Book

Cybercrime in the Greater China Region: Regulatory Response and Crime Prevention across the Taiwan Strait

Authors:

Abstract

Cybercrime is a worldwide problem of rapidly increasing magnitude and, of the countries in the Asia Pacific region, Taiwan and China are suffering most. This timely book discusses the extent and nature of cybercrime in and between Taiwan and China, focussing especially on the prevalence of botnets (collections of computers that have been compromised and used for malicious purposes). The book uses routine activity theory to analyse Chinese and Taiwanese legal responses to cybercrime, and reviews mutual assistance between the two countries as well as discussing third party cooperation. To prevent the spread of cybercrime, the book argues the case for a ‘wiki’ approach to cybercrime and a feasible pre-warning system. Learning from lessons in infectious disease prevention and from aviation safety reporting, Cybercrime in the Greater China Region proposes a feasible information security incident reporting and response system. Academics, government agency workers, policymakers and those in the information security or legal compliance divisions in public and private sectors will find much to interest them in this timely study.
... There has been a rapid and constant growth in the number of internet users in China. According to World Factbook published by the Central Intelligence Agency, there were about 253 million internet users in China in 2008, or 19% of the population (Central Intelligence Agency, 2010Chang, 2012). While technology has brought convenience and efficiency, Chinese internet users are also facing increased cybercrime threats. ...
... Routine Activity Theory (RAT) is one of the most popular criminological theories that has been used by academics to explain cybercrime (Chang, 2012;Chon & Broadhurst, 2014). Grabosky (2001) argued that the three elements that define a criminogenic situation − motivated offenders, suitable targets, and the absence of capable guardians − have their corresponding components in cyberspace. ...
... For instance, a hacker can be hired to develop malware and deliver it to an agent who then sells the malware to clients. The products and services provided by the hacker can potentially help buyers to develop the capacity for future cybercrime activities (Chang, 2012;Gu, 2015;Sood et al., 2013). ...
Article
China has witnessed a rapid growth in internet use alongside an unprecedented increase in cybercrimes. Although studies have suggested that there are many factors that may contribute to the growing number of cybercrimes, such as the widespread use of online gaming, the low average income of internet users, and an increased access to IT skills, systematic analyses of actual convictions are rare. As the level of domestic cybercriminal activities increases rapidly, there is a growing call for empirical studies on cybercrime in China. Through the extraction of data from China Judgements Online, the newly released Chinese judgements service, this study examines the basic characteristics of cybercrimes in China by analysing 448 sentencing documents that cover four types of computer crimes: online frauds, real asset theft, virtual asset theft, and stolen accounts. We analyse cybercrime cases from the perspective of the underground economy, focusing on the roles that cybercriminals play in the value chains of the online underground market; more specifically, what kind of products and services are enabled through cyber theft, and how those products and services are integrated as components of the underground economy.
... The growth of the internet, and the global reliance on this infrastructure, has shifted offending behaviour. Hacking, or an unauthorised access to computers and networks, has transitioned previously geographic located crimes, such as fraud, theft, and even treason (Katz, 2016), to a space without borders (Chang, 2012). The unpredictability and anonymity of hacking causes a unique fear of victimisation that incorporates individuals, organisations, and nation states, and despite the difficulties of tracking or catching hackers due to its transnational characteristics, a range of legal responses have been employed to address such offending. ...
... Non-signatory states such as Taiwan and the People's Republic of China have also amended their Criminal Codes to include hacking offences, which are punishable by up to 3 years imprisonment (Chang, 2012). Though these responses are designed to target malicious hacking, those who hack in order to promote cybersecurity and increase their employability are also criminalised. ...
... This article theorises an alternative response to hacking, restorative justice, Braithwaite's (1989) paradigm of reintegrative shaming, and regulatory self-enforcement or responsive regulation (Ayres & Braithwaite, 1992), alongside a multi-sided regulatory pyramid (Gunningham & Grabosky, 1998) and Regulatory Enforcement and strength-based pyramidexpanded model (Chang, 2012). This paper argues that, rather than incarcerating and stigmatising hackers, alternative responses including strength-based regulation from both the state private corporations would better respond to certain forms of cyber offending. ...
Article
Full-text available
Like most criminological research, much of the research on hacking has predominantly focused upon the Northern Metropolis. As a result, there is a lack of focus on cybercrime within the Global South, particularly on illegal intrusions into computer systems, more colloquially known as hacking. This article provides a critical overview of hacking in the Global South, highlighting the role of strain in this offending behaviour. In particular, the authors note the role of Australian, American, and Taiwanese immigration policies that act to block offenders’ transitions from illicit hacking to legitimate employment in technological hubs outside of the Global South. To address these blocked opportunities, this article suggests the use of innovative justice paradigms, particularly restorative justice and regulatory self-enforcement, that respond to innovation-based cybercrime while also facilitating offender movement into “white hat” employment, even in cases of technology-facilitated sexual violence.
... In contrast the Taiwanese Government has expressed an interest in signing the Convention on Cybercrime, but is hindered by its ambiguous political situation, where it is not recognized by the Council of Europe as a country (Chang, 2010) Given the limited degree of participation of countries in Asia in the Convention China along with India, South Korea, and a number of other developing countries recently initiated a proposal to create a new global cybercrime treaty. More than 50 per cent of the world's population, or an estimated 40 per cent of all Internet users, do not come under the auspices of the CoE Convention. ...
... Large bot-nets with hundreds of thousands of computers have been discovered, and these have been employed for purposes of cyber-terrorism and cyber-warfare. Bot-nets may mimic in some ways a form of cyber-organised crime (Chang, 2010). Using bot-infected computers as springboards to launch cyber attacks, criminals can avoid investigation or disturb investigation as the compromised computers are usually located in different countries and there are still no guidelines for international cooperation on investigation. ...
... In contrast the Taiwanese Government has expressed an interest in signing the Convention on Cybercrime, but is hindered by its ambiguous political situation, where it is not recognized by the Council of Europe as a country ( Chang, 2010) Given the limited degree of participation of countries in Asia in the Convention China along with India, South Korea, and a number of other developing countries recently initiated a proposal to create a new global cybercrime treaty. More than 50 per cent of the world's population, or an estimated 40 per cent of all Internet users, do not come under the auspices of the CoE Convention. ...
Chapter
Full-text available
The rapid growth in Internet use in Asia, including a tenfold or more increases in access in China, Indonesia and India since 2002 has also been accompanied by significant increases in cybercrime. The development of commercial-scale exploit toolkits and criminal networks that focus on monetization of malware have amplified the risks of cybercrime. The law-enforcement response in Asia is briefly reviewed in the context of the 2001 Council of Europe’s Cybercrime (Budapest) Convention. We describe the nature of cybercrime (including both ‘hate’ or content and ‘crime-ware’ such as botnets) and compare the laws and regulations in Asian states with the provisions of the Convention. The challenges faced in developing effective cross-national policing of cybercrime in Asia are also addressed as problems emerge around cloud computing, social media, wireless/smart phone applications and other innovations in digital technology.
... That is, combating cybercrime is no longer an effort that can be done by only law enforcement agencies. With the private sector holding most of the information, there is a need to build a feasible public and private collaboration against cybercrime (Chang, 2012). ...
... Without efficient and close collaboration between governments in crime investigation, exchange of crime information and evidence, as well as extradition processes, cybercriminals face a low risk of arrest and prosecution. Chang (2012) argues that the special political situation between Taiwan and China gives cybercriminals an opportunity to conduct cross-border crime. Also, inconsistency of laws and the lack of extradition rules hinder the investigation of cross-border cybercrimes. ...
... Offenses Against Computer Security (Chang, 2012). There are six articles (Articles 358 to 363) in this Chapter, covering illegal access, illegal interception, data To capture a wide range of literature that examines illicit transactional methods in cybercrime, we adopted a five-step process. ...
... They also have a duty to report any malicious software found and to share that information with other companies. Most of the large telecommunication companies and internet service providers (ISPs), such as China Telecom, CNNIC, Yahoo!, Baidu and Sina, signed up to this self-regulation agreement (Chang 2012). ...
... Brenner (2005) proposed a 'distributed security' scheme to emphasise that government, users (individual and organisational) and computer architects should all share responsibility for cybersecurity. Similarly, Chang (2012) proposes the idea of 'wiki cybercrime prevention' to address the necessity of mass collaboration between the government and the private sector when sharing information on security incidents and establishing early warning schemes. Brenner (2005) argues that, unlike crime in the real world, cybercrime is not typical one-to-one victimisation. ...
