2. Cyber-crime as it impacts on individuals
This review now turns to consider the evidence relating to cyber-crime as it impacts on individuals. Following some contextual information, the evidence is presented and discussed in relation to the six recorded crime groupings.
Main sources of evidence
Before considering the evidence on the nature and scale of cyber-crime in Scotland, it is important to briefly note the main evidence sources employed in this review, including technical details and known limitations. Such details should be borne in mind when considering the evidence from these sources.
|Scottish Crime and Justice Survey ( SCJS)||
|Crime Survey for England and Wales ( CSEW) – previously the British Crime Survey||
|Police Recorded Crime in Scotland||
|Police Recorded Crime in Scotland, 'Other sexual crimes' research||
|Her Majesty's Inspectorate of Constabulary ( HMICS) Crime Audit||
|Police Recorded Crime in England and Wales||
|Scottish Household Survey ( SHS)||
|Scottish Public Opinion Monitor 2016||
|Cyber Security Tracker 2017||
|Scottish Schools Adolescent Lifestyle and Substance Use Survey ( SALSUS)||
Whilst the growth of the internet and cyber technologies has created many positive opportunities, these are accompanied by inherent risks and the potential to be exploited by criminals. This section sets the review's findings in context by exploring the levels and trends in internet use across Scotland.
The vast majority of adults (84%) reported using the internet for personal or work use in 2016  . The figure has remained steady of late but has markedly increased since the 2007 baseline of 63%. There is a clear relationship between internet use and age, with the percentage of adults using the internet increasing as age decreases. Generally speaking internet use increases as household income rises.
Almost all adults (97%) who use the internet for personal use do so at home. However the ways in which people access the internet for personal use are becoming increasingly diverse. Access on the move via a mobile phone or tablet rose by six percentage points over the year to 51%  in 2016, with higher earning households being more likely.
There are indications that the public are aware of the potential risks of using the internet, with the majority taking precautions to protect themselves. In 2016 68% of adult internet users in Scotland said they don't open emails or attachments from unknown senders, 67% avoid giving personal information online and 64% use different passwords for different accounts. However some security measures are more commonly used than others.
Only 7% of internet users adopt none of the security measures asked about. Use of security measures varies by age and area deprivation, with older users and those living in the 20% most deprived areas less likely to employ such measures. The public's online behaviour and preventative action plays a crucial role in minimising the risks of negative online encounters.
Group 1 – Non-sexual crimes of violence
Summary of findings
- The available evidence suggests that cyber technology appears to be having no significant influence on the scale or nature of non-sexual crimes of violence.
- There is insufficient evidence to assess the role of cyber technologies in cases of threats and extortion in Scotland.
Non-sexual crimes of violence are typically contact related incidents, so by definition we might expect to find that technology does not play a particularly prominent role. Where technology may play a part is in the stages which lead up to the occurrence of violent incidents e.g. used by offenders to make contact with victims.
Scottish police recorded crime data shows non-sexual crimes of violence accounted for 3% of all crimes recorded in Scotland in 2016-17. Between 2002/03 and 2014/15 levels decreased, before rising in 2015-16 and 2016/17. The most recent increase marked a 6% change from 6,737 crimes in 2015/16 to 7,164 in 2016/17. In spite of this increase, the recording of these crimes fell by 44% between 2007/08 and 2016/17. It is not currently possible to identify cyber incidents, however the below evidence from England and Wales would suggest that that the number is likely to be low.
The Scottish Crime and Justice Survey ( SCJS) does include data on where incidents of valid  violent crime occurred. Yet given the general nature of violent crime, it is perhaps unsurprising that in recent sweeps no incidents have been noted as occurring 'online/via the internet.' Part of this could be attributable to the sort of violence captured by the SCJS, which tends to be more physical in nature, for instance threats are not counted as crimes. In addition any incidents would have to occur solely online to illicit this response, meaning incidents where the internet was involved but the crime itself occurred elsewhere would not be included.
A similar finding is also apparent in the Crime Survey for England and Wales ( CSEW). The latest findings (year ending September 2016) from their 'cyber flag' approach (allows for the coding of 'traditional crimes' that are cyber-related ), found that 0.2% of violent incidents were identified as a cyber-crime  .
Since April 2015 it is mandatory for police forces in England and Wales to return information on the number of crimes flagged as being committed online (full or in part). The latest experimental statistics reveal that for the year ending September 2017, only 0.2% of all 'other violence against the person' offences  were noted as having an 'online-element' (full or in part)  . This is unchanged from the previous year.
Overall, the limited available Scottish data and the emerging data from elsewhere would suggest that violent crime continues to have no obvious or significant online element.
Future evidence on violent crime
Looking to future evidence, a 'cyber flag' question is being added to the victim form section of the SCJS questionnaire from April 2018. Amongst other crimes, this will provide data on the proportion of violent crimes (includes serious assault, minor assault and robbery) that have a cyber-element, and as trend data is gathered, allow us to analyse how this is changing over time.
Police Scotland introduced a cyber-marker to their crime recording systems in April 2016. Police Scotland are currently considering how to enhance how crimes with a cyber-element are marked.
Threats and Extortion
In this group we also find threats and extortion  . There is very little known evidence in relation to extortion as a whole (obtaining money or any other advantage by threats). Police recorded crime statistics for Scotland show there was 425 cases of threats and extortion (as a whole) in 2016/17. This is a 25% increase from 2015-16  but the numbers remain small. Whilst some individuals may experience cyber-related extortion, it is likely that the experiences and incidents captured by existing data sources are often reported in relation to other crimes (for instance computer misuse or sexual crime).
