FIBA Partners with FIU Center for Leadership
A key element of the social contract between state and society is protection from harm and insecurity. Within the context of democratic participatory societies, the lessons of effective crime prevention show two consistent findings. First, laws which are judged to be socially desired and valuable are the easiest to enforce. Secondly and relatedly, state efforts to promote security benefit significantly from civil society engagement.
Academia has often had a lead role in crime prevention at the policy level. Academic think tanks and university programs dedicated to Sociology, Law, Criminology and related social science provide the most rigorous and reliable assessments of public performance in this arena. They are the principal means of “outing” ineffective policies and setting new policy directions in crime prevention. Civil society at large and government policy makers often rely on academia for objective performance assessments and policy prescriptions based on detailed assessments of societal trends and best case practices locally and globally.
The private sector is also a potential natural partner for the public sector in crime prevention. This reflects both their institutional exposure to criminal predation, and its impact on the corporate bottom line. This natural symmetry of interest has generated many Public Private Partnerships (PPPs) based on revenue generating business models. Entire industries have been created around security. Business and Home Security services, for example, which link automatically to local fire and police, are perhaps the easiest illustration. The use of private sector security personnel to control public conduct in privately owned or operated venues is a second and often seamless form of integration to state public security apparatus. Government agencies also hire private sector firms to promote their IT security.
CSR-based, public private partnerships in crime prevention, have also offered shining examples of success. These, however, are often ad hoc, unheralded and rarely scaled, for reasons which relate to the nature of both institutions. Within the CSR frame, the challenge is how to ramp up PPPs by focusing private sector “core competencies” on cutting edge criminal threats at national regional and global scale.
Academia could play a lead role in ensuring this interface. It can do so by naturally providing what both other parties lack, that is:
· a comprehensive view of the overall policy environment,
· a capacity to independently assess performance and,
· a natural orientation to publish and present best and worst case practices in order to drive the continuing policy debate.
The challenge for both law enforcement agencies and academia, however, is to effectively promote and sustain PPP’s with the private sector. Law enforcement agencies lack experience in engaging corporations and as a result are often ineffective in positioning their “ask” to attract necessary interest, resources and commitment. Academia in the crime prevention area is often no more adept. A simple comparative between the endowments and broader contributions from the private sector to Business Schools, Medical Schools, Engineering and Law Schools compared to Sociology and Criminology Departments makes the point.
If a trilateral paradigm in the crime prevention space is to be realized, academics will need to think more creatively about how they can function as a both a “relationship broker” between the public and private sector and a direct advocate of operational engagements on the cutting edge of crime enforcement.
To date, CSR-based crime prevention PPP’s remain ad hoc in nature and not well scaled at the global or even national level. Much more could be done through formalizing the dialogue space between crime prevention agencies and likely private sector partners and by better citing collaboration around emerging security threat vectors.
Such a convergence, however, is structurally restrained by the institutional nature and mandates of the public and private sector. The jurisdictionally and legislatively limited focus of public enforcement agencies leaves them poorly configured to attract the private sector where scale-able, highly visible CSR opportunities with limited sustained investments are what companies aspire to.
As a result, many CSR-related PPPs between crime prevention agencies and the private sector are often the opportunistic efforts of individual champions on either side of the divide. For example, in 2003, Microsoft Founder, Bill Gates received a personal letter from Sergeant Paul Gillespie of the Toronto Police, concerning the challenge the police force faced in tackling child pornography and related crime. In response to this plea, the company designed a software solution known as ‘CETS’ (Child Exploitation Tracking System)that allows various police units to effectively classify, track and identify links between indecent material, enabling them to identify owners and uncover child-porn syndicates.
Public sector actors, however, often have little interest in driving these engagements to a scale beyond their own jurisdictional frontiers. Moreover, the private sector often lacks the incentive or the know-how to drive to scale and may be completely content with local impact. While with, CETS there has been a level of scale-- CETShas been deployed in over ten countries at a total cost to the company of over 10 million--putting the platform to further use requires both a level of public and private sector investment that academic analysis and support could effectively promote.