... Therefore, for cybercrime prevention, risk management measures become particularly important in the prevention of malicious activities from spreading and in reducing harm to society. Chang (2012) also emphasises the importance of civilian participation in cybercrime prevention. Learning from infectious disease prevention models, he advocates 'wiki cybercrime prevention'. ...
Chapter
Full-text available
The challenge of discouraging undesirable conduct in cyberspace is, in many respects, similar to the management of misconduct ‘on the ground’. In terrestrial space, most social control is informal. Cultures— whether they are cultures of indigenous peoples or of the modern university—have their social norms, to which most of their members adhere. Minor transgressions tend to elicit expressions of disapproval, while more serious misconduct may be met with ridicule, ostracism, some form of ‘payback’ or expulsion from the group or organisation. With the rise of the modern state, formal institutions of social control have evolved to provide rules of behaviour, forums for the resolution of disputes between citizens and institutions for policing, prosecution, adjudication and punishment of the most serious transgressions. However, it is now generally accepted that governmental agencies of social control are neither omnipresent nor omnipotent, thus creating a demand for supplementary policing and security services. ese state institutions are accompanied by a variety of non-state bodies that ‘coproduce’ security. Such entities vary widely in size and role, from large private security agencies and the manufacturers and distributors of technologies such as closed-circuit television (CCTV), to the good friend who keeps an eye on her neighbour’s house at vacation time. is wider notion of policing terrestrial space has been nicely articulated by scholars such as Bayley and Shearing (1996) and Dupont (2006) (see also Brewer, Chapter 26, this volume). Cyberspace di ers only slightly from terrestrial space in its response to antisocial behaviour. Most of us who use digital technology do the right thing not because we fear the long arm of the law in response to misconduct, but, rather, because we have internalised the norms that prevail in our culture (on compliance generally, see Parker and Nielsen, Chapter 13, this volume). Most of us take reasonable precautions to safeguard things of value that might exist in digital form. Nevertheless, because there are deviant subcultures whose members do not comply with wider social norms, and nonchalant citizens who are careless with their digital possessions, there is a need for formal institutions of social control in cyberspace. So, too, is there a need for the coproduction of cybersecurity. One characteristic of cyber-deviance that di ers signi cantly from terrestrial misconduct is that cross-national activity is much more common. Very early on in the digital age it was said that ‘cyberspace knows no borders’. e nature of digital technology is such that one may target a device or system physically located on the other side of the world just as easily as one in one’s own hometown. A successful response to transnational cybercrime thus requires a degree of cooperation between states—cooperation that may not be automatically forthcoming. e governance of cyberspace is no less a pluralistic endeavour than is the governance of physical territory. is chapter will provide an overview of regulatory and quasi-regulatory institutions that currently exist to help secure cyberspace. In addition to state agencies, we will discuss a constellation of other actors and institutions, some of which cooperate closely with state authorities and others that function quite independently. ese range from large commercial multinationals such as Microsoft, Google and Symantec; other non-governmental entities such as computer emergency response teams (CERTs); groups like Spamhaus and the Anti-Phishing Working Group; and hybrid entities such as the Virtual Global Task Force and End Child Prostitution, Child Pornography and Tra cking of Children for Sexual Purposes (ECPAT), both of which target online child sexual abuse. In addition, there are independent, ‘freelance’ groups such as Cyber Angels, which exist to promote cybersafety, and ad hoc, transitory collectives that engage in independent patrolling and investigation of cyberspace. Other groups, such as Anonymous, and whistleblowers such as Edward Snowden, challenge apparent cyberspace illegality with sometimes questionable methods of their own. Anonymous attacked sites related to child pornography in 2011 (Operation Darknet) and Edward Snowden’s disclosures revealed questionable practices by the US National Security Agency. e next section of this chapter will brie y review some of the more important published works on the social regulation of digital technology. We will then discuss, in order, state, private and hybrid regulatory orderings. e chapter will conclude with some observations on regulatory orderings in cyberspace, through the lens of regulatory pluralism.
... Julia Black (2001) referred to a 'postregulatory world' in which governments no longer monopolize regulation, and later noted the complexity and fragmentation of regulatory systems (Black 2008). Chang (2012b) examined the importance of involving non-state actors (both commercial and non-commercial) as regulators in fostering computer security incident reporting. ...
... Some researchers have proposed a theoretical framework of nodal governance for the policing of cyberspace that conveys the notion that policing needs to be conducted through the collaborative efforts of plural actors (nodal clusters), including criminal investigators, private industry players and individual Internet users (Huey et al., 2013). And with the rise of internet vigilantism (netilantism) and public-private cooperation (coproduction) in cybercrime investigation (Brenner, 2007;Chang, 2012b;Chang and Poon, 2016;Huey et al., 2013;Nhan et al., 2015), there is a need for us to understand how private sectors and netizens can help in coproduction of cyber security and the risks that may accompany it. ...
... As mentioned, while critical infrastructure related institutions are required by law to report any computer incidents to the government, other institutions are also encouraged to report computer incidents. Such information will then be analysed and disseminated to other institutions as a pre-warning scheme (Chang, 2012b). ...
Article
Full-text available
Given the limited resources and capabilities of states to maintain cyber security, a variety of co-production efforts have been made by individuals, or by collectives of varying degrees of organization and coordination. This article identifies different forms of citizen coproduction of cyber security and notes the risk of unintended consequences. Safeguards and principles are proposed in order to facilitate constructive citizen/netizen co-production of cyber security. Although co-production of security can contribute to social control, only those activities within the bounds of the law should be encouraged. Activities of private citizens/netizens that test the limits of legality should be closely circumscribed.
... In contrast the Taiwanese Government has expressed an interest in signing the Convention on Cybercrime, but is hindered by its ambiguous political situation, where it is not recognized by the Council of Europe as a country ( Chang, 2010) Given the limited degree of participation of countries in Asia in the Convention China along with India, South Korea, and a number of other developing countries recently initiated a proposal to create a new global cybercrime treaty. More than 50 per cent of the world's population, or an estimated 40 per cent of all Internet users, do not come under the auspices of the CoE Convention. ...
... Large bot-nets with hundreds of thousands of computers have been discovered, and these have been employed for purposes of cyber-terrorism and cyber-warfare. Bot-nets may mimic in some ways a form of cyber-organised crime ( Chang, 2010). Using bot-infected computers as springboards to launch cyber attacks, criminals can avoid investigation or disturb investigation as the compromised computers are usually located in different countries and there are still no guidelines for international cooperation on investigation. ...
Chapter
Full-text available
The rapid growth in Internet use in Asia, including a tenfold or more increases in access in China, Indonesia and India since 2002 has also been accompanied by significant increases in cybercrime. The development of commercial-scale exploit toolkits and criminal networks that focus on monetization of malware have amplified the risks of cybercrime. The law-enforcement response in Asia is briefly reviewed in the context of the 2001 Council of Europe’s Cybercrime (Budapest) Convention. We describe the nature of cybercrime (including both ‘hate’ or content and ‘crime-ware’ such as botnets) and compare the laws and regulations in Asian states with the provisions of the Convention. The challenges faced in developing effective cross-national policing of cybercrime in Asia are also addressed as problems emerge around cloud computing, social media, wireless/smart phone applications and other innovations in digital technology.
... There is also increasing concern about cybercrime in China (China Daily 2010;Pauli, 2012). The source and extent of malware attacks (whether of domestic or foreign origin) and the scale of malware-botnet activity remain unclear, but a substantial proportion of Chinese computers are compromised and it is likely that local crime groups play a crucial role (Kshetri, 2013a;Chang, 2012;Kshetri, 2013b;Broadhurst & Chang, 2013). A recent study of spam and phishing sources found that these originated from a small number of ISPs (20 of 42,201 observed), which the author dubbed 'Internet bad neighbourhoods.' ...
... So-called botnets involve an offender using malicious software to acquire control over a large number of computers (the largest including more than a million separate machines). Even though the individual and institutional custodians of compromised computers may be unwitting participants in a criminal enterprise, some commentators maintain that botnets mobilized by a sole offender should be considered a form of organized crime (Chang, 2012). ...
Article
Full-text available
This paper explores the nature of groups engaged in cybercrime. It briefly outlines the definition and scope of cybercrime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups. The paper gives examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cybercrime and different forms of criminal organization are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organizational structures are involved in cybercrime. Enterprise or profit-oriented activities, and especially cybercrime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command.
