – SURVEY

Many people and organizations have different definitions or views of what Cyber Crime is. In order to answer the questions on this survey, we are using the definition provided by Public Safety and Emergency Preparedness Canada (PSEPC), which is split into two parts (labeled as PART 1 and PART 2). It is important that you answer the questions to reflect either parts of or the whole definition as not every organization identifies with the full definition.

PSEP defines cyber crime (also referred to as computer crime, electronic crime or high tech crime) as follows:

QUESTIONS PART 1 of

definition

PART 2 of

definition

Definition as a whole

Q1 Do you agree with the above definition? If you only agree with Part 1 or Part 2, please indicate in the appropriate box; if you agree with the whole definition, please indicate in the last box.

COMMENTS:

Q2 How many officers work for your Service?

Computer systems offer some new and highly sophisticated opportunities for criminal activities and they create the potential to commit traditional types of crimes in nontraditional ways. There is an ongoing debate amongst experts on what exactly constitutes a computer or "cyber" crime; however, experts generally agree that hightech crime falls into two broad categories:

• The first category of hightech crimes is "traditional crimes" that are now being committed with the use or aid of a computer. This includes computerassisted crimes such as money laundering, the distribution of child pornography, the sale of illegal drugs, Internet fraud, illegal gambling, and hate propaganda. In addition, new technologies can also be used to shield, store or communicate criminal/terrorist activities. (PART 1)

The advent of computer technology within our society has also created a host of new types of offences and abuses.

• The second category of hightech crime includes crimes directed against a computer or a computer network itself, or "pure" hightech crime. Pure hightech crime includes such offences as unauthorized use of computer systems (e.g. hacking) and mischief in relation to data (e.g. denial of service attacks and virus transmission). (PART 2)

Taken together, hightech crime includes the broad spectrum of criminal activity including pure computer crimes targeted to computer systems or their contents and computer assisted crimes.


ANSWER

QUESTIONS PART 1 of

definition

PART 2 of

definition


Q3 How many officers work on preventing cyber/electronic crime? If some work on preventing Part 1 of the definition and others on Part 2, please put numbers in appropriate box. If your number is for the definition as a whole, put number in the last box. If none, please explain why in the box below. (i.e.: Not enough resources, not a priority, no trained personnel, etc.)

COMMENTS:

Q4 What percentage of the above officers' time is dedicated to this task of preventing cyber crime?

COMMENTS:

Q5 How many officers work on countering and investigating cyber/electronic crime? If some work on countering Part 1 of the definition and others on Part 2, please put numbers in appropriate box. If your number is for the definition as a whole, put number in the last box. If none, please explain why in the box below. (i.e.: Not enough resources, not a priority, no trained personnel, etc.)

COMMENTS:

Q6 What percentage of the above officers' time is dedicated to this task of countering cyber crime?

COMMENTS:

Q7 Is cyber/electronic crime a priority for your Service? If only one of the parts of the definition is a priority, please mark appropriate box. If it is a priority with the definition as a whole, then mark last box. If no, please explain why in the box below. (i.e.: Not enough resources, no trained personnel, not an issue in your area, etc.)

COMMENTS:


QUESTIONS PART 1 of

definition

PART 2 of

definition


Q8 Are there any courses related to cyber/electronic crime as part of your Service's training program for new recruits ? If there are some related to Part 1, but not Part 2, and vice versa, please mark in appropriate box. If yes, please list them in the box below.

COMMENTS:

Q9 Are courses/training available to your current officers on cyber/electronic crime, such as courses offered by the Canadian Police College ? If there are some related to Part 1, but not Part 2, and vice versa, please mark in appropriate box. If yes, please list them in the box below and indicate if they are mandatory or offered on a voluntary basis.

COMMENTS:

Q10 Do you hire civilians to work on cyber/electronic crime? If yes to work on Part 1, but not Part 2, and vice versa, please mark in appropriate box. If yes, please indicate in the box below your hiring criteria and how many you employ.