The question remains, therefore, can universities and think tanks do better to harness the potential of PPPs in the crime prevention area? I would argue that they can. Internationally recognized universities already provide policy level leadership and guidance in many areas of the economy. However, how many of them have taken the added step to promote and direct public-private sector partnerships which can enforce and implement their policy directives in the area of crime prevention? Fortunately, there are examples worthy of note, including those below.
Online child exploitation is a serious and growing problem. Already by 2008, Trade in child-sex images was estimated to have surpassed $20billion (Internet Watch Foundation Annual Report 2008).In the year 2010, the IWF had taken action against 16,739 instances of child sexual abuse content on different web pages around the world. According to Michelle Collins, Vice President for the National Center for Missing and Exploited Children (NCMEC), reports regarding child pornography are flooding their US tip line. In 2010 the center received 213,000 such reports, up from 106,000 in 2009 and 85,000 in 2008.
An academic-led partnership to attack this problem in the area of forensic technologies was formed between Dr. Hany Farid, Professor of Computer Science at Dartmouth College and Microsoft. Their collaboration has led to the development of “PhotoDNA”, a system which can produce the equivalent of a human fingerprint for images. PhotoDNA uses an imaging technology and a technique called “robust hashing” to produce highly unique and reliable digital signature. Now, any given image can be associated with a highly unique and reliable signature. The introduction of such an automated image signature search capability which, in concept, is identical to the Automated Fingerprint Identification System (AFIS) used at the FBI, will result in significant time savings.
Not coincidentally, in August of 2011, US Federal authorities announced charges against 72 persons on five continents in connection with an online bulletin board operation which enabled the trading of over 27,000 graphic images of child pornography since 2008. US Attorney, General Eric Holder said the prosecution represented the largest of its kind in the USA where 43 suspects were arrested. The PhotoDNA system has recently been donated to National Center for Missing & Exploited Children (NCMEC) as well as the International Centre for Missing and Exploited Children (ICMEC). In early 2011, Facebook joined Microsoft in sublicensing the technology for use on its network.
The Berkman Center presents an excellent case of an institute which is effectively engaged with the private and public sectors at the policy and the operational level in a manner which does not threaten its independence. Berkman was founded in 1997 “to explore cyberspace, share in its study, and help pioneer its development”. The institute believes that the best way to understand cyberspace is to “actually build out into it.” Their faculty and collaborators therefore actively engage with a wide spectrum of Net issues, including governance, privacy, intellectual property, antitrust, content control, and electronic commerce.
In addition to cutting edge legal and policy work, Berkman has partnered with the private sector in operational space as well. “Herdict Web” for example, is the brainchild of Professor Jonathan Zittrain. It uses crowd sourcing to learn about and present a real time view of the experiences of net users around the globe. Herdict Web aggregates reports of inaccessible sites, allowing users to compare data to see if inaccessibility is a shared problem. This system democratizes information share and move information on cite censorship to real time in the most transparent manner possible.
As good as these examples are, however, neither represents the scale required to affect a necessary paradigm shift. There are, however, illustrative examples beyond the crime prevention space where academic institutes have ventured directly into operational space.
The Earth Institute: A scaled model.
Professor Jeffrey Sachs of Columbia University has married his role as economist/development practitioner to that of an active driver of PPPs. As the founder of the Earth Institute, and the Special Advisor to the UN Secretary General on the Millennium Development Goals (MDGs), Professor Sachs drives over US$ 100 million in local project activities in Africa to prove his theories of local development. In true Paulo Freire “praxis” form, Professor Sachs and his team, work on the ground with dozens of Governments and with an impressive array of private sector partners. Recently, his Earth Institute has been contracted by the Government of Nigeria to support the implementation of $1.8 billion in annual debt relief funds to help the Government meet its MDG poverty reduction goals.