... There is also increasing concern about cybercrime in China (China Daily 2010;Pauli, 2012). The source and extent of malware attacks (whether of domestic or foreign origin) and the scale of malware/botnet activity remain unclear, but a substantial proportion of Chinese computers are compromised and it is likely that local crime groups play a crucial role (Kshetri, 2013a;Chang, 2012;Kshetri, 2013b;Broadhurst & Chang, 2013). A recent study of spam and phishing sources found that these originated from a small number of ISPs (20 of 42,201 observed), which the author dubbed 'Internet bad neighbourhoods.' ...
... So-called botnets involve an offender using malicious software to acquire control over a large number of computers (the largest including more than a million separate machines). Even though the individual and institutional custodians of compromised computers may be unwitting participants in a criminal enterprise, some commentators maintain that botnets mobilized by a sole offender should be considered a form of organized crime (Chang, 2012). ...
Article
Full-text available
This paper explores the nature of groups engaged in cybercrime. It briefly outlines the definition and scope of cybercrime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups (OCG). We give examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cybercrime and different forms of criminal organisation are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organisational structures are involved in cybercrime. Enterprise or profit-oriented activities, and especially cybercrime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command.
... There is also increasing concern about cybercrime in China (China Daily 2010;Pauli, 2012). The source and extent of malware attacks (whether of domestic or foreign origin) and the scale of malware/botnet activity remain unclear, but a substantial proportion of Chinese computers are compromised and it is likely that local crime groups play a crucial role (Kshetri, 2013a;Chang, 2012;Kshetri, 2013b;Broadhurst & Chang, 2013). A recent study of spam and phishing sources found that these originated from a small number of ISPs (20 of 42,201 observed), which the author dubbed 'Internet bad neighbourhoods.' ...
... So-called botnets involve an offender using malicious software to acquire control over a large number of computers (the largest including more than a million separate machines). Even though the individual and institutional custodians of compromised computers may be unwitting participants in a criminal enterprise, some commentators maintain that botnets mobilized by a sole offender should be considered a form of organized crime (Chang, 2012). ...
Article
Full-text available
This paper explores the nature of groups engaged in cyber crime. It briefly outlines the definition and scope of cyber crime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups. The paper gives examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cyber crime and different forms of criminal organization are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organizational structures are involved in cyber crime. Enterprise or profit-oriented activities, and especially cyber crime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command.
... Academics also agree that traditional police powers are no longer sufficient to investigate crime in the digital age and manage cyber security (Brenner, 2010;Chang, 2012a;Broadhurst, 2006;Grabosky, 2016), and thus establishing a distributed cyberpolicing or 'wikified' criminal investigation model is a matter of urgency (Brenner, 2007(Brenner, , 2009Wall, 2008Wall, /2010. That is, policing cyberspace and cybercrime needs to be conducted through the collaborative efforts of plural actors (nodal clusters), including criminal investigators, private industry players and individual Internet users such as Internet vigilantes (cyber vigilantes) (Dupont, 2004;Grabosky 2016;Huey et al., 2013). ...
... DDoS attacks might also disrupt systems that are used by government and critical infrastructure services including energy, financial and transportation. The most famous case is the 'Estonia cyber-attack' which swamped the websites of the Estonian Government and its agencies and enterprises, including television stations, newspapers, banks and schools (Chang, 2012a;Chang, Zhong & Grabosky, 2016;Katyal, 2005). During the patriotic cyber attacks, innocent private sectors are usually damaged during the hacking and counter-hacking activities (see Chang 2012cChang & 2017. ...
Chapter
Full-text available
Grabosky (2013) argued that, since the original publication of Ayres and Braithwaite (1992), three general trends in regulatory pluralism had emerged or intensified. These included the weakening or at least symbolic withdrawal of state regulatory activities; the increase in nongovernmental participants and activities in the regulatory process and the growth of digital technology which allows more citizen involvement in the regulatory process. Technology not only enhanced the regulatory capacity of the state but also increased the regulatory capacity of non-state actors. Before the onset of the digital age, various forms of citizen participation in the regulatory process could be observed. Ayers and Braithwaite (1992) envisaged that “citizens can exercise vigilance over the performance of regulatory agencies, or over the behaviour of corporate actors directly” (cited from Grabosky, 2013: 118). The democratisation of digital technology has empowered and mobilised ordinary citizens to participate in the regulatory process to an unprecedented extent that was unimaginable three decades ago (Grabosky, 2017). Netizens (Internet citizens) are also using new technologies to assist in labour-intensive investigations of non-compliance. This chapter will discuss how citizens are facilitated and empowered by digital technology to co-producing security and compliance in both the real world and cyber world, its nature and challenges. It will start with the definition of netilantism, types of netilantism, characteristics of netilantes and consequences of netilantism.
... Private citizens, commercial entities and non-profit organisations alike may all be in a position to identify apparent incidents of online illegality and to report them to the authorities. Some may be able and willing to investigate and report the incident as well (Chang 2012). These responses may be motivated by self-interest, by concern for the wider public good or by some combination of the two. ...
... Invited co-production can also be seen in laws and regulations which encourage the reporting of computer incidents. Such information can then be analysed and disseminated to other institutions as a pre-warning scheme (Chang 2012). ...
Chapter
Full-text available
Within the constraints of this research, this chapter explores variations in how offenders acquire the knowledge, skills and techniques necessary to commit a range of financial crimes. It argues that foundation, or baseline, knowledge required by financial criminals is often learned in legitimate settings, including through on-the-job learning and legitimate daily routines. In the absence of traditional learning opportunities, four alternative learning sources are introduced in this chapter in order to reveal how legitimate knowledge, skills and technique deficiencies are met or augmented, often by organised crime groups, in order to facilitate crime. A clear distinction has been drawn between legitimate knowledge and skill learning and the learning of more specialised criminal techniques. This study contributes to the body of financial crime research on how these crimes are committed and highlights areas in which organisations and law enforcement agencies are able to reduce the opportunity for alternative learning sources that financial criminals may utilise in preparing for their crimes.
... Public-private cooperation in criminal investigations is growing, with some cybercrime investigations being conducted with the support of financial institutions and information security companies (Chang 2012a(Chang , 2012b. Criminal investigations that rely on cyber crowdsourcing can be seen as "wikified" investigations. ...
... Wiki use is based on four principles: being open, peering, sharing, and acting globally (Tapscott and Williams 2007). The concept has recently been adopted by academics, particularly those in the criminology arena, to describe cybercrime and cybercrime prevention (Chang 2012a;Wall 2008Wall /2010 and to assess how the latter can be facilitated through mass collaboration and participation. Cyber crowdsourcing satisfies the four principles of wiki use and operates in a way similar to Wikipedia and Baidu Knowledge (Xu and Ji 2008). ...
Chapter
Full-text available
Cyber crowdsourcing — known in Chinese as renrou sousou, literally “human flesh search” (HFS) — is a type of collective online action aimed at discovering facts relating to certain events and/or publicizing details concerning a targeted individual (Cheung 2009; Herold 2011; Ong 2012). It involves the tracking down and publishing on the Internet of information that might help to solve a crime or to disclose personal information of someone who has allegedly engaged in corrupt practices or immoral behavior (Hatton 2014; Ong 2012). It can also be used to identify people in events that attract the public’s attention, such as love affairs of celebrities. Examples from the Chinese online community include news about people who abuse animals, teenagers who do not respect their elders, wealthy children who do not care about the feelings of others, and the behavior of corrupt officials. Although some Chinese researchers claim it is an online phenomenon unique to the Greater China region (Cheng and Xue 2011), similar cases have emerged in the West in recent years. One recent example is the identification of suspects responsible for the Boston marathon bombings (Wadhwa 2013).
... Private citizens, commercial entities and non-profit organisations alike may all be in a position to identify apparent incidents of online illegality and to report them to the authorities. Some may be able and willing to investigate and report the incident as well (Chang 2012). These responses may be motivated by self-interest, by concern for the wider public good or by some combination of the two. ...
... Invited co-production can also be seen in laws and regulations which encourage the reporting of computer incidents. Such information can then be analysed and disseminated to other institutions as a pre-warning scheme (Chang 2012). ...