COMMENTS:

Q11 Are your recruitment pre requisites (medical, physical, etc) the same for people interested in working with technology/cyber crime as those interested in countering “street” crime? If yes to work on Part 1, but not Part 2, and vice versa, please mark in appropriate box.

COMMENTS:

Q12 Who do you think should counter cyber/electronic crime in Canada ?

COMMENTS:

Q13 Do you believe Canadian law enforcement is well equipped to counter cyber/electronic crime? If yes to counter Part 1, but not Part 2, and vice versa, please mark in appropriate box. If no, what do you think is lacking? What do you think could be done?


COMMENTS:

QUESTIONS PART 1 of

definition

PART 2 of

definition


Q14 Do you believe that cyber/electronic crime is an issue that needs to be addressed by law enforcement? If yes to Part 1, but not Part 2, and vice versa, please mark in appropriate box. If no, please identify in the box below who you think should address it.

COMMENTS:

Q15 Do you believe that cyber/electronic crime should be addressed today? If yes to Part 1, but not Part 2, and vice versa, please mark in appropriate box.

COMMENTS: Q16 What do you think might be the consequences if the Canadian Government failed to act

to counter cyber crime? In addition, please rate the consequences severe to low and state your reasons.

ANSWER:

YES NO Q17 Can we contact you if we have further questions? Q18 Can we use your name in the report if required for referencing? Q19 Can we use your Service’s name in the report if required for referencing? Q20 Would you like to receive a copy of the research report once it is completed?

Police Service: Name: Position/rank/: Email/phone number:

COMMENTS:

APPENDIX C – POLICE SERVICE SURVEY RESPONDERS BY PROVINCE

Canada’s population 31 946 300 (Statistics Canada 2004c)

§ The RCMP polices all of Yukon, Northwest Territories and Nunavut. § The RCMP also polices communities that do not have their own police service in

BC, AB, SK, MB, NB, NS and PEI. § In Ontario and Quebec, the Provincial Police Services (OPP and SQ) police the

majority of communities where there is no municipal police service. § In Newfoundland, the Newfoundland Constabulary polices most communities.

7 542 800

12 392 700

517 000

937 000

137 900

751 400

1 170 300 995 400

3 201 900

4 196 400

42 800

31 200

= Participant Municipal Police Service

= Participant Provincial Police Service


APPENDIX D COURSES AT THE CPC

Canadian Internet Child Exploitation Course – 10 days

This course is designed to prepare investigators in their investigations and

prosecutions of online offences related to the sexual exploitation of children.

This course covers topics such as how to:

Identify the offence;

Form an opinion on whether they believe the images viewed are child

porn;

Take a computer apart;

Write a child exploitation related search warrant;

Use both online tools and more traditional techniques to gather evidence;

Execute a search warrant;

Prepare a press release;

Prepare a release and conditions;

Testify in court;

Update appropriate databases;

Describe future challenges;

Interview possible pedophiles;

Describe the psychological impact this job has on them. (CPC, n.d.)

To be eligible to attend this course, the potential student must be currently

working fulltime, investigating child exploitation crimes or be sanctioned to

investigate child exploitation crimes and have completed the INTSTB course,

or its equivalent.

Computer Forensic Examiner (CMPFOR) – 15 days

This course is for law enforcement officers who may be required to seize and

analyze potential digital evidence found on computer hardware. During this

course, the specialized forensic foundations and practical skills required to

recognize, recover, examine and document findings when dealing with

personal computer systems are covered.

This course covers topics such as:


Computer hardware;

Hard disk topology;

Law and evidence;

Forensic seizure of computer data;

Modern computer file systems;

Windows forensic software. (CPC n.d.e)

To be eligible to attend this course, the potential student must obtain 75% on

a preadmission exam.

Cybercrimes Investigative Techniques (CYBER) – 10 days

This course is designed to give students adequate skills to identify potential

avenues of investigation when dealing with cyber crimes.


