Cyber-Crime: Issues, Data Sources, and Feasibility of Collecting Police-Reported Statistics

Cyber-crime is generally defined as a criminal offence involving a computer as the object of the crime, or the tool used to commit a material component of the offence. This report provides a preliminary look into the issues, data sources, and feasibility of collecting police-reported cyber-crime statistics. Options for the development of ongoing data collection and the nature and extent of cyber-crime activity in Canada are explored through this study.Countries around the world are currently looking at ways to ensure that these activities are properly investigated and reported. For example, the UCR National Incident Based Reporting System (NIBRS) in the United States includes a category that flags computer-related crimes. The NIBRS provides the capability to indicate whether a computer was the object of the crime and to indicate whether the offenders used computer equipment to perpetrate a crime.Similar to research findings, consultations with Canadian police indicated that a uniform definition of cyber-crime has not been established among the police community. Of the 11 major police forces consulted, 8 have a specialized unit that is responsible for investigating cyber-crimes and have developed definitions, policies and procedures to assist in the investigation. Of these eight police forces, six have a system in place that collects data or information on cyber-crime activity. The police forces that did not currently collect this information stated that putting a data collection procedure in place would not result in significant respondent burden.As a result of the consultations with police, two options have been identified for the future collection of data on cybercrime from police services in Canada. The first option is to conduct a special study to collect detailed information from police agencies that currently collect cyber-crime statistics. The second option is to modify the Incident-based Crime Statistics (UCR2) Survey. This option would include adding a data element that identifies criminal offences involving a computer as the object or as the tool used to commit the crime. Both options are recommended to address the shortterm and long-term data needs of law enforcement agencies, policymakers and legislators.