Professor Sachs’ work begs the question: Given the dearth of actors who can drive scale-able partnerships in the crime prevention area, why can’t academia do more? Given that lead research institutions already drive significant components of the policy discussion, supporting the development of operational responses and partnerships for crime prevention is a logical evolution. Moreover, a more active engagement with the private sector will ensure that academia is better aware of the threats facing corporates as well as the tools that they may bring to the fore to drive a collaborative response to the constantly evolving threat of organized crime.
The natural convocatory power of academia in this space can easily be expanded to include the private sector. Forums, both live and virtual, can be used to drive innovative new partnerships on a significantly larger scale than currently exist. This could in turn lead to a very virtuous engagement wherein the corporate sector sees augmented value in direct investment in academia on the operational, and not just the policy, side of the fence.
Engaging the private sector is not overly complex. To achieve strong and sustainable and impactful partnerships, both academia and law enforcement agencies need to tailor requests for private sector support to reflect core private sector competencies and strategic interests. They also need to define clear, shared measurable results, ensure visibility and sustainability. Lastly, they need to address private sector perceptions, related to being associated with crime prevention.
As a preface to this expanded role for academia, it is important to contextualize the potential realm of public private partnerships. Unfortunately, but not surprisingly, crime prevention is rarely one of the priority areas listed by corporations in their portfolio of CSR work. The most popular areas for CSR activities are community-related support services, principally in health and education. Many industries also invest exclusively in their surrounding communities. Extractive industry and manufacturing companies are common examples. Of the companies that do choose to venture further afield, their CSR work is generally concentrated in areas with direct links to company business objectives and commercial goals.
Irrespective, many corporations, large and small, do have extensive commercial offerings designed for security and crime prevention stretching the gambit from white collar to felony crime. Although far fewer offer CSR programs in this area, there are some excellent examples worthy of replication. Companies usually support crime prevention campaigns with financial contributions and through employee education. The UK’s ‘Crime Stoppers’ initiative has received corporate support from HSBC, Candis Magazine, Ladbrokes, British Retail Consortium, Lloyds Banking Group and many others.US-based website Crimereports.com has provided crime data tracking to public and private clients for a fee since 2007.
PPPs and CSR in the IT Sector. IT companies, are a very natural fit for crime-fighting partnerships given the particular vulnerabilities endemic to the sector, all of which potentially carry significant reputational and market implications. The Internet has created huge economies of scale for information dissemination. The dark side of such information efficiency, however, is that global criminal elements have become equally effective at using the net, all the while becoming more integrated and more powerful.
The development and diffusion of new information and communication technologies (ICTs) have deeply changed the way societies operate and have driven near unprecedented economic and social development. Over three billion emails and eight billion text messages are sent daily. Every month, six billion searches across the top five internet search engines takes place (Black 2008, p.2).The on-line global population has surpassed 2 billion and growing rapidly.
The worldwide proliferation of ICT has given rise to a new, global form of crime, which poses threats to the confidentiality and integrity of computer systems, computer users, and to the security of critical infrastructure. Governments, corporations and individuals rely on networks to store sensitive information electronically. Individuals use Internet for all sorts of activities which place personal information at risk. The range of daily personal activities extends from e-shopping and banking or maintaining contacts through social web-based networks. A growing number now rely on the “cloud” for personal data information storage. Cloud computing represents a great technological advance, but, carries new potential avenues for cyber-crime activity. Equally, the projected growth of mobile internet systems represents a new domain for online crime that will challenge crime prevention agencies in both the developed and developing world.
This collision between the physical world and cyber-space, however, means criminals, often organized in collaborative networks, can threaten individual well-being and national security on an unprecedented scale. Cyberspace has no physical boundaries. Criminals can therefore change locations from one country to another within seconds in the cyber-world, often eluding Crime-fighters, who work within clearly defined jurisdictions with laws proscribed by boundaries and “territorial sovereignty”.
This emerging criminal area, commonly referred to as Cyber-Crime, includes sabotage, espionage, theft, abuse, fraud, counterfeiting, tax evasion, drug trafficking, illegal immigration, kidnapping, money laundering, child exploitation, cyber-related sex crimes and terrorism. It also includes “hacking” direct attacks on information infrastructure including, disrupting, compromising or abusing data contained within cyberspace in order to harm steal or defraud.