Internet security issues and fraud concerns;

Internet security problems and safeguards;

World Wide Web and search engine technology;

PGP (Pretty Good Privacy) encryption;

Considerations in developing an effective research plan;

Introduction of TCP/IP;

Electronic Mail;

Usenet (how to break down Usenet postings);

IRC (Netmeeting, ICQ, Hotline);

Telnet;

Undercover investigations (CPC n.d.f).

To be eligible to attend this course, the student must be an experienced

investigator with a requirement to do online investigations. Course applicants

must also have successfully completed the CMPFOR course or demonstrate

his/her proficiency using DOS commands. These requirements limit the

potential intake of students because potential students whom do not have the

DOS skills might still be interested in doing online investigations. The course

prerequisites do not mirror the contents of the course. The CMPFOR course

focuses on computer forensics whereas this one focuses on the Internet.


One can investigate online crime without doing the forensics of the computers

used in the commission of the crimes. It’s like saying that a homicide

detective needs to be able to perform an autopsy in order to learn how to

investigate a homicide.

Internet Searching Techniques Basic (INTSTB) 1620 hours self directed learning

This course serves as an introduction to the Web as a police intelligence tool.

It takes students through many of the advanced features of both the better

and lesser known search tools as well as resources of specific interest to the

law enforcement community.


Most popular search engines;

Meta search sites, mega search site and advanced search queries;

Newsgroups and web forums research;

Web sites authoring. (CPC n.d.b)

There are no prerequisites to attend this course.

Internet Searching Techniques Intermediate (INTSTI) 2535 hours, self directed learning

Following through on the skills gained during the basic Internet Searching

Techniques course (INTSTB), this course introduces students to the principals

of Open Sources Research and the Intelligence Analysis process.


The use of the Internet as an investigative tool;

Search engine mechanics;

Advanced browser functionality;

Specialized databases and search tools. (CPC n.d.c)

To be eligible to attend this course, the student must be familiar with basic

search engine use as outlined in the basic course (INTSTB). It is highly

recommended that students complete the basic course before taking this

course.


Internet Searching Techniques Advanced (INTSTA) 3040 hours, self directed learning

This course illustrates how an investigator may be exposed online and the

techniques and tools that can be employed to effectively overcome this

problem.


Introduction to Internet Architecture and Network Analysis Tools;

Introduction to online privacy and anonymity;

Advanced anonymity tools;

Maintaining online security. (CPC n.d.a)

To be eligible to attend this course, the student must have completed the

INTSTI course and be able to install software applications such as

VisualRoute, MultiProxy and ZoneAlarm.

Network Principles and Investigative Techniques (NPITC) – 10 days This course provides investigators with the technical level of knowledge and

skills necessary to complete common searches, seizures and investigations

involving a network.

To be eligible to attend this course, the student must be established as a high

tech crime investigator, and have successfully completed the CMPFOR

course, or have the equivalent knowledge.

Network Intrusion and Incident Investigation (NETINT) – 10 days

This course is designed to arm high tech crime investigators with the basic

knowledge and skills necessary to evaluate a network intrusion complaint,

determine the need to investigate the incident, and complete a successful

investigation of the incident when warranted.


InterNetworking concepts;

The fundamentals of TCP/IP;

Network security;

How networkbased exploits operate;


How a Network Incident is handled and investigated;

Introduction to intrusion detection;

Network traffic and logbased analysis. (CPC n.d.g)

To be eligible to attend this course, the student must be a Technological

Crime Investigator assigned to investigate network intrusion cases, have

successfully completed the CMPFOR, the NPITC and the Linux course. It is

also highly recommended that students complete the INTSTB course before

taking this course.

Using the Internet as an Intelligence tool (INTINT) – 5 days

This course was developed to assist investigative personnel in becoming

more proficient in Internet based online research activities and as an

introduction to Internet and computer related investigations.


