A Paradigm Shift in Policing From Law Enforcement

  • Slides: 9
Download presentation
A Paradigm Shift in Policing – From Law Enforcement to Cyber. Policing Nimrod Kozlovski

A Paradigm Shift in Policing – From Law Enforcement to Cyber. Policing Nimrod Kozlovski PORTIA Project CS, Yale University April 2005

Examples of crimes and reactions n n Credit card fraud Child pornography Copyright piracy

Examples of crimes and reactions n n Credit card fraud Child pornography Copyright piracy DDos (offline analogy? )

The Law Enforcement Model n n Deterring from committing a crime Reacting to a

The Law Enforcement Model n n Deterring from committing a crime Reacting to a committed crime n n n Investigation Prosecution and punishment Public police force

Do we follow the Law Enforcement Model online? n n Credit card fraud (predictive

Do we follow the Law Enforcement Model online? n n Credit card fraud (predictive patterns, anomaly detection, profiling) Child pornography (sting operation) Copyright piracy (DRM, fingerprinting – crime prevention through design) DDos (IDS/IPS, Honeypot)

Why the Law Enforcement Model is not being followed online? n n n Invalid

Why the Law Enforcement Model is not being followed online? n n n Invalid assumptions (in the online world) n Deterrence (Gain<Punishment*enforcement probability) n Expected gain – cost of crime, expected gain n Punishment expectancy (playing the jurisdiction) n Enforcement probability n Ability to investigate and prosecute n Magnitude of crime Social preference for a preventive system n Cost n Privacy implications n Prevention of lawful activity Private entities’ choice

Policing Strategy n n n n Law Enforcement Reactive Evidence based investigation Law as

Policing Strategy n n n n Law Enforcement Reactive Evidence based investigation Law as primary regulator Discretionary enforcement Deferred judicial sanction Passive victim Criminal focused n n n n Cyberpolicing Proactive tactics Intelligence focused Regulation through Code Automated, non discretionary Present non-judicial sanctions Active victim Intermediaries focused

Organizational Structure Law enforcement n n n Public officials Central command Territorial Limits on

Organizational Structure Law enforcement n n n Public officials Central command Territorial Limits on delegation of policing power Limitations on individual’s use of force Cyberpolicing n n n Multiplex organizational structures Decentralized Non territorial, internationalized Delegation of policing functions Empowerment of the individual (self help)

Should we care? n The failure of the current legal system to control cyberpolicing

Should we care? n The failure of the current legal system to control cyberpolicing n n n Unaccountable policing n n Public officials focused Reactive model focused Setting the rules Policing policies Actual enforcement Designing for accountability n Technological, legal, institutional mechanisms