Chapter
Full-text available
Illegal, unreported and unregulated (IUU) fishing is a global issue that requires a global solution. While recent responses have increased awareness among law and policymakers and consumers, there is still a lack of adequate control. In fact, the ongoing nature of IUU fishing facilitates other crimes, such as forced and low paid labour aboard IUU fishing vessels and trafficking fishers into IUU fishing. Lax border control and/or corruption of border officials shield and facilitate the continuation of IUU fishing in many locations. In order to control IUU fishing effectively, drivers enabling opportunity for criminals and barriers to crime control must be understood. IUU fishing is made up of three separate concepts, defined in the United Nations Food and Agricultural Organization (FAO) International Plan of Action to Prevent, Deter and Eliminate Illegal, Unreported and Unregulated Fishing (IPOA-IUU), adopted in Rome in 2001 (Food and Agricultural Organization 2001). Illegal fishing involves offences contravening domestic and regional fishery management organisation (RFMO) laws; unreported fishing includes nonreporting, misreporting or under-reporting contrary to laws and RFMO measures; and unregulated fishing relates to activities which states have not regulated, as well as the activities of stateless vessels and non-parties to RFMOs (Food and Agriculture Organization 2001: paragraphs 3.1, 3.2 and 3.3). IUU fishing is a broad catch-all concept for a variety of (mostly) illicit fishing activities. It violates, or at least disregards, international, regional and local fishing laws and regulations in order to yield the greatest catch. Lack of awareness of relevant rules is inadequate justification for violation. Regardless of their ignorance, the illegal fishers’ activities are condemnable. Estimates reveal that over 85 percent of global fish stocks are at risk of IUU fishing, and approximately 25 percent of global fisheries are illegal, totalling global losses of close to US$23.5b per year (Ocean Unite 2016; World Wildlife Fund 2015). Beyond the financial loss, the marine environments and fish stocks within it are at serious risk of endangerment and potential depletion. Further worsening the issue, evidence has emerged of the link between organised crime and illegal fisheries. The scale and organisation of these enterprises are staggering. Significantly, the IPOA-IUU does not address fisheries crime, and neither do most of the measures adopted by regional fisheries management organisations, bodies that operate mostly on the high seas to promote sustainable fisheries. IUU fishing alone is an issue warranting global concern, yet, when it is coupled with organised crime and environmental degradation, the need to effectively respond to the issue is magnified. IUU fishing is enabled by a number of factors, in particular, corruption and lax regulatory enforcement at several points along the supply chain. Most commonly, IUU fishing is enabled by vessels flagged to open registries, using transhipping, or mixing illegal with legal catches at sea, using ports of convenience, and tax havens (Martini 2013: 3). Each of these methods intends to disregard or in some way evade controls in place to protect marine life, promote fair market share and provide the relevant state with its due revenues. This chapter critically explores the enablers leading to Indo-Pacific IUU fishing and other related crimes at sea, through a criminological lens.
... Private citizens, commercial entities and non-profit organisations alike may all be in a position to identify apparent incidents of online illegality and to report them to the authorities. Some may be able and willing to investigate and report the incident as well (Chang 2012). These responses may be motivated by self-interest, by concern for the wider public good or by some combination of the two. ...
... Invited co-production can also be seen in laws and regulations which encourage the reporting of computer incidents. Such information can then be analysed and disseminated to other institutions as a pre-warning scheme (Chang 2012). ...
... When a given case of cyberbullying is interpreted as not being serious, then bystanders may not want to step in. In addition, on the basis of routine activity theory (Chang, 2012;Cohen & Felson, 1979), the absence of a capable guardian, which may arise from the individual's low perceived severity of a given cyberbullying incident, combined with a potential offender(s) and a suitable target, offers more opportunities for cyberbullying to occur repeatedly. ...
Article
This study aimed to develop a new scale to examine primary and secondary school students’ perceptions of the severity of cyberbullying behaviours, and to explore further whether differences exist in the means of gender, grade and participant role. A total of 707 primary and secondary school students (M = 14.7) in Taiwan participated in this study. Two Olweus-like global items were used to identify students’ participant roles. A self-reported cyberbullying severity scale (CSS) was developed and validated by Rasch measurement. Results of this study supported the reliability and validity of the 16-item CSS. Impersonation was rated as the most serious type of cyberbullying. Cyberbullying behaviours that occurred in private were rated as less severe than were those that occurred in public. A Rasch latent regression analysis revealed that some gender and involvement effects were found, but no statistically significant difference was found among means of four participant roles. The behavioural hierarchy of cyberbullying severity, mean differences among personal attributions and cyberbullying intervention are discussed at the end of the article.
... Think of botnets, networks of infected computers controlled by one or more controllers to carry out cyberattacks, and which are increasingly being used for cybercrime. In this context, Broadhurst et al. (2014: 4) (Chang 2012)». In this case, we still refer to natural persons: the controller of the botnet and the administrators of the controlled machines. ...
Article
Full-text available
As technology has changed people’s lives, criminal phenomena are also constantly evolving. Today’s digital society is changing the activities of organized crime and organized crime groups. In the digital society, very different organized crime groups coexist with different organizational models: from online cybercrime to traditional organized crime groups to hybrid criminal groups in which humans and machines ‘collaborate’ in new and close ways in networks of human and non-human actors. These criminal groups commit very different organized crime activities, from the most technological to the most traditional, and move from online to offline. They use technology and interact with computers for a variety of purposes, and the distinction between the physical and virtual dimensions of organized crime is increasingly blurred. These radical developments do not seem to be accompanied by a new criminological theoretical interpretive framework, with a definition of organized crime that is able to account for the changes that digital society brings to organized crime and generate modern research hypotheses. This article proposes the concept of digital organized crime and the spectrum theory of digital organized crimes, to be embedded within a current, revised sociological theory of the organization of crime and deviance in digital society (a new theory of digital criminal organizing) and argues that the study of digital organized crime will increasingly require a digital sociology of organized crime. Criminologists are called upon to work in this direction.
... Netilantism may be regarded as a new type of citizen policing. Academics and practitioners agree that traditional police powers are no longer sufficient to investigate cybercrime and manage online security (Broadhurst & Chang, 2013;Chang, 2012), and thus establishing a distributed cyber-policing or wikified cybercrime investigation model is a matter of urgency (Brenner, 2007;Chang, 2013). However, as ordinary members of the public are not formally trained in policing methods including the collection of evidence and protection of the rights of citizens, netilantism could both jeopardise and facilitate social justice. ...
Article
Full-text available
With the development of the Internet, Internet vigilantism (netilantism) has emerged as a new phenomenon in recent years. Although there are several qualitative studies explaining netilantism, there is little empirical research on public perceptions of netilantism. This article aims to outline Hong Kong university students' general perception of netilantism and investigate the differences between different roles in netilantism. By using empowerment theory as the theoretical framework, we will investigate whether Internet vigilantes (netilantes) (a) perceive the criminal justice system as effective, (b) possess high levels of self-efficacy in the cyber world, and (c) tend to believe netilantism can achieve social justice. Findings support the proposition that human flesh search engine is an empowerment tool for the netilante enabling him or her to achieve his goal of social justice. Different roles in netilantism (i.e., bystander, netilante, victim, and none of the above roles) have different perceptions of netilantism and the criminal justice system. The results will be explained by studying two representative cases of netilantism-the "Government Official Molestation" case and the "Cat Abuse in Shun Tin Village" case from China and Hong Kong, respectively.
... Moreover, the adjective 'organised' has been proving inadequate when investigating new typologies of crimes, especially internet-enabled crimes or cyber-crimes, as well as some forms of drug trafficking or illegal trades in tobacco and alcohol. Some scholars (Broadhurst et al., 2014;Chang, 2012) have also argued for the possibility of one offender only committing organised crimes in the virtual space. Most crimes have been changing in the past decades to take various forms and to include different types of criminal actors that can range from highly hierarchical gang-style or mafia-style groups to looser networks, from white-collar criminals to online adventurers (Edwards and Jaffrey, 2014;Lavorgna, 2014a;Paoli, 2002). ...
Conference Paper
Full-text available
Section 45 of the Serious Crime Act 2015 contains new offences for participation in organised crime groups' activities. This section mentions for the first time 'organised criminal groups and activities' in the law in England and Wales. This paper will interpret and critically analyse the new offences for organised crime from a criminological perspective in light of evidence found in research. It will argue that this legal change is informed by political narratives on organised crime rather than by variations in the criminal panorama. The paper will then identify three perspectives for concern: the narrative perspective, which reflects on the overlapping of meanings of the words 'organised crime'; the evolution perspective, which reflects on the origins of the new participation offences with reference to both national and international pressures; and the management perspective, which reflects on some of the immediate effects of the new offences of organised crime on the criminal justice system.
... 5. Interestingly, Taiwan and China are both not signatory to the Convention on Cybercrime for different reasons: China has not sign the Convention not only because that Chinese laws and regulations do not fit in the Convention but also that China was not invited when the Convention was drafted; Taiwanese government has expressed interest in signing the Convention but it is not recognised as a qualified signatory as it is not recognised by the Council of Europe as a country (Chang 2012). 6. ...