Using the Internet as an Effective Police Research Tool;

Search Engine Fundamentals handson and indexing patterns;

Introduction to USENET newsgroups, Web Forums and Blogs;

Newsgroup search fundamentals (handson);

Searching Exercise (handson);

Web Browser advance features overview (book marking, monitoring and

finding);

Overview Open Source Intelligence and the Intelligence Analysis

Process;

Introduction to Web site mapping tools (handson);

Introduction to Internet architecture;

Introduction to Trace Route and associated tools;

Desktop firewalls (handson);

Introduction to Internet Relay Chat;

Web site design basics;

Introduction to Advanced Research Tools.

Students that have completed the online Internet searching basic,

intermediate and advanced Course should not attend this course. (CPC n.d.d)


This course is targeted at those with limited Internet experience and is open to

various people, from administrative to enforcement.

Linux Forensic Techniques (LINUX) – 10 Days – online technological course

This course is designed specifically for experienced technological crime

investigators who possess a basic knowledge of the Linux operating system

and who may be required to seize and/or analyse computer hardware running

Linux. This course takes an indepth look at some aspects of the Linux

operating system and the Second Extended File System. The course

addresses the forensic analysis of a Linux based system as well using a Linux

based system as an investigative / analysis tool.


Linux basics review;

Second Extended File System structure;

Proper seizing procedure;

Imaging;

Searching;

Data recovery;

Linux tools and utilities;

Linux forensics using Windows tools. (CPC n.d.h)

To be eligible to attend this course, the student must have passed the

CMPFOR, completed an online general Linux course and have successfully

passed the preadmission exam. In addition, the student must be an

investigator with a mandate to perform forensic analysis of personal

computers.

The CPC also offers a Macintosh course titled “Macintosh Electronic Search

and Seizure”.

The CPC is also planning to introduce courses in ‘Advanced Cyber Crimes’.


APPENDIX E – ATLANTIC POLICE ACADEMY CYBER CRIME COURSE

Internet crime course 5 Days

This course is designed for Police Officers involved in investigative duties,

which may be called upon to investigate Internet related offences. He/she is

expected to have a working knowledge of Internet search engines and email

prior to the start of the course.


Introduction to PC Hardware;

Networks;

Internet (Introduction, history, configuration, bandwidth, IP addresses,

PING, TRACEROUTE, SCANNING, Ports);

Security (Passwords, encryption, virii, trojans, and firewalls);

Hacking;

ISP’S;

Warrants and Charges;

Tech Crime Units;

Advanced Internet (Spam, Spoof, IRC, Chat, ICQ, FTP, WWW);

Email;

Child Pornography. (Atlantic Police Academy 2005)


REFERENCE LIST

Agence FrancePresse (AFP) 2005, Plus de 500 internautes pédophiles arrêtes dans 12

pays, 16 March 2005, Madrid, Spain, viewed 16 March 2005, < http://www.cyberpresse.ca/outil/imprimer.php?id=T1RVNU1qa3k=>.

Atlantic Police Academy 2005, homepage, Canada, viewed 15 February 2005, <http://www.hollandc.pe.ca/APAInService/InServiceCalendarWide.htm>.

Attorney General 2004, McGuinty Government and Police Join Forces to go After Internet Predators and Child Pornographers, last updated 13 October 2004 Ontario, Canada, viewed 28 March 2005, < http://www.attorneygeneral.jus.gov.on.ca/english/news/2004/20041013 internetnr.asp>.

Australian High Tech Crime Centre (AHTCC) 2003, homepage, Australia, viewed 31

January 2005, <http://www.ahtcc.gov.au/police_act.htm>.

Baer, N n.d., eProsecutions at the crossroads of computers and crime, Department of

Justice Canada, Ottawa, Canada, last updated 26 September 2003, viewed 18 February 2005, < http://canada.justice.gc.ca/en/dept/pub/jc/vol3/no1/page4.html>.

BBC News 2001, Life of Crime Part 5, United Kingdom, viewed 14 February 2005, < http://news.bbc.co.uk/hi/english/static/in_depth/uk/2001/life_of_crime/cybercri minals.stm>.

Bequai, A 1978, Computer Crime, Lexington Books, Canada and United States.