The Abusive Behaviour and Sexual Harm (Scotland) Act 2016 introduced new offences covering the threat to disclose or disclosure of an intimate image with the offences coming into force in July 2017, with the majority of crimes relating to the new legislation likely to have a cyber element. Previously, if there is an element of gain of a sexual nature, on the part of the perpetrator from threatening to disclose the image, a crime of attempted extortion/extortion may be recorded. This would now be recorded as a sexual crime of 'threatening to disclose an intimate image'. Furthermore, some disclosure of intimate material previously recorded as a Communications Act 2003 offence (Group 6 - Miscellaneous Offences) would be recorded as a sexual crime of 'disclosure of an intimate image'. It is likely that the introduction of this legislation will lead to the transfer of some existing activity into Group 2 - Sexual Crime (most likely from Group 1 - Non-sexual violent crime and Group 6 - Miscellaneous Offences) as well as some additional activity newly recorded within Group 2. It should also be noted that any sexual activity a person is coerced into as a result of being threatened with the disclosure of an intimate image would still be recorded as a further sexual crime.
Group 2 – Sexual crimes
Summary of findings
- Cyber technology has had an impact on both the scale and nature of sexual crime in Scotland.
- Estimated that the internet was used as a means to commit at least 20% of all sexual crimes recorded by the police in 2016/17.
- Online sexual crimes tend to be concentrated around non-contact offending but the internet may be a precursor in contact sexual crimes e.g. rape, sexual assault.
- The number and proportion of police recorded 'other sexual crimes' in Scotland which were cyber enabled (the internet used as a means to commit the crime) has increased. In 2016/17 51% of 'other sexual crimes' were cyber-enabled, up from 38% in 2013/14.
- Cyber enabled 'other sexual crimes' have contributed to the growth in all police recorded sexual crimes in Scotland between 2013/14 and 2016/17.
- When the specific 'other sexual crimes' of 'communicating
indecently' and 'cause to view sexual activity or images' are
- Victims and offenders tend to be younger, with the majority of victims aged under 16.
- Victims and offenders are more likely to know of one another.
Published literature and media reports often suggest one of the main areas where the development of computer technology has created new opportunities for criminal activity is sexual offending. However, sexual crime is a wide-ranging category incorporating both 'contact' ( e.g. sexual assault) and 'non-contact' ( e.g. possession of indecent images) offending, meaning that the role technology could potentially play is complex  .
SCJS findings suggest the level of sexual crime experienced in Scotland has remained fairly constant over recent years. There were no statistically significant differences in the prevalence of adults experiencing serious sexual assault ( e.g. rape) or 'less serious' sexual offences ( e.g. indecent exposure) between 2008/09 and 2014/15  .
The latest police recorded crime figures show sexual crime increased by 65% between 2007/08 and 2016/17, and 5% between 2015/16 and 2016/17  .The biggest increase by far in sexual crimes recorded by the police in Scotland has been in 'other sexual crimes'  , which have increased by 146% since 2010/11. Almost 63% of the total growth in recorded sexual crime over this time can be attributed to 'other sexual crimes'  . The contrasting findings of the two sources suggest that the growth in recorded sexual crime may be in part due to a greater willingness of victims to report incidents to the police and the role of targeted police operations.
Online sexual crimes
An audit of crime recording standards by HM Inspectorate of Constabulary in Scotland ( HMICS)  in 2016 found just over 10% of the sample of sexual incidents scrutinised (1,117) involved an online element. Children were reportedly the victims in a substantial proportion of these cases, with many involving young children (aged under 13). The audit also found the majority of the cyber-enabled sexual incidents they examined involved social media channels such as Facebook, Twitter, Instagram and Oovoo, as well as online dating sites. Resulting crimes varied including but not limited to rape, communicating indecently and possession of child and extreme pornography.
Whilst the SCJS is the most reliable source of evidence on the prevalence of sexual victimisation in Scotland, the survey has not collected data which enables an assessment of whether sexual crimes involved an online element  . In addition, the Police Scotland cyber marker is still being embedded and developed.
In the absence of further Scotland data, we turn to England and Wales. Experimental police recorded crime data for the year ending September 2017  shows 0.7% of sexual offences  (excl. child sexual offences) and 13% of child sexual offences were flagged as an online, both unchanged from the previous year.
Setting these figures in context, England and Wales recorded crime figures show a larger increase in total sexual offences than in Scotland: 19% increase over the year ending June 2017  , whilst the 2016-17 annual increase in Scotland amounted to 5%. Looking at longer term trends, the percentage change in England and Wales is also markedly higher than in Scotland. However differences do exist between the two jurisdictions in how they measure and record crime, so caution should be taken when comparing these sources  . Therefore whilst this is a useful evidence source, it might be assumed that trends in online sexual offences in England and Wales are not necessarily directly applicable to Scotland. It should also be noted that there are large variations in the use of the cyber flag between police forces and anecdotal evidence suggests the flag is being underused.
Online 'other sexual crimes'
As mentioned, the biggest increase in sexual crimes recorded by the police in Scotland has been in 'other sexual crimes'. Many of the crimes in this category do not include any direct physical contact between the victim and the perpetrator(s). As such, it is reasonable to consider that many have the potential to be cyber-enabled (internet used as means to commit the crime).
Scottish Government research involving a sample of police records found a significant increase in the proportion of 'other sexual crimes' that were cyber-enabled  from 38% in 2013-14 to 51% in 2016-17  . This allowed the research to estimate that the internet was used as a means to commit at least 20% of all sexual crimes recorded by the police in 2016/17.
The rate of 'other sexual crimes' that were cyber-enabled varied according to the specific crime. The three crimes with highest rate of cyber-enabled acts were indecent photos of children (98% cyber in 2016/17), cause to view sexual activity or images (71%) and communicating indecently (58%).
The research estimated that the number of cyber-enabled 'other sexual crimes' doubled between 2013-14 and 2016-17 to 2,224. Comparing this to the estimated growth in 'other sexual crimes' and all sexual crimes, suggests that approx. 77% of the increase in 'other sexual crimes' and 51% of the growth in all sexual crimes during this time is due to growth in cyber-enabled 'other sexual crimes'. Overall therefore, it seems that a sizeable (and increasing) proportion of sexual crimes recorded by the police may have a cyber-element.
Crucially however, there are no (or substantially less) directly comparable figures on 'other sexual crimes' from the SCJS, due to the emphasis within the survey on contact offending. Consequently there is no way of assessing whether the recent increases in such crimes recorded by the police and the percentage that are cyber-enabled is a genuine change or the result of a greater willingness to report and targeted police operations.
