This chapter will explore the deviant behaviour that is becoming known as ‘cybercrime’. The term cybercrime is mainly used here as a heuristic device and signifies the point(s) at which conventional understandings of crime are challenged. It is distinguished from ‘high-tech’ crimes, which relate to the theft of computer parts (Grundy and Wood, 1996), but is not so easily distinguished from computer crimes, of which hacking (pre-Internet, see later) was one. The first part of this chapter will consider the social impact of cyberspace, which is the site where cybercrimes can take place. The second part will outline the contours of cybercrimes by focusing upon four particular areas of undesirable behaviour which are causing concern: cyber-trespass, cyber-theft, cyber-obscenity and cyber-violence. The third part will look at who the victims of cybercrimes are and the fourth part will consider the issues which relate to the governance of this behaviour.

Developed from a United States Department of Defence initiative to create a communications system that would survive a thermonuclear attack, the Internet has developed far beyond its original military and academic goals. During the past decade the Internet has developed into an exciting new public domain, which, by virtue of its ability to bypass geo-political, economic and social boundaries, is potentially free of conventional politics, social order and regulation. It has created a quantum leap in communications that is surpassing the introduction of the telephone, radio and television. What is significantly different this time is that the communications are two-way and can reach a potentially infinite number of people across a wide range of jurisdictions almost without restriction. So, the Internet, and particularly the cyberspace it creates, is not just a case of ‘old wine in new bottles’, or even ‘new wine in new bottles’; for the most part it is more an example of ‘new wine in no bottles’!⁴ Thus, cyberspace is reformulating the debate over modernity ‘in ways that are not so mediated by literary and epistemological considerations, as was the case during the 1980s’ (Escobar, 1996: 113).

One of the most obvious impacts of the colonisation of cyberspace has been the way that it has accelerated some of the qualities that have come to characterise high modernity, particularly the ‘discontinuities’ highlighted by Giddens (1990: 6) which separate modern and traditional social orders. According to Giddens, the social orders which bind time and space have become disembedded and distanciated; ‘lifted out of local contexts of interaction and restructured across indefinite spans of time-space’ (Giddens, 1990: 14; Bottoms and Wiles, 1996). The social impact of cyberspace upon the individual is only starting to be recognised. For the first time in history, individuals are free to develop social relations that are commensurate with their own interests or lifestyles and are potentially more meaningful than they could otherwise be. Individuals can now work in three dimensions instead of two, meaning that it is possible, for example, to do office work without office politics, and to work where abilities can be maximised, rather than where they are physically situated. However, whilst this form of social relationship has the advantage of avoiding the pitfalls of destructive gemeinschaft, it does, nevertheless, have a dark side in that it encourages the social deskilling⁵ of the individual. A major concern is that over time, our terrestrial social life will tend to become both specialised and compartmentalised. As access to the Internet becomes more widely available through falling prices and public access policies, major divisions in society will come to be based upon access to information as much as upon socio-economic grounds. Those who do not engage with the technology will become excluded and the knowledge gap, or information exclusion, will put a new spin on our understanding of social exclusion.

In addition to engendering social and behavioural change, cyberspace has reconfigured many socially understood meanings which help to shape our behaviour. Unlike the terrestrial world, cyberspace is a virtual environment in which economic value is attached to ideas rather than physical property (Barlow, 1994). Consequently, as the numbers of intellectual property laws increase to establish ownership over these ideas, they are not only becoming commodified, but the process is, in effect, creating a new political economy of information capital (see Boyle, 1996). Because of this characteristic, these ideas or properties, and their value, are constantly faced with the threat of being appropriated, damaged or distorted.

So, perhaps the most important change from the point of view of this discussion is that cyberspace has now become an important quasi-industrial environment for capitalist production and it is also the site where intellectual, as opposed to physical, products are manufactured, traded, purchased and consumed. We have now an emphasis upon intellectual properties in the form of images and likenesses, copyrightable, trademarkable and patentable materials. These intellectual properties have immense value, due to the fact that the costs of reproduction are minimal. But these qualities also make them more vulnerable to appropriation.⁶ As the nature of more familiar forms of property is changing, then so are the legitimate means by which goods are obtained. Money is rapidly becoming an electronic medium, cybercash can now be withdrawn from the many cyber-banks that are springing up, to be spent in any one of a number of cyber-shopping malls. In these ways, and others, cyberspace lays bare our conventional understanding of ownership and control. It also blurs the traditional boundaries between criminal and civil activities and also public and private law. Perhaps more importantly, it challenges many of the principles upon which our conventional understandings of crime and policing are based. Consequently, a number of important questions emerge as to what exactly are cybercrimes and to what extent do they differ from other activities that we currently recognise as crime?