Britannica Concise Encyclopedia 2005, from Encyclopædia Britannica Premium

Service. viewed October 22, 2005, http://www.britannica.com/ebc/article9396775

Bureau of Justice Statistics 2001, An Overview of OJP Bureaus, Offices, and COPS Information Technology Initiatives, United States.

Calgary Police Service 2003, Annual Report 2003, Calgary, Canada.

Canadian Police College (CPC) n.d., homepage, last updated 30 September 2004, Ottawa, Canada, viewed 8 February 2005, <www.cpc.gc.ca

>.

Canadian Police College (CPC) 2004, International Cybercrime Training Action Group,

homepage, Ottawa, Canada, viewed 12 August 2004, < http://www.cpc.gc.ca/ictag/ictag_e.htm>.

Canadian Police College (CPC) n.d.a, last updated 30 September 2004, INTSTA,

http://www.cyberpresse.ca/outil/imprimer.php?id=T1RVNU1qa3k

http://www.hollandc.pe.ca/APAInService/InServiceCalendarWide.htm

http://www.attorneygeneral.jus.gov.on.ca/english/news/2004/20041013-internet-nr.asp

http://www.ahtcc.gov.au/police_act.htm

http://canada.justice.gc.ca/en/dept/pub/jc/vol3/no1/page4.html

http://news.bbc.co.uk/hi/english/static/in_depth/uk/2001/life_of_crime/cybercriminals.stm

http://www.britannica.com/ebc/article-9396775

http://www.cpc.gc.ca/

http://www.cpc.gc.ca/ictag/ictag_e.htm


Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intsta_e.htm>.

Canadian Police College (CPC) n.d.b, last updated 30 September 2004, INTSTB, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intstb_e.htm>.

Canadian Police College (CPC) n.d.c, last updated 30 September 2004, INTSTI, Ottawa,

Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intsti_e.htm>.

Canadian Police College (CPC) n.d.d, last updated 30 September 2004, INTINT, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/intint_e.htm>.

Canadian Police College (CPC) n.d.e, last updated 30 September 2004, CMPFOR, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/cmpfor_e.htm>.

Canadian Police College (CPC) n.d.f, last updated 30 September 2004, CYBER, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/cyber_e.htm>.

Canadian Police College (CPC) n.d.g, last updated 30 September 2004, NETINT, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/netint_e.htm>.

Canadian Police College (CPC) n.d.h, last updated 30 September 2004, LINUX, Ottawa, Canada, viewed 8 February 2005, < http://www.cpc.gc.ca/courses/descript/linux_e.htm>.

CanCERT 2003, homepage, Canada, viewed Feb.7, 2005, <http://www.cancert.ca/Home/Default.php>.

Canadian Association of Chiefs of Police(CACP) 2003, CACP Annual Review 2003, Ottawa, Canada.

Clifford, R.D. 2001, Cybercrime, the investigation, prosecution and defense of a computerrelated crime, Carolina Academic Press, United States, p.169.

Council of Europe (CoE) 2001, Convention on Cybercrime, electronic version, European

Treaty Series, No.185, Budapest, < http://conventions.coe.int/Treaty/en/Summaries/Html/185.htm>.

Death Penalty / Fear of Execution 2000, last updated 16 June 2000, viewed 2 February

2005, <http://web.amnesty.org/library/print/ENGASA170272000>.

Department of Justice Canada (DoJ) 2002, Electronic commerce, electronic version, Research & Statistics, Ottawa, Canada, <http://www.canada.justice.gc.ca/en/ps/rs/rep/qa021/qa021.html>.