Victims and perpetrators of online 'other sexual crimes'
The Scottish Government research explored two 'other sexual crimes' in more detail 'communicating indecently' and 'cause to view sexual activity or images', in order to see if there were any differences between cases which were and were not cyber-enabled. In 2016/17 these two crimes accounted for:
- Around 60% of cyber-enabled 'other sexual crimes';
- more than half of all 'other sexual crimes'; and
- a fifth of all recorded sexual crimes in Scotland.
Analysis found that where identifiable, there was no statistically significant difference in the gender of victims and perpetrators according to whether or not the crime was cyber-enabled. In 2016/17 for both cyber-enabled and non cyber-crimes of this type, more than 80% of victims were female and around 95% of perpetrators were male. Whilst this suggests cyber technology is not influencing the gender profiles of either victims or perpetrators, it is interesting to note that the proportion of male victims of cyber-enabled crimes of 'communicating indecently' and 'cause to view sexual activity or images' did significantly increase, from 8% in 2013/14 to 16% in 2016/17.
Online child sexual offences
Continuing with the 'other sexual crime' research, analysis of occurrences of 'communicating indecently' and 'cause to view sexual activity or images' revealed victims and perpetrators tended to be much younger where these crimes were cyber-enabled. This is detailed in Table 2.1.
Table 2.1: Victims and perpetrators 2016/17- 'Communicating indecently' and 'Cause to view sexual activity or images' (where identifiable, based on cases sampled) 
|Cyber status||Median age||% under 16 yrs.||% under 20 yrs.|
Source: Source: Recorded Crime in Scotland, 2016-17 and 'Other sexual crimes' research
Adding another dimension, the research found there to be a higher proportion of cyber-enabled incidents involving both a victim and a perpetrator aged under 16. In 2016/17 24% of cyber-enabled crimes of 'communicating indecently' and 'cause to view sexual activity or images' fell into this bracket, compared to 8% of non-cyber-enabled crimes.
The relationship between victims and perpetrators also varied depending on whether or not these crimes were cyber-enabled. Victims and perpetrators were more likely to be acquaintances  when these crimes were cyber-enabled (47% in 2016/17) than where they were not (26%).
Perhaps linked to the age profile of cyber-enabled victims and perpetrators, the research found that a mobile phone was the most commonly used device in cases of cyber-enabled 'communicating indecently' and 'cause to view sexual activity or images'. In over 90% of cases, websites or apps were mentioned in 2013/14 and 2016/17. The latter saw a greater variety of apps and websites used, including Snapchat and Instagram but Facebook was still the most commonly mentioned app.
The role played by social media was also reflected in the HMICS 2016 audit, where it was found much sexual harm to children was committed via apps on smartphones and tablets  . The audit raised concerns that some of the most popular social media networks used by children are recurring vehicles for sexual crime and that (in many of the cases examined) sexual harm to children was committed via apps on smartphones and tablets which did not have parental controls in place or had been overcome.
Taking the evidence together suggests there is a relationship between recorded 'other sexual crimes' affecting children and cyber technology. This relationship is likely to be complex and influenced by a number of factors, some of which have been touched on including reporting behaviours and the behaviours of perpetrators. But amongst others, targeted police operations  and the reporting behaviours of adult victims are also likely to play their part. However, clearly this only captures certain types of sexual offending and perhaps most importantly, only relates to crimes which come to the attention of the police.
Reporting of online sexual crimes
The Scottish Government research found that the most common way the police became aware of the 'other sexual crimes' sampled was by the victim reporting it (39% in 2016/17). However this varied depending on the crime. Looking more specifically at 'indecent photos of children', (where 98% were cyber-enabled), the vast majority (81%) were discovered through police investigation/intelligence (this includes cyber and non-cyber occurrences). Given the nature of this crime, this is perhaps to be expected.
Analysis revealed in 2016/17 cyber-enabled crimes of 'communicating indecently' and 'cause to view sexual activity or images', were less likely to be reported by victims themselves: 34% compared to 65% of crimes that weren't cyber-enabled. Yet, a higher proportion of cyber-enabled crimes were reported by a relative or guardian (38% vs. 11%) and by a responsible person  (11% vs. 5%). This likely reflects the age profile of victims where these crimes were cyber-enabled (74% aged under 16), as was discussed above.
Furthermore, the analysis could also point towards the reporting behaviour of adult victims i.e. some adults may view such behaviour as more of a nuisance rather than a crime warranting of being reported. Whilst there is no evidence to substantiate this line of thought, if found to be true this would suggest that these incidents are occurring more widely in society than the recorded crime figures show.
Future evidence on sexual crime
Since 2016/17 the SCJS has been capturing experiences of 'revenge porn', one of the areas of sexual offending which is regularly considered as being associated with the growth of cyber technology. Data will also be available on the emotional response of victims to help us understand the impact of such experiences. This will be available from Spring 2018.
The Growing Up in Scotland longitudinal survey is due to collect information on online experiences of children in their first year of secondary school and parental mediation later in 2017 which will offer a more up-to-date source of evidence on these matters which also will be robust and representative of experiences in Scotland.
Police Scotland introduced a cyber-marker to their crime recording systems in April 2016. Police Scotland are currently considering how to enhance how crimes with a cyber-element are marked. Likewise, work is on-going within police forces in England and Wales to improve the identification of online offences.
ONS are in the process of developing a cyber-crime module for the CSEW 10-15 year old questionnaire. These questions might include elements of sexual crimes. This data will not be available for some time as the questions have yet to be incorporated into the survey.
Group 3 – Crimes of dishonesty
Summary of findings
- Evidence suggests that fraud is one of the most numerous crime types, but this is not entirely driven by the internet.
- SCJS indicative data shows 5% of adults reported that they were victims of bank and credit account fraud in 2014/15, and this has increased in recent years. However the data is subject to caveats.
- Crime Survey for England and Wales ( CSEW) data shows 3.2 million incidents of fraud were experienced by 5.9% of adults in the year ending Sept. 2017.
