Taking a bite out of crime in cyberspace

If you want to provide enterprise IT users with a good role model, point them to the criminals. Not only is it assumed they lack the resistance to change that often hampers the introduction of new technology in the workplace, criminals are given credit for using hardware, software and networks to their fullest potential without a hint of productivity problems. Why can’t the same be said for those of us whose responsibility it is to bring criminals to justice?Some recent comments from Minister of Justice Irwin Cotler suggest that the problem lies with an inability to access technology in the same way that criminals can. Speaking to an association of police chiefs meeting in Ottawa, Cotler pledged to bring forth a controversial bill that would grant law enforcement officials sweeping powers to conduct surveillance of Internet activities, cellphone conversations and other forms of electronic communications. This bill, called Lawful Access, has been under discussion for almost two years, and if Cotler’s comments were any indication, the rhetoric to support it appears to be entering its final drafts.
“Criminals and terrorists are making use of the most sophisticated technology,” Cotler said, according to newspaper reports. “They have become experts, frankly, in transborder communications and transportation technology . . . I hope we will come up with a memorandum to cabinet that can protect human security in the sense that we will put law enforcement people on the same level playing field as criminals and terrorists in the matter of using technology and accessing that technology.”
I think we need to examine this statement closely. When we call someone an expert, we are talking about a person who has mastered a skill set. There would be no need for experts if we had all achieved the same degree of competence. No doubt there are IT experts among criminals, but by what metric do we evaluate them? That they understand how to hack into a bank’s database, or that they merely have the wherewithal to compose and send an e-mail message? Are many of them experts, or are they merely experimenting with technologies and occasionally finding vulnerabilities the rest of us have missed? Discussing criminals en masse blurs these details to the point where you can say almost anything about their technical capabilities.
Even if we accept that criminals are computer experts, the real question is, why can’t we say the same thing about law enforcement officials? It’s not like they don’t have the tools. Over the past few years, police at the municipal level in particular have been given an array of sophisticated case management systems that they will supposedly use to better correlate the reams of data that turn into clues pertaining to a given investigation. Some of these tools have been available to RCMP and CSIS for years. In story after story that we have written about these deployments, however, we have come across sources that described an ambivalence, if not outright refusal, among police officers to use anything other than a notepad to collect information. The government will be weighing the merits of going ahead with Lawful Access before many police agencies have proven they can make use of the access to technology they already have.
We should pay especially close attention to Cotler’s reference to a “level playing field,” because this is a phrase that’s bound to come up once Lawful Access passes through the legislature. This bill is not being designed to put police on an equal footing with criminals, but to keep them several steps ahead. Anything else would be pointless.