Department of Justice Canada (DoJ) n.d., A Survey of Legal Issues Relating to the

http://www.cpc.gc.ca/courses/descript/intsta_e.htm

http://www.cpc.gc.ca/courses/descript/intstb_e.htm

http://www.cpc.gc.ca/courses/descript/intsti_e.htm

http://www.cpc.gc.ca/courses/descript/intint_e.htm

http://www.cpc.gc.ca/courses/descript/cmpfor_e.htm

http://www.cpc.gc.ca/courses/descript/cyber_e.htm

http://www.cpc.gc.ca/courses/descript/netint_e.htm

http://www.cpc.gc.ca/courses/descript/linux_e.htm

http://www.cancert.ca/Home/Default.php

http://conventions.coe.int/Treaty/en/Summaries/Html/185.htm

http://web.amnesty.org/library/print/ENGASA170272000

http://www.canada.justice.gc.ca/en/ps/rs/rep/qa02-1/qa02-1.html


Security of Electronic Information, last updated 24 April 2003, Department of Justice, Ottawa, Canada, viewed 31 March 2005, < http://canada.justice.gc.ca/en/ps/ec/toc.html>.

Department of Justice (DoJ) 2003, Lawful Access FAQ, last updated 14 August 2003,

Ottawa, Canada, viewed 18 September 2004, <http://canada.justice.gc.ca/en/cons/la_al/summary/faq.html>.

etopics 2005, Middle East still oblivious to cyber crime, viewed 14 February 2005, <www.e topics.com/index.asp?layout=topic_story&UserID=2003072813161689985>.

Foreign Affairs Canada (FAC) n.d., last updated 16 August 2004, Cyber Crime, Ottawa,

Canada, viewed 12 August 2004 and 22 February 2005, <http://www.dfaitmaeci.gc.ca/internationalcrime/cybercrimeen.asp>.

Federal Bureau of Investigation (FBI) 2003a Law Enforcement Bulletin, electronic version, March 2003, Vol.72, No.3, United States, < http://www.fbi.gov/publications/leb/2003/mar03leb.pdf>.

Federal Bureau of Investigations (FBI) n.d., Investigative Computer Training Unit, Virginia, United States, viewed 10 January 2005, < http://www.fbi.gov/hq/td/academy/ictu/ictu.htm>.

Federal Bureau of Investigations (FBI) 2003b, Facts and Figures 2003, United States,

viewed 10 January 2005, <http://www.fbi.gov/priorities/priorities.htm>.

Glossary n.d., viewed 30 June 2005, <www.kerio.com/manual/kwf/en/go01.html>.

Government OnLine (GOL) n.d., homepage, last updated 13 May 2004, Ottawa, Canada, viewed 23 March 2005, <http://www.golged.gc.ca/index_e.asp>.

Grabosky, P 2000, Cyber Crime and Information Warfare, Australia, viewed 8 September 2004, < http://www.aic.gov.au/conferences/transnational/grabosky.pdf>.

Graycar, A 2000, Nine types of cyber crime, electronic version, Australia, viewed 1 December 2004, < http://www.aic.gov.au/conferences/other/graycar_adam/200002 cybercrime.html>.

ITAC 2000, IIIC Common View Paper on Cyber Crime, electronic version, <http://www.itac.ca/Library/PolicyandAdvocacy/CyberSecurityandPrivacy/ITA CApprovedIICCommonViewsPaperonCyberCrime.htm>.

Industry Canada 2002, Key Indicators on ICT Infrastructure, Use and Content, Cat. No.

C2520/2002, Ottawa, Canada.

Ipsos News Centre 2001, Majority of Canadians Don’t Believe Enough is being done to

http://canada.justice.gc.ca/en/ps/ec/toc.html

http://www.e-topics.com/index.asp?layout=topic_story&UserID=2003072813161689985

http://www.dfait-maeci.gc.ca/internationalcrime/cybercrime-en.asp

http://www.fbi.gov/publications/leb/2003/mar03leb.pdf

http://www.fbi.gov/hq/td/academy/ictu/ictu.htm

http://www.fbi.gov/priorities/priorities.htm

http://www.google.ca/url?sa=X&start=10&oi=define&q=http%3A//www.kerio.com/manual/kwf/en/go01.html

http://www.gol-ged.gc.ca/index_e.asp

http://www.aic.gov.au/conferences/transnational/grabosky.pdf

http://www.aic.gov.au/conferences/other/graycar_adam/2000-02-cybercrime.html


Protect Internet Consumers From Cyber Crime And Half Feel Threatened, Canada, viewed 12 August 2004, <http://www.ipsosna.com/news/pressrelease.cfm?id=1191&content=full>.