- For the year ending Sept. 2017, the CSEW estimates 56% of fraud incidents were cyber (internet or any type of online activity related to any aspect of the offence), amounting to an estimated 1.8 million incidents.
- As yet no victimisation survey has published data looking at the victims, impacts and reporting of fraud which is committed via the internet. This could reflect methodological challenges.
- Incidents of fraud (as whole) are underreported to Action Fraud and the police. This is likely linked to incidents generally being viewed as having no emotional or physical impact or as an inconvenience (rather than anything more harmful), in addition to the relatively high rates of financial reimbursement.
- There is insufficient CSEW time series data in order to establish any trends in the incidence and nature of fraud, including the role of cyber technology.
Fraud (as a whole)
Fraud can take many (sometimes related) forms, all of which centre around a person dishonestly and deliberately deceiving a victim for personal gain ( e.g. using someone else's bank or credit card details to make a purchase). The growth of the internet has offered new means for fraud to be committed and possibly on a larger scale than before. This has led to the common claim that fraud has grown significantly in recent years and may represent the majority of cyber-crime incidents alongside experiences of computer misuse. Before considering fraud occurring online, by way of providing context this review briefly considers the key evidence relating to fraud as whole.
The SCJS has never traditionally measured fraud, but does include questions on people's perceptions and experiences of certain types of fraud (in the form of 'Victim Form Screener' questions). These questions provide indicative findings only because respondents are not asked for full details of the incidents in the way that they are with other traditional SCJS incidents (which enables us to assess whether to code incidents as valid crimes). Furthermore it is not possible to detect whether such incidents occurred online or not.
In relation to bank and credit account fraud, analysis shows the (indicative) victimisation rate has significantly increased in recent years from 3.5% in 2008/09 and 4.1% in 2012/13 to 5% on 2014/15. This finding is similar to the CSEW figures for the year ending September 2017, which estimate 4.3% of adults experienced bank and credit account fraud  and, 5.7% of plastic card owners reported they were victims of card fraud  .
The 2016-17 police recorded crime data shows that fraud  accounts for 7% of all 'crimes of dishonesty' in Scotland  . Despite small fluctuations in the period 2007/08 to 2016/17, cases of fraud decreased by 7%. However looking at the last annual change (2015/16-2016/17) reveals a 6% increase to 7,811 crimes. The level of fraud being brought to the attention of the police in Scotland is clearly much smaller than what we might anticipate based on indicative data from the SCJS and the CSEW findings.
Detailed questions were added to the CSEW in October 2015 to provide greater insight into the extent, nature and impact of fraud. Findings for the year ending September 2017 reveal an estimated 3.2 million incidents  of fraud were experienced by 5.9% of adults  . Bank and credit account fraud was the most numerous, accounting for 2.3 million incidents. Compared to the previous year (ending September 2016) total incidents of fraud fell by 10%, whilst the prevalence rate was similar. Further time series data is needed before any trends can be established in these and the other CSEW fraud findings.
Earlier CSEW experimental data (year ending March 2017) also provides an insight into the nature of fraud incidents including  :
- Fourteen per cent of fraud victims had been victimised more than once (in the same 12 month period).
- Almost three-quarters (73%) of fraud incidents involved an initial loss of money, property or goods  , irrespective of whether a loss was recovered.
- Victims received a full reimbursement in 75% of fraud incidents where a loss was incurred.
- Sixty-eight per cent of fraud incidents involved money being taken/stolen  from the victim (regardless of reimbursement status). In the majority of these incidents (63%), the loss was less than £250.
Another aspect of fraudulent activity concerns the trading of fake goods. Yet there is very limited information available, although in theory the internet offers new avenues for this. However the SCJS has been collecting information on smuggled or fake goods since 2016/17 and this is discussed further in the section on future evidence.
The detailed CSEW questions crucially include a high level cyber 'flag', which allows for the identification of incidents where the internet or any type of online activity was related to the offence. The latest figures (year ending September 2017) reveal 56% of fraud incidents were cyber-crime  , as shown in Table 3.1. Applying this to the number of fraud incidents (3.2 million), shows there was an estimated 1.8 million incidents during this time. Comparing the first two years' worth of data, shows that the proportion of fraud incidents that are cyber has remained relatively constant over this time and this holds across fraud types, however further time series data is needed to establish a trend.
The proportion marked as cyber did vary according to the specific type of fraud. Of particular note in the CSEW findings is that around half (51%) of bank and credit account fraud incidents were not cyber, yet (as mentioned above) incidence numbers estimate this to be the most common type of fraud. Suggesting that while fraud may be numerous, the scale of the issue is not entirely driven by the internet (perhaps in contrast to popular opinion), although it clearly is a factor.
Table 3.1: Proportion and number of fraud incidents* flagged as cyber, CSEW year ending September 2016 and 2017 
|Offence group||% cyber 2016||Base 2016||Est. no of incidents 2016 (thousands)||% cyber 2017||Base 2017||Est. no of incidents 2017 (thousands)|
|Bank and credit account fraud||45||806||1,103||49||758||1,171|
|Consumer and retail fraud~||75||342||704||81||262||605|
Advance fee fraud and 'other' fraud incidents are not reported
as the base is fewer than 50.
~For year ending September 2016 this was categorised as non-investment fraud but was renamed to reflect the corresponding name change to the Home Office Counting Rules from April 2017.
The Office for National Statistics ( ONS) recently published CSEW data  showing the proportion of adult internet users experiencing negative online incidents, for the year ending March 2011 to year ending March 2017  . The proportion experiencing a 'loss of money' has remained fairly constant across the time series, between 2% and 3%. This would appear to chime with the above findings which suggest that fraud still holds a substantial offline dimension. Although this data does only concern one aspect of fraud and is not an indication of wider prevalence. It is important to note that these findings do not necessarily relate to criminal activity and some incidents would not be classified as crimes.
Subject to the same caveats, the 2016 Scottish Public Opinion Monitor found that in the previous 12 months, 5% of adult internet users  (aged 18 and over) had experienced financial loss due to fraudulent payment card and 3% had lost money as a result of receiving fraudulent messages.