Article
Cybercrime across the Taiwan Strait has become a global issue. Due to the large number of internet users and the special political situation across the Taiwan Strait, the Republic of China (Taiwan hereafter) and the People’s Republic of China (China hereafter) are two countries where malicious computer activity is rampant. Malicious computer activity across the Taiwan Strait has an impact not only on Taiwan and China, but also on many other countries. For example, it has been reported that there have been computer attacks the U.S. originating from computers in Taiwan but controlled by command and control servers in China. It is important to understand current policing measures taken by Taiwan and China against cybercrime; however, there is limited empirical research on this issue. To fill this gap this paper will be based on interviews conducted in Taiwan and China in 2008-2009, discuss current problems and issues that the Taiwanese and Chinese governments face when policing cybercrime. It will also examine whether current existing semi-governmental and informal cooperative measures against cross-Strait crime are adequate in addressing the problem of cross-Strait cybercrime.
... Moreover, the adjective 'organised' has been proving inadequate when investigating new typologies of crimes, especially internet-enabled crimes or cyber-crimes, as well as some forms of drug trafficking or illegal trades in tobacco and alcohol. Some scholars (Broadhurst et al. 2014;Chang 2012) have also argued for the possibility to have one offender only committing organised crimes in the virtual space. Most crimes have been changing in the past decades to take various forms and to include different types of criminal actors that can range from highly hierarchical gang-style or mafia-style groups to looser networks, from white-collar criminals to online adventurers (Edwards and Jeffray 2014;Lavorgna 2015Lavorgna , 2014Paoli 2002). ...
Article
Full-text available
This paper will interpret and critically analyse the new offence for organised crime in England and Wales (Section 45 of the Serious Crime Act 2015) from a criminological perspective in light of evidence found in research in the country. It will argue that changes in the law relate to changes in political narratives rather than to variations in the criminal panorama of organised crime. It will discuss these changes within three perspectives, which address various levels of concern: a narrative perspective, which reflects on the overlapping of meanings in the use of the words ‘organised crime’; an evolution perspective, which reflects on the origins of the new participation offences with reference to both national and international pressures; a management perspective, which reflects on some of the immediate effects of the new offences of organised crime on the criminal justice system. This paper will conclude that political narratives have indeed influenced criminal policy, while there is no significant change in the phenomenon of organised crime to justify such narratives.
... There is also increasing concern about cyber crime in China (China Daily, 2010; Pauli, 2012). The source and extent of malware attacks (whether of domestic or foreign origin) and the scale of malware-botnet activity remain unclear, but a substantial proportion of Chinese computers are compromised and it is likely that local crime groups play a crucial role (Kshetri, 2013a; Chang, 2012; Kshetri, 2013b; Broadhurst & Chang, 2013). A recent study of spam and phishing sources found that these originated from a small number of ISPs (20 of 42,201 observed), which the author dubbed 'Internet bad neighbourhoods.' ...
Book
Full-text available
The rapid development of computer connectivity and the role of the Internet in the emergence of new e-commerce markets have increasingly attracted the attention of national governments and international agencies. Hyperbole aside, the astonishing reach of these tools has changed the way a large part of the world communicates and does business. It may be too early to evaluate claims that this medium ushers in an irresistible phase of a global ‘information revolution’ and with it a ‘new economy’. However, we can be certain that with the erosion of traditional barriers to communication, our concepts of time and place have irrevocably changed and the process of ‘globalisation’ has accelerated. The convergence of computing and communications and the exponential growth of digital technology have brought enormous benefits to modern society. Along with these new benefits, however, come greater risks. As never before, and at negligible cost to themselves, lone offenders can inflict catastrophic loss or damage on individuals, companies, and governments from the other side of the world. With these developments has come the awareness that ‘information security’ is no longer a matter for the technical and computer specialist, but for millions of people who now engage these new media every day for business, communications and leisure. The continued prosperity of industrial nations, and the economic development of the world’s less affluent societies, seems likely to depend increasingly on electronic commerce. To the extent that public confidence in e-commerce is jeopardised by criminal activity, so too will economic well-being be threatened.
... Heinl (2014) suggested to establish a robust ASEAN CERT to enhance incident reporting and information sharing. As Chang (2012) argues, a regional CERT might not always be able to play a good role in exchanging information among states. It still relies highly on the relationship between countries, especially when it comes to seeking help in passing related evidence for hacking or other cybercrime events. ...
Chapter
Full-text available
This chapter examines the trends in and challenges of cybercrime in the Association of Southeast Asian Nation (ASEAN) region. Although the ASEAN region is an emerging cybercrime market, there is limited research on cybercrime in ASEAN. What are the trends in and challenges of cybercrime in ASEAN? Is the current Council of Europe’s Convention on Cybercrime appropriate for ASEAN? What are the challenges faced by ASEAN countries when collaborating internationally against cybercrime? This chapter aims to answer these questions and to consider whether the strategies developed in the global north are relevant to ASEAN. This chapter will provide an overview of cybercrime trends in ASEAN, assess current measures adopted by ASEAN countries in combatting cybercrime, and make policy recommendations to strengthen those measures.
... This indiscriminate access has been far more widespread than the understanding amongst the population about the nature of the technology. With no qualification necessary to use and access social media, the perpetrators and victims of questionable content are separated by no more than a click (Chang 2012). ...
Article
Full-text available
Traditionally, the idea of being a victim is associated with a crime, accident, trickery or being duped. With the advent of globalisation and rapid growth in the information technology sector, the world has opened itself to numerous vulnerabilities. These vulnerabilities range from individual-centric privacy issues to collective interests in the form of a nation’s political and economic interests. While we have victims who can identify themselves as victims, there are also victims who can barely identify themselves as victims, and there are those who do not realise that they have become victims. Misinformation, disinformation, fake news and other methods of spreading questionable content can be regarded as a new and increasingly widespread type of collective victimisation. This paper, drawing on recent examples from India, examines and analyses the rationale and modus operandi—both methods and types—that lead us to regard questionable content as a new form of collective victimisation.
... With its comparative nature, much criminology research has relied on statistics and reports published online. For example, in cybercrime research, we see academics mapping state-laws with the Council of Europe's Convention on Cybercrime (Broadhurst & Chang, 2013;Chang, 2012Chang, , 2017Liu et al., 2017;Luong et al., 2019). ...
Chapter
Ethnographers must now confront the multi-sited, digital and mobile nature of social, cultural and economic life. As a result, the use of digital ethnography, traditional ethnographic methods modified to interact with online communities and environments, has steadily increased in anthropology and the social sciences. Criminologists are beginning to make use of the approach in response to the increasing need to account for the complex digital features of contemporary forms of criminality, victimization, policing and punishment. In this chapter, we outline some selected details of our experiences as ethnographers conducting criminological research in virtual worlds. We cover key issues that range from practical challenges and ethical quandaries through analytical capabilities to epistemological issues in the hope our reflections go some way in helping budding digital ethnographers in criminology.
... These signifiers see their meaning shift across contexts and perspectives (MacKillop, 2018). For instance, the competing signifiers for what the term cybercrime ought to signify are 'electronic crime,' 'computer crime,' 'computer-related crime,' 'hi-tech crime,' 'technology-enabled crime', 'e-crime' or 'cyberspace crime' (Chang, 2012;Sarre et al. 2018). ...
Preprint
Full-text available
This is a general review article that traces the history of the elusive term ‘cyber’ by putting the development story together from available sources on early cybernetics and the subsequent rise of information technology, personal computers and the internet. The term ‘cyber’ presents best through the conceptual ‘Cyber’ question, i.e. “Whose use of what information and communication technology creates which changes for whom?”. The modern use of ‘cyber’ shares a history with ‘cybernetics’, but relates more narrowly to modern information and communication technologies through a specific re-emergence of the prefix from science fiction literature to international policy and academia to everyday usage.
... Most researchers who do policing or criminological studies face difficulties gaining access to police departments in China (e.g. Chang, 2012;Scoggins and O'Brien, 2016;Wang, 2014Wang, , 2020Xu, 2009;Xu and Jiang, 2019;Zhong, 2009). The author used a personal relationship to gain access to public security organs to do fieldwork and collect these data, which contain information related to the date and time of occurrence and types of call for service made from 1 January 2019 to 30 June 2020. ...