Kowalski, M 2002, CyberCrime: Issues, Data Sources, and Feasibility of Collecting PoliceReported Statistics, Canadian Centre for Justice Statistics, Catalogue no. 85558XIE, Ottawa, Canada.

LeBeuf, ME 2000, The implications of using information technology for police investigators in Canada, Canadian Police College, Ottawa, Canada.

Lilley, P 2002, Hacked, Attacked and Abused, Kogan Page, London, U.K.

London Police Service 2003, Year in Review 2003, London, Canada.

Mark, R 2005, Phishing: a snatch or 5 years of jail? 2005, in Internetnews.com, 6 March

2005, viewed 16 March 2005, <http://www.crimeresearch.org/news/06.03.2005/1011>.

McConnell 2001, Canadian Cyber Crime Laws Are Among the Strongest, viewed 12 August 2004, United States, < http://www.iwar.org.uk/law/resources/cybercrime/mcconnell/20010102.htm>.

McConnell 2000, Cyber Crime . . . and Punishment?, electronic version, viewed 15 July

2004, <http://www.mcconnellinternational.com/services/CyberCrime.pdf>.

Microsoft 2005, Microsoft Security Cooperation Program, last updated 3 March 2005, viewed 8 June 2005,

<http://www.microsoft.com/Industry/government/scp.mspx>.

Naraine, R 2004, FBI's CyberCrime Chief Relates Struggle for Top Talent, last updated

November 2004, viewed 8 December 2004, <http://www.findarticles.com/p/articles/mi_zdewk/is_200411/ai_n7582558>

O’Brien, M n.d., Understanding computer crime, MPRM Group Limited, Canada, viewed

6 October 2004, <http://www.mobrien.com/computer_crime.html>.

Ontario Police College (OPC) 2003, homepage, last updated 29 April 2003, Ottawa, Canada, viewed 16 February 2005, <http://www.mpss.jus.gov.on.ca/english/ police_serv/ont_police_col/overview.html>.

Ontario Provincial Police (OPP) n.d., homepage, Canada, viewed 8 December 2004, <www.opp.on.ca>.

Ontario Provincial Police (OPP) 2004, Investigations Support Bureau, Canada, viewed 8

December 2004, <http://www.gov.on.ca/opp/orginvcrime/english/isb.htm>.

Optymise n.d., webpage, Christchurch, New Zealand, viewed 30 June 2005, <http://www.optymise.co.nz/resources/glossary.asp>.

http://www.ipsos-na.com/news/pressrelease.cfm?id=1191&content=full

http://www.crime-research.org/news/06.03.2005/1011

http://www.iwar.org.uk/law/resources/cybercrime/mcconnell/20010102.htm

http://www.mcconnellinternational.com/services/CyberCrime.pdf

http://www.mobrien.com/computer_crime.html

http://www.mpss.jus.gov.on.ca/english/%20police_serv/ont_police_col/overview.html

http://www.opp.on.ca/

http://www.gov.on.ca/opp/orginvcrime/english/isb.htm


Peel Police Service 2002, Peel Police Service Strategic Plan 20022004, Brampton, Canada.

Penal Code Section 1351013519.12 n.d., California Penal Code, United States, viewed

15 February 2005, <http://www.leginfo.ca.gov/cgi bin/displaycode?section=pen&group=1300114000&file=1351013519.12 >.

POLCYB 2004, 2004 International Law Enforcement Cybercrime Award, Abstract from

Other Contestants, Canada, viewed 14 March 2005, < http://www.polcyb.org/Events/ILECA/04_ILECA_Other.htm>.

POLCYB 2002, The Society for the Policing of Cyberspace, Canada, viewed 29 November 2004, <http://www.polcyb.org/vision.htm>.