Impacts of fraud
As part of their experimental statistics series, ONS published CSEW analysis on the emotional and physical impacts of all fraud incidents for the year ending September 2016. Unfortunately, they have not yet been able to split this into online and offline fraud, but analysis shows that 9% of all fraud incidents resulted in people 'no longer using specific websites  . This would suggest that such websites played a part in the fraud incident and/or these incidents raised awareness of online risks more broadly, prompting this action. This behaviour was most common amongst fraud incidents which resulted in a loss of money/goods/property that was only partially recovered or not at all (15%). These findings are perhaps useful for understanding the motivations and drivers behind some online security behaviours, and possibly gives us an indication of the types of frauds being experienced online.
Looking at the impacts of fraud as a whole, in around half of incidents (49%), victims identified no emotional or physical impacts but this fell to 23% for incidents involving a loss that was only partially reimbursed or not at all. Just over a fifth (22%) of incidents resulted in a 'loss of time/inconvenience', the most commonly cited impact . However in fraud incidents with a loss which was only partially reimbursed or not at all, the most commonly experienced impact was 'felt ashamed, embarrassed, self-blame or similar'. These emotions occurred in 25% of such incidents, compared to 4% of incidents where the loss was fully reimbursed. Suggesting that being able to recover money was a determinant in preventing or triggering these sorts of emotional responses. Such responses could also impact on the likelihood of people reporting incidents to the police.
Victims of fraud
SCJS indicative data shows that in general, the risk of experiencing bank and credit account fraud in 2014/15 was fairly evenly distributed across the population, however some groups were statistically more likely to report experiencing this type of fraud than others:
- Those aged 25-44 (6%) and 45-59 years (6%) were more likely than adults aged 60 plus (3%).
- Adults in managerial and professional occupations (8%) compared to those who have never worked or are long-term unemployed (3%).
- Households situated out-with the 15% most deprived areas in Scotland (5%), compared to those within the 15% most deprived (3%).
Some of these differences are also apparent in the CSEW fraud statistics for the year ending March 2017, although the two are not measuring like-for-like. CSEW data  shows that again, generally speaking, experiences of fraud (on and offline) appear to be more evenly spread amongst the population than other types of crime. That said, some personal and household characteristics do appear to be associated with being a victim of fraud and those with the higher risk of victimisation often differ from other crime types:
- Fraud victimisation is higher in the middle of the age distribution: adults aged 35-44 are more likely to be a victim of fraud (7.4%) than 16-24 year olds (4.9%). This differs from violent crime and most property crime types where the youngest age group is at higher risk of being a victim.
- Households with an income of £50,000 plus are more likely to be a victim of fraud (8.8%). This compares to 5.3% of households with an income of less than £10,000 and is unlike crimes of violence.
- Individuals in managerial and professional occupations are more likely to be a victim of fraud (8.0%) than full-time students (4.6%). This is in contrast to violence and burglary where student households are amongst those at greatest risk.
- Individuals living in the 20% least deprived areas  are more likely to be a victim of fraud (7.2%) than those living in the 20% most deprived (5.3%). This is the opposite from a number of other crimes.
Overall, this suggests that fraud is not only more prevalent than other crime types  but exhibits different patterns too (although the former may be partly as a result of the latter). Caution should be taken when looking at the above characteristics in isolation as some are likely to be closely associated with each other.
Reporting of fraud
As noted earlier, comparing police recorded crime data in Scotland to findings from victimisation surveys suggests incidents of fraud are underreported. The level of fraud (7,811 crimes) being brought to the attention of the police in Scotland is clearly much smaller than what we might anticipate based on indicative data from the SCJS and the CSEW findings.
Turning to England and Wales, CSEW data for the year ending September 2016 shows 12% of fraud incidents were reported to Action Fraud  and this is similar across fraud types  . The main reason why fraud incidents aren't reported would appear to be a lack of awareness of the organisation, cited in 66% of incidents. A further 15% weren't reported because victims believed they would be reported by another authority. Taking this together with fact that most losses are reimbursed, we might expect that it is quite a common response for incidents to be reported to a victim's bank or other relevant authority ( e.g. building society, credit card company), suggesting that recovering losses is the primary interest of victims (where a loss is incurred). At present however, no data is available to substantiate these assumptions.
Whilst there is no agreement in place between Action Fraud and Police Scotland, it may be reasonable to assume that these reasons for non-reporting, with the exception of a lack of awareness of Action Fraud, feature in why incidents are underreported to the police in Scotland.
Future evidence on fraud
Questions on people's experiences of a range of negative and harmful online activities will be included in the 2018/19 SCJS questionnaire, including identity theft, online dating fraud and incidents of scam emails. Findings from these questions signify an important first step towards developing the evidence base, but they will not be included in main SCJS incidence or prevalence estimates. Indicative data will be available in late 2019/early 2020. 
As mentioned earlier, the SCJS has been collecting information on smuggled or fake goods  since 2016/17. This includes whether anyone has offered to sell respondents specific types of goods  and where this took place, for which 'on the internet' is an option. This data will be available in Spring 2018.
Police Scotland introduced a cyber-marker to their crime recording systems in April 2016. Police Scotland are currently considering how to enhance how crimes with a cyber-element are marked.
Going forward, there is potential to replicate the detailed CSEW fraud questions in the SCJS but doing so would require a significant amount of other content to be removed from the survey to make space. Whilst in principle this data might be helpful and insightful, we should also consider whether this is a priority evidence gap. The release of additional time series data for the CSEW fraud module, will allow for change over time analysis, including establishing any trends.
Group 4 – Fire-raising, vandalism etc.
Summary of findings
- Whilst available evidence shows computer misuse to be numerous and fundamentally driven by the growth of cyber technology and the internet, in quite a lot of cases the resulting impacts tend to be of low severity.
- The most robust and comprehensive evidence on computer misuse is data gathered via the Crime Survey for England and Wales ( CSEW), which incorporates incidents of unauthorised access to personal information (including hacking) and computer viruses.