Article
Full-text available
Police service calls have been studied widely in the Western context, but they are rarely discussed in the Chinese context. For the context of this study, it is important to note that the Chinese authorities implemented the strictest lockdown after the COVID-19 pandemic began. Drawing on the data from a county-level city in Hubei province, this study examines changes in the quantity and nature of 110 service calls before, during, and after the COVID-19 pandemic lockdown. The results indicate that the average weekly call numbers before and after the lock-down were higher than during the lockdown. Meanwhile, different call types produced different patterns, though the weekly call totals decreased during the lockdown. There was a significant decrease in crime, traffic, and dispute calls, but a substantial increase in calls related to domestic violence, public security, and other issues. Changes in the frequency of different call types pose challenges to police departments. These findings will have implications for deploying police forces and allocating resources within the pandemic crisis in particular.
... Li et al., 2008;Lin & Li, 2005;Yang et al., 2009;Yoon, 2010), ignoring crime and deviance. In fact, the body of literature on cybercrimes in China is relatively limited (exceptions include Chang, 2012;Lu et al., 2010). Among the studies of Chinese cybercrime that do exist, very few have explored fraud. ...
Article
When it comes to online populations and markets, China has some of the largest in the world. As a result, Chinese cybercriminals have more opportunities to target and access victims. While extant research in Western countries has examined online fraud victimization and offenses in virtual communities, a relatively small body of research on these phenomena has been conducted in non-Western societies. This study attempts to address this gap by analyzing online fraud victimization in Chinese online communities. Routine activity theory is applied to understand the patterns and dynamics of victimization. Data were collected from Baidu Tieba (a Chinese version of Craigslist), a prominent Chinese online platform for reporting victimization. This study highlights the range of services, types, and methods along which victimization occurs. The results, which reflect China’s rapid pace of technological development, show that different types of fraud are perpetrated online and that victimization methods are associated with particular types of media. This study also identifies implications for China and other countries where similar crimes and instances in cyberspace occur.
... Analysis of the literature on crimes committed using modern technology shows that it does not provide a complete picture and definition of those crimes that are committed in the field of digital technology or using digital technology [10]. Terms such as "electronic crime," "computer crime," "crime committed using computer technology," "high-technology crime," "cybercrime", etc. [4] are used. Most often, it is alleged that the computer is the purpose of the crime [11,207] or the point is in traditional crimes but committed using computer technology [6,3]. ...
Conference Paper
Full-text available
... Specifičan oblik organizovanosti, iako ne predstavlja organizaciju ljudi, čine mreže zombi računara (botnet). One su najznačajniji novi oblik organizovanja kriminala, iako mogu da ih kreiraju pojedinci ili organizovane grupe; same po sebi ove mreže su oblik organizovanog kriminala kada se upotrebljavaju za nezakonite aktivnosti [32,91]. ...
... 15 There is still no precise and clear definition of cybercrime in academic parlance. It is sometimes called 'electronic crime,' 'computer crime,' 'computer-related crime,' 'hi-tech crime,' 'technologyenabled crime,' 'e-crime,' or 'cyberspace crime' (Chang, 2012). Grabosky (2007) classified three general forms from his exploration of legislation and the common law: crimes where the computer is used as the instrument of crime; crimes where the computer is incidental to the 20 offense, and crimes where the computer is the target of crime. ...
Chapter
Full-text available
The Internet ranks as one of the great inventions. With increasing access to the Internet and the low cost of computers, the Internet has become an integral part of our daily lives. According to the International Telecommunication Union (ITU), over 2.7 billion people were using the Internet in 2013. This is equivalent to about 40% of the world’s population. In the developed world the penetration rate is over 70%, while in the developing world it is estimated to be 30% or even less (ITU, 2013).
Chapter
The authors would like to thank Peter Grabosky, Roderic Broadhurst, Brigitte Bouhours, Mamoun Alazab, and Steve Chon for their advice and comments on an earlier draft.
Chapter
Crime has traditionally been a domestic concern for nation-states, with individual jurisdictions having their own responsibility for policing, prosecution, criminal trial, and the imposition of judicial punishments. Although some conventional crime types, such as maritime piracy, smuggling, and organized crime have always crossed jurisdictional borders and required transnational cooperation for investigation and judicial responses, it was not until the mid-twentieth century that crime became a more globalized phenomenon. As Findlay (1999, p. 2) observed: The globalisation of capital from money to the electronic transfer of credit, of transactions of wealth from the exchange of property to info-technology, and the seemingly limitless expanse of immediate and instantaneous global markets, have enabled the transformation of crime beyond people, places and even identifiable crimes.
Chapter
The digitalization of data and information is enabling and empowering more research based on data found online. Digitalization has reduced if not eliminated the technological and geographical differentials in access to data. This has made it easier for researchers in less well-endowed jurisdictions to undertake research. Researchers in crime and deviance in Southeast Asian countries are emerging and online data is often being used. However the challenges and ethical concerns of new research methodologies inherent in online research have not yet featured in the discourse. This chapter aims to explore the concerns and challenges of online data collection and use of existing online data to conduct crime and deviance research in the region. It will also discuss whether existing basic ethics principles of research developed in the west are directly applicable in this region.
Article
Data from mobile phones are regularly used in the investigation of crime and court proceedings. Previously published research has primarily addressed technical issues or provided operational manuals for using forensic science evidence, rather than analysing human factors and the implementation of forensic tools in investigation settings. Moreover, previous research has focused almost entirely on western countries, and there is a dearth of research into the uses of forensic evidence in China. In this study, a review was carried out of court sentencing documents referring to mobile phone evidence in China over the period 2013-2018. Automated content analysis was used to identify the specific evidence types utilised and the sentencing outcome for each case. Results show that mobile phone evidence was used in 3.3% of criminal proceedings. Among various data types mentioned in criminal proceedings, call records sustained as the most frequently used type of data. After which, instant messaging tools (e.g. WeChat) are an increasing proportion of all mobile phone evidence, from 1% in 2015 to 25% in 2018. For cases that utilised mobile phone data, the analysis of instant messaging and online transaction tools is routine, with little variation in the use of each application (WeChat, Alipay, QQ) for investigations of different types of crime. However, in the majority of criminal cases, mobile phone data function as subsidiary evidence and posed limited impacts on verdict reached. The current findings indicate that a large amount of mobile phone evidence is transformed into other evidence formats or filtered out directly before court proceedings.
Chapter
This chapter aims to scrutinize cybercrime as one of the security threat types of transnational organized crime (TOC) in East and Southeast Asia region in the era of globalization. This chapter examines the nature of cybercrime and how it has evolved in the Asia-Pacific region in the era of globalization. Following the booming economy in East and Southeast Asia, the internet has been used as a terrain to conduct transnational crimes, and the criminals try to utilize the loopholes between legal and judicial systems among the countries in the region. This chapter examines the threats that have been posted by cybercrime, which is different from the “traditional” organized crime activities. This chapter uses Taiwan (the official name is the Republic of China, R.O.C.) as a case study. Following globalization and technological development, Taiwan’s underworld went into a new stage of development, penetrating political, economic and other aspects in the society. Thus, many organized crime groups vigorously expand their organizations oversees into East and Southeast Asia. As a result, Taiwan exported many masterminds of telecommunication and internet fraud crime and those criminals form organized crime groups in the third countries. The whole region is affected by the telecommunication frauds conducted by transnational criminal groups that are in many cases headed by Taiwanese. This phenomenon has become a security threat to the region that requires cross-border cooperation and joint effort.
Article
Full-text available
The principles that govern a sovereign’s exercise of jurisdiction to prohibit conduct and to sanction those who violate such prohibitions are well-established as to conduct occurring in the real, physical world. These principles evolved over the last several millennia, as law increased in sophistication and life became more complex. Real-world crime is, almost exclusively, a local phenomenon; the perpetrator(s) and victim(s) are all physically present at a specific geographical point when a crime is committed. The principles that govern the exercise of criminal jurisdiction are therefore predicated on the assumption that “crime” is a territorial phenomenon. Cybercrime makes these principles problematic in varying ways and in varying degrees. Unlike real-world crime, it is not physically grounded; cybercrime increasingly tends not to occur in a single sovereign territory. The perpetrator of a cybercrime may physically be in Country A, while his victim is in Country B, or his victims are in Countries B, C, D and so on. The perpetrator may further complicate matters by routing his attack on the victim in Country B through computers in Countries F and G. The result of these and other cybercrime scenarios is that the cybercrime is not committed “in” the territory of a single sovereign state; instead, “pieces” of the cybercrime occur in territory claimed by several different sovereigns.