In contrast, cybercrimes differ from our understanding of traditional criminal activity in a number of distinctive ways. First, they do not respect time, space or place in that they have no easily definable boundaries, can span jurisdictions and they are instantaneous (Johnson and Post, 1996; Betts and Anthes, 1995: 16). Second, they are contentious in so far as there does not yet exist a core set of values about them which informs general opinion. At one level the culture of law enforcement is still informed by terrestrial conceptions of law; at another level few test cases have yet to go through the criminal courts to change legal cultures (Wall, 1997).⁷ Third, they require considerable technical knowledge to be enacted, knowledge which is typically gained from further or higher education: although this is rapidly changing. Fourth, as the following arguments will demonstrate, there is no one set of consensual or core values about what does or what does not constitute a cybercrime. Furthermore, there is often some confusion as to whether what are regarded by some as cybercrimes, are in fact criminal activities (see later discussion). Finally, discussion of cybercrimes tends to be largely offence-, and to a lesser extent victim-based. Any discussion of the offenders tends to be in individual terms.

In short, cybercrimes possess qualities which turn many existing conceptions of traditional crime on their head; however, it will be demonstrated later that these descriptions of criminal activity serve to outline the respective polar positions. In practice, most of the (cyber) criminal activities discussed later in this chapter fall somewhere between the two. Some types of cybercrime resemble traditional crimes more than others, others resemble white-collar crimes whilst the remainder represent completely new forms of deviant behaviour.

There have been a number of attempts to classify cybercrimes. Some (Young, 1995: 1; Wasik, 1991) have focused upon the offender and have typologised them. Others have concentrated upon specific behaviours: the cybercrimes themselves (Schlozberg, 1983; Duff and Gardiner, 1996: 213). The main problem with these classifications is that they tend to have been established before the full commercial exploitation of the Internet and some even before the sophisticated development of the graphics user-interface, which has facilitated the commercialisation of the Internet. In the USA the FBI’s National Computer Crime Squad identified a number of crime categories which it currently investigates.⁸ They are: intrusions of the Public Switched Network (the telephone company); major computer network intrusions; network integrity violations; privacy violations; industrial espionage; pirated computer software; and other crimes where the computer is a major factor in committing the criminal offence. Although the National Computer Crime Squad’s charter limits its investigations to violations of the Federal Computer Fraud and Abuse Act (1986)⁹ the coverage, according to Fraser (1996), is still rather broad and imprecise, referring to location rather than activities.

One of the more useful attempts to understand cybercrimes was undertaken by the United Nations, which concluded in its Manual on the Prevention and Control of Computer-Related Crime (United Nations, 1995) that whilst there is a consensus amongst experts that cybercrime exists because ‘the computer has also created a host of potentially new misuses or abuses that may, or should, be criminal as well’ (United Nations, 1995: para 22), it nevertheless accepts that authors cannot agree as to what cybercrime actually is, arguing that definitions have tended to be functional, relating to the study for which they were written (United Nations, 1995: para 21).¹⁰ The United Nations were not alone in reaching this conclusion as the Council of Europe’s Committee on Crime Problems also avoided a formal definition of cybercrime, choosing instead to discuss the functional characteristics of specific activities. The committee wisely left individual countries to adapt the functional classification to their particular legal systems and historical traditions (United Nations, 1995: para 23). The United Nations manual did, however, discuss the role of criminal law, arguing that since it recognises the concepts of unlawful or fraudulent intent and also of claim of right, then any criminal laws relating to cybercrime would need to distinguish between accidental misuse of a computer system, negligent misuse of a computer system and intended, unauthorised access to or misuse of a computer system, amounting to computer abuse. It also argued that annoying behaviour must be distinguished from criminal behaviour in law (United Nations, 1995: para 24): points that were reflected in the European Commission Select Committee’s recent Green Paper on the protection of minors (1996) (see later).

Beyond the problem of the specifics of definition, is the added difficulty of locating cybercrimes within an appropriate body of literature. Attempts to liken cybercrimes to white-collar crimes...