- CSEW evidence shows 1.5 million incidents of computer misuse were experienced by 2.6% of adults over the year ending Sept. 2017.
- Almost all (97%) incidents were cyber (internet or any type of online activity related to any aspect of the offence) for the year ending Sept. 2017, amounting to an estimated 1.46 million incidents.
- In general, the risks of being a victim of computer misuse are spread fairly evenly across society although some groups are at greater risk than others including higher income households. This is likely linked to the profile of internet users- internet use tends to increase with household income.
- CSEW evidence shows that in 49% of computer misuse incidents victims identified no resulting emotional or physical impacts and by far the most common impact was a 'loss of time/inconvenience', experienced in 31% of incidents (year ending March 2017).
- Police recorded crime data for Scotland suggests that incidents of computer misuse are underreported. In 2016/17 only 30 incidents were recorded under the Computer Misuse Act 1990.
The term 'computer misuse' is used to capture a number of crimes generally covered by the Computer Misuse Act 1990 (which sits within the Group 4 category for statistical purposes). Activities grouped under the computer misuse label mainly centre around unauthorised access to and (sometimes subsequent) attacks on computer systems, networks and data held – for example hacking and Distributed Denial of Service ( DDOS) attacks.
Whilst computer misuse can in some circumstances occur 'offline', the central role of computers and technology in such incidents (as targets as well as means to carry out crime) means we might expect a lot of computer misuse to be cyber-related, hence the reason some define such activity as 'cyber-dependent' crime (as described in the introduction and glossary). However as noted previously, computer misuse incidents may often be related to (or indeed facilitate) further criminal activity.
Recorded crime data reveals that very few incidents of computer misuse appear to come to the attention of the police. In 2016/17, only 30 incidents were recorded by the police in Scotland under the Computer Misuse Act 1990 (causing damage  ), and a further 17 cases were recorded in connection to unauthorised access to computer material only  . The latter of these is classified as Group 6 'Miscellaneous offences' but has been included here for ease.
Looking at 'causing damage' in more detail, recorded crime figures show that the number of cases doubled from 9 in 2013/14 to 18 in 2014/15, before increasing to 31 in 2015/16. It would seem unlikely the number of cases in Scotland are as small as these figures suggest, pointing to under reporting, although there is currently limited information available to enable us to unpack why this might be.
The most reliable evidence on computer misuse is the data gathered through the CSEW module added in October 2015. The Office for National Statistics ( ONS) report on computer misuse as a whole, computer virus  and unauthorised access to personal information (including hacking). For the year ending September 2017, the CSEW estimated there were 1.5 million computer misuse incidents. Computer viruses made up the majority of this group (962,000 incidents), with the remainder (541,000) constituting unauthorised access to personal information  .
Turning to prevalence rates, 2.6% of the adult population were a victim of computer misuse during the year ending September 2017, with 1.7% experiencing a computer virus and 1.0% suffering from unauthorised access to personal information. When comparing to other CSEW crimes, the findings suggest computer misuse is one of the more common types of crime experienced (as measured by the CSEW)  .
January 2018 saw the release of the first year-on-year comparisons for the CSEW computer misuse questions. Analysis shows the number of computer misuse incidents for the year ending September 2017 fell by 24% on the year ending September 2016, driven by a fall in computer viruses  . However this fall was not accompanied by a fall in prevalence rates, which remained statistically unchanged. Whilst this data provides an interesting first insight, further time series data is needed before any trends can be established.
An estimated 16% of computer misuse incidents in the year ending September 2017 resulted in an initial loss to the victim, all of which occurred through computer viruses. Such losses are mainly associated with additional charges or costs incurred as a result of the virus ( e.g. repair/replacement costs). Given the nature of these losses, it is perhaps unsurprising that almost every incident (98%) resulted in no or only a partial reimbursement  .
In response to an ad-hoc request ONS released experimental time series statistics on negative online incidents between 2010/11-2016/17  . Of the incidents asked about, a computer virus was the most commonly experienced amongst adult internet users. In 2016/17 16% reported they had encountered a computer virus. However the proportion has decreased from 33% in 2010/11 and 19% in 2015/16. In comparison, the figure for 'unauthorised access to/use of personal information', has remained steady at around 6% over the last year years and this is the same as recorded in 2010/11. It is important to note that these findings do not necessarily relate to criminal activity and some incidents would not be classified as crimes.
Returning to the year ending September 2017 computer misuse data, the CSEW found that the vast majority (97%) of computer misuse incidents could be described as a cyber-crime  , providing weight to assertions about the centrality of IT to computer misuse crimes. This rate is unchanged from the previous year. Applying this to the total number of computer misuse incidents (1.5 million) shows an estimated 1.46 million were flagged as being a cyber-crime. Perhaps unsurprisingly, it seems possible that computer misuse is one of the crimes which is most fundamentally driven by the growth of the internet (regardless of the scale overall).
A source of Scotland specific data, the Scottish Public Opinion Monitor, found that 14% of respondents who use the internet had experienced a computer virus or other type of infection in the previous 12 months  . This was the second most commonly cited experience (of those included). Other computer misuse incidents were unauthorised access to/use of personal data (experienced by 7%) and Ransomware  (2%). However the marked difference between these figures and those from the CSEW is likely due to key methodological variations  , (namely that some incidents reported in the Scottish Public Opinion Monitor may not amount criminal acts per se) rather than such incidents necessarily being much more common in Scotland. Therefore the two are not directly comparable.
Victims and impacts of computer misuse
As with the CSEW statistics on fraud, further analysis on computer misuse is not split into cyber and non-cyber incidents, however this is less of an issue here given the very high rate of incidents identified as being a cyber-crime.
Data for the year ending March 2017 shows that almost a fifth (18%) of computer misuse victims, were victimised more than once in the same 12 month period  . Generally speaking, the likelihood of being a victim of computer misuse is fairly evenly spread across the adult population. That said, there are a few groups who would appear to be more at risk than others (differences are statistically significant):
- 16-24 year olds (3.5%) than those aged 75 and over (0.9%).