Article
Full-text available
This article builds upon my previous work (Wall, 2007 & 2008) to map out the conceptual origins of cybercrime in social science fiction and other faction genres to explore the relationship between rhetoric and reality in the production of knowledge about it. The article goes on to illustrate how the reporting of dystopic narratives about life in networked worlds shapes public reactions to technological change. Reactions which heighten the culture of fear about cybercrime, which in turn, shapes public expectations of online risk, the formation of law and the subsequent interpretation of justice. Finally, the article identifies and responds to the various mythologies that are currently circulating about cybercrime, before identifying the various tensions in the production of criminological knowledge about it that contribute to sustaining those mythologies.
Article
Full-text available
While there appears to be a common view that the Internet has had a major impact upon criminality, there is much less consensus as to what that impact has been. Many sources make claims about the prevalence of cybercrimes (networked computer crime) without clarifying what is precisely the issue at hand. Indeed, when so-called cases of cybercrime come to court they often have the familiar ring of the 'traditional' rather than the 'cyber' about them. Fraud, pornography, paedophilia, etc., are already covered by substantive areas of law in most jurisdictions. Even more confusing is the gap between the many hundreds of thousands of estimated incidents and the relatively small number of known prosecutions - which questions the early predictions that cybercrimes, unless checked, could effectively bring criminals into every home. In fact, the confusion has led some authors to question whether or not there are indeed such things as cybercrimes (Brenner, 2001:1). Others, have questioned whether cybercrimes are actually categories of crime in need of new theory or whether they are better understood by existing theories (Jones, 2003:98). These contrasting viewpoints expose a large gap in our understanding and beg a number of questions. Are, for example, our concerns about cybercrime driven solely by the media sensitisation of one or two novel events and effectively fabricated into a crime wave. Or are the dramatic news stories the product of information sources created by the cyber-security industry which has a vested interest in sensationalising cybercrimes. Alternatively, could it simply be the case that the criminal justice processes are woefully inefficient at bringing wrongdoers to justice. There again, are we perhaps looking at an entirely new phenomena through the wrong lens? (N.B. This chapter was originally published in 2005 then revised in 2010 and 2015). Revised version available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=740626
Article
Full-text available
[Abstract] This essay addresses the enforcement of decisions through Internet instruments. Traditionally, a state's enforcement power was bounded by territorial limits. However, for the online environment, the lack of local assets and the assistance of foreign courts no longer constrain state enforcement powers. States can enforce their decisions and policies through Internet instruments. Online mechanisms are available and can be developed for such pursuits. The starting point is a brief justification of Internet enforcement as the obligation of democratic states. Next, the essay describes the movement to re-engineer the Internet infrastructure by public and private actions and argues that the re-engineering facilitates state enforcement of legal and policy decisions. The essay maintains that states will increasingly try to use network intermediaries such as payment systems and Internet service providers as enforcement instruments. Finally and most importantly, the essay focuses on ways that states may harness the power of technological instruments such as worms, filters and packet interceptors to enforce decisions and sanction malfeasance.*****[Résumé] Cet article traite de l’exécution de jugements à l’aide de ressources Internet. Traditionnellement, un État exerçait son pouvoir d’exécution à l’intérieur de ses limites territoriales. En ligne, par contre, l’absence d’éléments d’actif locaux et l’aide des tribunaux étrangers ne constituent plus des limites aux pouvoirs d’exécution d’un État. Les États peuvent exécuter leurs décisions et leurs politiques au moyen de ressources Internet. Des mécanismes sont disponibles en ligne et peuvent être développés à cette fin. L’article justifie brièvement l’exécution par Internet, la présentant comme une obligation des États démocratiques. Il décrit ensuite le mouvement de réforme de l’ingénierie de l’infrastructure Internet par des actions publiques et privées, soutenant que cette réforme facilite l’exécution des décisions juridiques et politiques. L’article allègue que les États chercheront de plus en plus à utiliser les intermédiaires réseau, tels que les systèmes de paiement et les fournisseurs d’Internet, en tant que ressources pour l’exécution de jugements. Enfin, ce qui est plus important encore, l’article scrute comment l’État peut exploiter le potentiel des ressources technologiques, comme les vers, les filtres et les intercepteurs, pour l’exécution de décisions et la sanction de méfaits.
Article
Full-text available
Physicians in the Denver Metropolitan Area were randomly assigned to study groups and exposed to an intervention designed to test current hypotheses concerning the reasons for underreporting of gonorrhea (lack of saliency in the request, patient interference, violation of the physician-patient relationship, insufficient rewards and excessive administrative cost to the reporter). A periodic telephone contact, initiated by the Health Department and requiring only contact between clerical personnel, more than doubled the number of reported cases. The effect was most striking for those who had not previously reported, and for doctors who practiced alone. An estimate of 42 per cent was obtained for the proportion of cases reported, substantially higher than that produced by retrospective surveys based on recall. The impact of undernotification on total morbidity will vary with the preexisting mix of public and private reporting. The telephone reporting system appears to be an inexpensive and effective program tool for determining that impact locally.
Article
The individual social scientist tends to become involved in those many trends of modern society that make the individual a part of a functionally rational bureaucracy, and to sink into his specialized slot in such a way as not to be explicitly concerned with the structure of post-modern society... the role of reason in human affairs tends to become merely a refinement of techniques for administrative and manipulative uses.
Article
Institutions and Organizations: Theory and Research. By W. Richard Scott. Thousand Oaks, Calif.: Sage Publications, 1995. Pp. xvi+178. $39.95 (cloth); $18.95 (paper).
Article
In this article the author examines what he terms an “institutional culture of authority” that has come to characterize postrevolution Chinese industrial enterprises. This institutional culture is shaped by a pattern of organized dependency that is inherent in the economic relationship of employees to enterprises, and also in systems of reward and control that link the opportunities of employees to their behavior and attitudes. This institutional culture is manifested in widespread ritualism in political meetings, low exercise of voice by subordinates, the creation of patron-client networks linking the Party to selected employees, and the everyday cultivation of personal connections for individual gain.
Article
Reports have shown that Taiwan and China are attractive targets for cybercriminals. The special political situation between the two countries has encouraged numerous cyber-attacks across the Taiwan Strait. Establishing an efficient investigation and prosecution system is important to deter criminals from further exacerbating this unsatisfactory situation. This paper discusses issues of cybercrime investigation and prosecution across the Taiwan Strait. Based on interview data collected in 2008 and 2009, in both China and Taiwan, this paper concludes that the current manpower dedicated to cybercrime investigation is insufficient. In addition, there is insufficient incentive to attract investigators to devote their time to cybercrime investigation, and prosecutors and judges' knowledge of cybercrime and information security is lacking. Informal relations, such as Guan-xi and Mo-chi, may help in mutual cooperation between crime investigation agencies. However, these rely heavily on the political situation existing at any one time, and can only be effective when relations between Taiwan and China are not tense.
Article
Comparative research has rapidly grown to become one of the most viable perspectives and methodologies in contemporary criminology, particularly in studies with primary data collected through ethnographic fieldwork. This study examines major issues (e.g., access, informed consent, conceptual and cultural equivalence) confronted by comparative scholars conducting fieldwork in China. Data used in this study involve the authors' own research experience in collecting primary data regarding law and the legal system in several cities in China through methods such as courtroom observations, interviews, and surveys. Systematic documentary analysis serves as a main analytical strategy to enhance interpretive validity.
Article
This article traces the emergence of the new social movement of hacktivism from hacking and questions its potential as a source of technologically-mediated radical political action. It assesses hacktivism in the light of critical theories of technology that question the feasibility of re-engineering technical systems to more humane ends. The predecessor of hacktivism, hacking, is shown to contain certain parasitical elements that provide a barrier to more politically-orientated goals. Examples are provided of how such goals are much more in evidence within hacktivism. Its alternative conceptualization of the human-technology relationship is examined in terms of a purported development from conceptualizations of networks to webs that incorporate new ways of producing online solidarity and oppositional practices to global capital.
Article
Current theories of victimization have generated a sizable body of empirical research, mostly within the last two decades. The two most widely known perspectives, lifestyle-exposure and routine activities theories, have been the object of much current thinking and empirical testing, but their maturation has been hampered by many of the same problems impeding theories of criminality. These include inadequate attention to variation by type of crime, compartmentalized thinking, poor links between theory and data, inadequate measures of key concepts, and failure to specify clearly functional relationships between sets of variables. Many of these problems can be addressed by closer examination of the interrelationships among victims, offenders, and criminal situations. Victimization theories should be incorporated into comprehensive integrated theories of crime.