PSEPC 2003, Fact Sheet: Hightech Crime, last updated 29 July 2003, Ottawa, Canada,

viewed 6 October 2004<http://www.psepc sppcc.gc.ca/policing/organized_crime/FactSheets/high_tech_crime_e.asp>.

PSEPC 2004, Best Practices for Preventing Online Identity Theft, last updated 23 August 2004, Ottawa, Canada, viewed 6 October 2004, < http://www.ocipep.gc.ca/opsprods/info_notes/IN04002_e.asp>.

PSEPC 2005, Government of Canada Announces Cyber Security Initiatives, Ottawa, Canada, viewed 2 February 2005, <http://www.psepc.gc.ca/publications/news/2005/20050202_e.asp>.

RCMP n.d.a, Technological Crime, Ottawa, Canada, viewed 8 August 2004, <http://www.rcmpgrc.gc.ca/techops/tcb_e.htm>.

RCMP 2001, Hackers: A Canadian Perspective, Part II, electronic version, Criminal Intelligence Directorate, Ottawa, Canada, viewed 6 September 2004, <http://www.rcmpgrc.gc.ca/crimint/hackers_a_e.htm>.

RCMP n.d.b, Computer Crime Prevention, last updated 8 October 2003, Ottawa, Canada, viewed 26 February 2005, <http://www.rcmpgrc.gc.ca/scams/ccprev_e.htm>.

Seagrave, J 1997, Introduction to Policing in Canada, Prentice Hall Canada, Scarborough, Canada.

Smith, R.G., Grabosky, P & Urbas, G 2004, Cyber Criminals on Trial, Cambridge University Press, Australia.

Statistics Canada 2004a, Internet Use in Canada, electronic version, Ottawa, Canada,

viewed 18 October 2004, < http://www.statcan.ca/english/freepub/56F0003XIE/index.htm>.

Statistics Canada n.d., Demographic statistics, last updated 29 September 2004, electronic version, Ottawa, Canada, viewed 18 October 2004, < www.statcan.ca/Daily/English/040929/d040929d.htm>.

http://www.leginfo.ca.gov/cgi-bin/displaycode?section=pen&group=13001-14000&file=13510-13519.12

http://www.polcyb.org/Events/ILECA/04_ILECA_Other.htm

http://www.polcyb.org/vision.htm

http://www.psepc-sppcc.gc.ca/policing/organized_crime/FactSheets/high_tech_crime_e.asp

http://www.ocipep.gc.ca/opsprods/info_notes/IN04-002_e.asp

http://www.rcmp-grc.gc.ca/scams/ccprev_e.htm

http://www.statcan.ca/english/freepub/56F0003XIE/index.htm

http://www.statcan.ca/Daily/English/040929/d040929d.htm


Statistics Canada 2004b, Uniform Crime Reporting Survey, last updated 27 January 2005, Canadian Crime Statistics, catalogue no.85205, Ottawa, Canada, viewed 28 January 2005, <http://www.statcan.ca/english/sdds/3302.htm>.

Statistics Canada 2005, Uniform Crime Reporting Incident Based Survey Reporting Manual, Canadian Centre for Justice Statistics, Policing Program, Ottawa, Canada.

Statistics Canada 2004c, Population by year, by provinces and territories, Ottawa, Canada, viewed 28 March 2005, <http://www40.statcan.ca/l01/cst01/demo02.htm>.

Stop Spam Here n.d., Three Key Tips for Combating Spam, Canada, viewed 24 February 2005, <http://stopspamhere.ca>.

Surete du Quebec (SQ) 2001, Stratégie 20012004 2001, Quebec, Canada.

Symmetric Triangle n.d., Glossary, viewed 30 June 2005, <http://www.symmetrictriangle.com/glossary.asp>.

The University of Arizona Library n.d., RIO Glossary, last updated 1 September 1998,

Arizona, United States, viewed 30 June 2005, <http://www.library.arizona.edu/rio/glossary.htm>.

http://www.statcan.ca/english/sdds/3302.htm

http://stopspamhere.ca/