- Adults in employment (3.2%) than those who are economically inactive (2.4%).
- Adults in managerial and professional occupations (4%) than those who have never worked or are long-term unemployed (2%).
- Adults with Apprenticeship or A/AS level qualifications (3.9%) compared to adults with no qualifications (1.2%).
- Households with an income of £50,000 and over (4.4%) than households with an income of less than £10,000 (2.5%).
- Households living in the private rented sector (3.3%) than households in the social rented sector (2.3%).
As was noted in relation to fraud some of these characteristics will likely be closely associated with each other and so caution should be exercised.
Similar to fraud in 49% of computer misuse incidents, victims identified no emotional or physical impacts and this was the same for computer viruses and unauthorised access. By far the most common impact arising was a 'loss of time/inconvenience', which was experienced in 31% of incidents (year ending March 2017)  . This also held for computer viruses (34%) and unauthorised personal information (26%). This was followed by 'stopped using specific internet sites', a consequence in 8% of all computer misuse incidents, suggesting a minority of incidents triggered a change in online behaviour.
Reporting of computer misuse
As noted, it would seem unlikely that the number of cases in Scotland is as small as the recorded crime figures referenced earlier. This points to computer misuse incidents generally not being reported to the police.
Available data reveals that a smaller proportion of computer misuse incidents in England and Wales for the year ending September 2016 were reported to Action Fraud than fraud incidents: 2% compared to 12% respectively  . However this may be a reflection on the nature of the offences and of the perceived remit of Action Fraud, even though the organisation is also the national reporting centre for cyber-crime. Looking at reasons for not reporting, the most commonly cited was 'never heard of Action Fraud' (66% of incidents), followed by 'too trivial or not worth reporting' (12% of incidents). The latter of these is perhaps to be expected given the most frequently cited impact was 'loss of time/inconvenience' as opposed to more harmful consequences. Although, the severity of impacts will be relative to each individual victim.
Similarly to the corresponding section on fraud, we could assume that some of these reasons (apart from awareness of Action Fraud), may also feature in why incidents are underreported to the police in Scotland.
Future evidence on computer misuse
The new cyber questions added to the SCJS from 2018/19 include incidents where people had their device infected with a computer virus and where they were locked out of their device until a payment was made (Ransomware). The first indicative findings will be available in late 2019/early 2020  . The release of additional CSEW time series data will allow for change over time analysis, including establishing any trends in computer misuse incidents.
Group 5 – Other crimes
Summary of findings
- Available evidence suggests the vast majoirty of illict drug users are still sourcing drugs via traditional means, with a a very small proportion obtaining drugs online.
- Concerns that increases in the amount and accessibility of information online would raise the likelihood of contempt of court issues ( e.g. jurors finding out information about a case), have yet to be borne out.
Sale of drugs online
Despite concerns about the increased opportunities to buy illicit substances online, the SCJS in 2014/15 found that only 0.6% of adults who had used drugs in the last month sourced their most frequently used substance online  . This compares to 35.1% who got the drug from 'someone well known outside their family', 17.0% who bought from a known dealer and a further 13.1% who bought the drug from a dealer not known to them.
Whilst the SCJS methodology means that this is unlikely to include those with the most problematic drugs use and does not include children, it does suggest that "traditional" methods of sourcing drugs are still the most common. The data also focuses on the most recent substance obtained, whereas asking if people have ever bought drugs online could result in alternative findings. Furthermore, communication via the internet, email etc., could be used in the purchasing of drugs from traditional sources e.g. making contact with a dealer, but this would not be captured by the SCJS.
A research project undertaken by Scottish Government analysts looked at police crime records for drug seizure incidents, including where the drugs had been sourced from (where information available)  . Findings suggest that the internet does not tend to be a common feature, but as with the above, this may be because the information is not being recorded rather than the internet not being involved.
The Scottish Schools Adolescent Lifestyle and Substance Use Survey ( SALSUS)  captures experiences of drug use amongst 13 and 15 year olds. The most recent survey in 2015 found that amongst both age groups, children who had used drugs most commonly sourced them from a friend (41% of 15 year olds had obtained the substance from a friend their own age). By contrast, only 1% in each age group said they had sourced their most recently used drugs through a website. Moreover, the survey found no changes in how drugs were sourced between 2013 and 2015. Suggesting 'traditional' methods for sourcing illicit substances still dominate.
Future evidence on the sale of drugs online
The 2016/17 SCJS will provide data on where adults who have ever taken new psychoactive substances sourced their drugs, enabling us to assess whether people are more likely to buy these substances over the internet than other "traditional" drugs. The SCJS is also collecting data on whether and where respondents have been offered smuggled or fake medicines and pills, including online. Data will be available in Spring 2018. Whilst these may not necessarily be illicit substances (or respondents may not know), it does provide a complimentary source of evidence on the availability of such substances online.
Crimes against public justice
Theoretical papers and media articles have highlighted that the increase in the amount and accessibility of information online means that there is increased scope for contempt of court issues to arise. In short, it is claimed that there are now risks that jurors (and others) are able to access details about a criminal incident and those involved, which could influence the outcome of cases and amount to contempt of court. Whilst such actions might be committed by many people unwittingly, equally the potential to do so can be exploited by criminals in order to undermine the criminal justice system with potentially significant consequences. Irrespective of whether intentional or not, such actions could be seen as a challenge to the values on which the justice system is based.
Although this point has been raised by Scotland's previous Lord Advocate  as well as being exemplified by a small number of high profile cases in the media from the UK and elsewhere, it is not reflected in the recorded crime data which shows that in 2016/17 there was only 3 incidents of contempt of court in Scotland, the joint lowest figure over the last 10 years. The figure has hovered around 5 incidents per year since 2012/13  . However it should be acknowledged that it is very challenging to police these sorts of incidents.
Given the increasing amounts of information about individuals being placed online (for example with the increasing expansion of social media and social networks), this may be a matter which grows in prominence in years to come. However this will pose its own challenges around how incidents of this nature are identified and captured in reporting.