Article
This paper traces the history of international police cooperation through the development of collaborative initiatives that various police actors have introduced since the mid-nineteenth century to address transnational crime on a multilateral basis. The beginnings of international police cooperation efforts were largely rooted in anti-anarchist policies pursued by European governments in order to protect the status quo. Police collaboration largely halted during the world wars, but the second half of the twentieth century witnessed an explosion of international cooperation mechanisms in policing as most states came to recognise the importance of multilateral action against transnational crime. International policing now encompasses sophisticated, official and far-reaching channels of information exchange and joint policing strategies and operations. Police cooperation has gone through cycles, however: the political motivation that originally encouraged foreign police agencies to share information on alleged perpetrators and their activities in due course took second place to specifically criminal investigations, but in today's security-driven policy environment the political dimension is once again on the rise, as police strategies are aimed at terrorist groups.
Article
The emergence of criminal secret societies in post-Mao China has closely correlated with the criminal subcultures, massive unemployment, impoverishment, economic inequality, relative deprivation, and political corruption that have arisen from the reform process. Although perceived as the roots of organized crime worldwide, these variables have generated crime incentives—mainly among disadvantaged and marginalized social groups—far stronger in China than in most of Western societies. The factors underlying organized crime in China are not simply the by-products of economic liberalization, but rather related to the structural problems caused by flawed reform policies and China's particular political context. These problems account to a large extent for the double nature of many criminal organizations as both anti-social and anti-state forces. The regime's crackdown on organized crime may hamper efforts for greater socio-political pluralism. But in the long run, it may strengthen the rule of law and lead to the improvement of relevant reform policies.
Article
The implementation of responsive regulation in taxation means influencing the community's commitment to pay tax through respectful treatment, through attending to resistance and reforming faulty processes, through fairly directed and fully explained disapproval of non-compliant behavior, through preparedness to administer sanctions, and capacity to follow through to escalate regulatory intervention in the face of continuing non-compliance. Responsive regulation and regulatory formalism are pitted against each other in this issue on responsive regulation and taxation. Normative and explanatory arguments in favor of responsive regulation are explored by data collected in taxation contexts; and institutional obstacles are identified that limit effective implementation.
Article
This paper explains how theories of realspace architecture inform the prevention of computer crime. Despite the prevalence of the metaphor, architects in realspace and cyberspace have not talked to one another. There is a dearth of literature about digital architecture and crime altogether, and the realspace architectural literature on crime prevention is often far too soft for many software engineers. This paper will suggest the broad brushstrokes of potential design solutions to cybercrime, and in the course of so doing, will pose severe criticisms of the White House's recent proposals on cybersecurity. The paper begins by introducing four concepts of realspace crime prevention through architecture. Design should: (1) create opportunities for natural surveillance, meaning its visibility and susceptibility to monitoring by residents, neighbors, and bystanders; (2) instill a sense of territoriality so that residents develop proprietary attitudes and outsiders feel deterred from entering a private space; (3) build communities and avoid social isolation; and (4) protect targets of crime. There are digital analogues to each goal. Natural-surveillance principles suggest new virtues of open-source platforms, such as Linux, and territoriality outlines a strong case for moving away from digital anonymity towards psuedonymity. The goal of building communities will similarly expose some new advantages for the original, and now eroding, end-to-end design of the Internet. An understanding of architecture and target prevention will illuminate why firewalls at end points will more effectively guarantee security than will attempts to bundle security into the architecture of the Net. And, in total, these architectural lessons will help us chart an alternative course to the federal government's tepid approach to computer crime. By leaving the bulk of crime prevention to market forces, the government will encourage private barricades to develop - the equivalent of digital gated communities - with terrible consequences for the Net in general and interconnectivity in particular.
Article
While crime prevention is taken to exemplify governance in the ‘risk society’, it may represent a retarded example of risk-based urban security. Crime prevention was unaffected by risk-based prevention characteristic of much nineteenth-century government of this domain. The development of risk-based fire prevention, by contrast, was substantially in place at the turn of the twentieth century, promoted by the convergence of insurance and other interests in securing property. Rather than seeing crime prevention as exemplifying the move toward the ‘risk society’ thesis, it may be better understood as a case in which neo-liberal governance and insurance technologies transformed a domain of governance that had been unusually resistant to risk-based approaches.
Article
The Chinese Communist Revolution of 1949 introduced a major historical disjunction in Chinese society, in its political-economic structure, in its social organization and institutions, in cultural and discursive practices, and therefore in the way that power operates through them. This article will explore some of the ways in which the reordering of power relations, operating through the state apparatus in the new society (in urban contexts), exhibits some key features of modernity, while at the same time it also represents an extension of power mechanisms already present in the Chinese cultural repertoire. The Chinese socialist state did not arise ex nihilo, nor merely with the introduction of Western, Japanese, and Russian Marxism. Chinese civilization has had a long tradition of the centralized state, going back at least as far as the establishment of its first unified empire in 221 B.C. out of the breakdown of Zhou dynasty feudalism. Yet never before, even in the history of a society that was one of the original models for the "Asiatic mode of production," did the state assume so much responsibility for administering not only economic production and distribution, but also social reproduction and the government of everyday life, as with the discourse and practice of state socialism. How is this new, or renewed, state power exercised in society? Several forms of power have been proposed for socialism: exploitation, despotism, totalitarianism. Arguments that socialism is a form of state capitalism imply that there is a continuation of capitalist exploitation by a new ruling class of bureaucrats who extract surplus labor. That exploitation is the dominant mode of power in state socialist societies has been easily demolished by critics who point out that societies where there is an absence of private property, a radical reduction of market mechanisms, "a dissolution of the institutional separation between economy and state," and an underemphasis on economic rationality can hardly be described as capitalist (Feher, Heller, and Markus 1983:22-37). In the case of China, countless ideological campaigns and political study sessions for laborers and cadres alike, and policies of permanent and overemployment of labor in industry certainly did not contribute to productive efficiency and profit maximization so highly valued by capitalist rationality. Despotism (Oriental, bureaucratic) has also been featured as the hallmark of power in socialism. This is the thesis that socialism amounts to an "Asiatic res
Article
This essay explores the use of positive reinforcement as a regulatory strategy. It discusses both financial and symbolic incentives and their application in furtherance of regulatory compliance, and presents various illustrative examples of the use of positive incentives by regulatory authorities. It then reviews the advantages and potential shortcomings of regulatory incentives, and suggests principles by which incentive instruments can be used as part of an overall regulatory regime.
Article
Rewards are less useful in regulation than they are in markets. Firms respond to market incentives because most markets are contestable. In markets that are not oligopolies it makes more sense to adopt a competitor mentality than a fixer mentality. Regulatory power in contrast is mostly not contestable. Firms are therefore more likely to adopt a fixer or game-playing mentality. Reactance to regulatory control through rewards is likely to be greater than reactance to market discipline. If a responsive regulatory pyramid is a good strategy for optimizing compliance, then punishment is more useful in regulation than reward. Reward at the middle of a regulatory pyramid brings about a moral hazard problem. Under certain limited conditions reward can be useful at the base of a regulatory pyramid. These conditions are transparent, easy measurement of the performance to be rewarded, an imbalance of power such that the regulatee is weak in comparison to the regulator, and an absence of weapons of the weak for subverting a regulatory system to which the weak are subject. Absent these conditions, and we cannot expect the undoubted efficiency advantages of a market where regulatory outcomes can be traded so that they are secured where the cost of doing so is least. While, in general, punishments are more useful to regulators than monetary rewards, informal rewards (praise, letters of recognition) are rather consistently useful in securing compliance.
Article
The Vermont Department of Health reviewed 2,035 reports of selected notifiable diseases received from January 1, 1986, through December 31, 1987. Laboratories provided 1,160, or 71 percent, of the initial reports on 1,636 confirmed cases. This demonstrates that laboratories, when required by law and when part of active surveillance, can make a significant contribution to surveillance of infectious disease. A survey of primary care physicians indicated that 18 percent always reported notifiable diseases. The most frequently mentioned reason for lack of reporting was an assumption that the laboratory would report the cases.
Article
Strong notifiable disease surveillance systems are essential for disease control. We sought to determine if a brief informational session between clinic and health department employees followed by reminder faxes and a newsletter would improve reporting rates and timeliness in a notifiable disease surveillance system. Ambulatory clinics were randomized to an intervention group which received the informational session, a faxed reporting reminder and newsletter, or to a control group. Among intervention and control clinics, there were improvements in the number of cases reported and the timeliness of reporting. However, there were no statistically significant changes in either group. Despite improved communication between the health department and clinics, this intervention did not significantly improve the level or the timeliness of reporting. Other types of interventions should be considered to improve reporting such as simplifying the reporting process.