Group 6 – Miscellaneous offences
Summary of findings
- Available evidence suggests that the internet may commonly feature in cases of stalking and harassment, whilst being pestered, intimidated or insulted in-person is much more prevlanet than experiences carried out via electronic means.
- SCJS evidence indicates that of the 9% of adults 'insulted, pestered or intimidated' in Scotland in 2014/15, the vast majoitty (82%) experienced this in-person.
- SCJS evidence shows that in 2014/15, the most common type of stalking and harassment (arguably more serious than the above) was threatening/obscene texts or emails, experienced by 45% of adults who had encountered at least one form of stalking/harassment in the 12 months prior to interview (6.4%).
- Evidence suggests incidents of harassment and threatening/abusive behaviour are underreported to the police, with many viewing it as 'too trivial'.
- Existing UK wide evidence suggests a potentially increasing number of children encounter cyber-bullying. But traditional forms of bullying persist.
Threatening and abusive behaviour
There are claims that the relative ease with which people can make contact with both known and unknown individuals using the internet and the apparent lack of recourse (either in-person or verbally) increases the risk of experiencing threatening and abusive behaviour. For example, Sheridan and Grant suggest that the internet may be 'particularly attractive to would-be harassers', given the 'relative anonymity, the lack of social status cues, and opportunities for disinhibited behaviour' can promote 'greater risk-taking and asocial behaviour'. 
Whilst threatening and abusive behaviour can take numerous forms and may not often amount to criminal acts, the SCJS offers the most robust insight into such experiences by asking whether people have been insulted, pestered or intimidated  in person or by various other means. In 2014/15, it found that 9% of adults had experienced such behaviour in the previous 12 months, unchanged from 2012/13  . The vast majority (82%) had experienced this in-person whilst experiences over electronic forms of communication were much less frequent. For example 8% said they had been insulted, pestered or intimidated in writing via the internet (such as a social networking site), again this was not statistically different from the 2012/13 finding. Whilst 6% of those insulted, pestered or intimidated in the last 12 months, had encountered such experiences by text or email.
The 2016 Scottish Public Opinion Monitor  found that 4% of adult internet users had experienced abuse/threatening behaviour in the last 12 months when using the internet. In addition, 7% had been exposed to upsetting and/or illegal images. However not all of these experiences will necessarily amount to criminal acts.
Stalking and harassment
The SCJS also separately collects data  on arguably more severe examples of stalking and harassment (which are more likely to amount to criminal acts). In 2014/15 6.4% of the adult population had experienced at least one form of stalking/harassment (as defined by the SCJS  ) and the most common types involved indirect contact  . For example 2.9% of the adult population reported obscene or threatening contact by email or text and 1.4% experienced such issues via social network sites. Neither of these 'cyber-stalking' or 'cyber harassment  ' measures showed any change from 2012/13, the only time series data available.
Looking at the distribution of different types of stalking and harassment amongst those who had experienced at least one form in the last 12 months, the 2014/15 SCJS found the most common type was by threatening/obscene texts or emails (45.0%). Just over a fifth (21.9%) were subject to obscene or threatening approaches on social network sites. This compares to 32.7% who had silent, threatening or obscene phone calls and 15.7% who had someone wait outside their home or work– suggesting electronic forms of contact are more commonly experienced features of stalking or harassment incidents. Findings were consistent with 2012/13 results.
In general, the reporting of harassment and stalking to the police is fairly low when compared to other crimes included in the SCJS.  Less than one in five (18.9%) said the police came to know about the most recent incident. The most common reasons for not reporting were that the matter was 'too trivial' (39.1%) or that victims dealt with the matter themselves (27.0%). Apparent differences in reporting rates according to type of stalking and harassment were found to not be statistically significant, suggesting the means by which the behaviour is carried out does not determine reporting.
Experimental police recorded crime data from England and Wales would suggest that most instances of recorded stalking and harassment relate to more direct and traditional forms of such behaviour. Data for the year ending September 2017  shows that 14.6% of such offences were noted as being 'cyber-related'  . As yet, there are no equivalent figures for cyber-related recorded crime in Scotland.
Moving away from stalking and harassment, the SCJS captures data on whether respondents have encountered people threatening to damage their property or be violent towards them which made them feel frightened. In 2014/15, 4% of Scottish adults reported experiencing threats (of damage to property or violence) - a figure which has been consistent in each survey sweep since 2008/09  . Interestingly none of those reporting experiences of threats said the incidents occurred online. That said, it is considered likely that this is a function of the way threats are described in the survey rather than a true reflection of experiences amongst the population.
In addition to the threatening and abuse behaviour which adults may face online, there are also concerns that the growth in children's use of the internet (across a range of devices) increases the risks of encountering cyber-bullying  . It is important to note that whilst harmful and distressing for the individuals involved, it is likely that a high proportion of bullying behaviour will not necessarily amount to a crime.
There is limited available evidence on the extent and prevalence of cyber-bullying, however an EU survey of children does provide some insight here, although findings are caveated  . Whilst bullying is defined in quite a general and wide-ranging sense (ranging from 'teasing' to violent actions), the 2013 survey found that 21% of children aged 9-16 in the UK had been bullied in the previous year, with 12% experiencing cyber-bullying (of some form) and 9% being bullied face-to-face  .
Considering more timely data in this area, the NSPCC reported that the number of ChildLine  counselling sessions carried out in the UK where cyber-bullying was mentioned has almost doubled in recent years, from around 2,250 sessions in 2010/11 to approx. 4,500 sessions in 2015/16  . Looking at the two most recent entries (2014/15 and 2015/16), shows there has been a 13% increase. Whilst clearly this data is limited by the fact it will only capture those in contact with the service, and may relate to increased awareness and willingness to report, it does suggest an increasing prominence of online bullying.
Future evidence on cyber-bullying
The CSEW has recently collected data through its module surveying 10 to 15 year olds on bullying including cyber-bullying, and once available this evidence should offer much greater and more robust insight into experiences in England and Wales. Likewise, evidence currently being gathered through the Growing Up in Scotland study should enhance our knowledge in this area and offer a greater understanding of the true extent of cyber-related bullying.