According to Forrester Research, the implications of hacking by criminals or informal networks of hackers is so rampant that computer security, as a share of the total information technology budgets, has increased from 8.2 percent in 2007 to 14 percent in 2011.Throughout the first half of 2011, several security firms hired to prevent attacks on government and corporate data bases, (including the most confidential intelligence information), have been directly targeted by hackers. Man Tech, for example, a $2.6 billion firm recently hired to protect the FBI computer system was itself hacked in August 2011 and then taunted online by the offenders who stated “it’s really good to know that you guys are taking care of protecting the United States from so-called cyber threats”.
Jeff Moss, the founder of the Black Hat Conference, the most important global technical security conference, notes that groups like the “hacktivists” who attacked Man Tech, and then publicize their attacks to make a point are the least worrisome. On August 3, 2011 McAfee reported it had uncovered a campaign of computer break-ins at 72 organizations and companies globally. McAfee claimed the intrusion was the work of a “nation-state intent on acquiring among other things, US military designs.”
Governments have begun to augment their collaboration with the private sector in the areas of on line scams and fraud. More than 40 governments work with Microsoft in its Security Cooperation Program (SCP). SCP is a global initiative that enables Microsoft and participating governments to share information to improve computer incident response processes and user outreach. The SCP is intended to help both participating governments and Microsoft respond more efficiently and effectively to computer security incidents, and minimize the impact of attacks on users and critical IT infrastructure can critically disable administration and disrupt economies. The company’s bi-annual Security Intelligence Report (SIR) is an investigation of the current threat landscape. It analyzes exploits, vulnerabilities, and malware based on data from over 600 million systems worldwide, as well as internet services, and three Microsoft Security Centers.
Worldwide, IT companies including, CISCO, Google, McAfee, Microsoft, Symantec, Verizon and Yahoo engage in hundreds of non-commercial government partnerships that offer schools, communities and individuals with Internet safety training programs and educational literature. Often, these companies partner through organizations such as the National Cyber security Alliance, (NCSA-U.S.) or the Family Online Safety Institute, (FOSI), and the Internet Watchers Foundation (IWF – UK). Verizon, among others helped develop the Safer Internet Alliance to support additional corporate collaboration in this area. The Safe Internet Alliance was officially launched in 2009. Some corporate employees volunteer to drive these programs, in collaboration with community leaders, teachers and the police force to deliver content.
At a country level, private companies are occasionally requested to support national efforts to fight cyber-crime. Microsoft worked with the Nigerian Government, the Council of Europe, UNODC, Interpol, the FBI and others to organize a Cyber-Crime Summit for West Africa in Abuja, Nigeria in December 2010.Over 500 participants from15 countries spanning over 120 organizations throughout the region attended the three day event. In Egypt and Turkey where online crime is a relatively new and growing phenomenon, the Council of Europe partners with Microsoft to conduct training for the judiciary, detailing how cyber-crimes are committed, and how criminals can be prosecuted, by demonstrating the most effective methodologies for obtaining evidence. Both McAfee and Microsoft have joined forces with the Council of Europe for a similar training in Romania.
The above listing of PPP activities, while impressive, is frankly just the beginning of what can be done. However, while crime fighting agencies and private sector entities can both benefit by prioritizing crime prevention-related PPP’s, neither has pushed for added scale. As noted, this is not surprising. The stark differences in organizational structure and motivating influences make corporations and crime fighting agencies somewhat strange bedfellows.
Compared to the private sector, crime agencies function in a relatively insular manner reflecting the confidential nature of their work. Crime professionals generally work in a “silo” format, with confidence retained principally if not exclusively in their home institution and occasionally, in affiliated agencies. Crime-related agencies are also not uniformly strong in either marketing or public relations as the nature of their work prioritizes discretion over visibility.
Corporations on the other hand, thrive in public space and rely on external market signals to help them evolve and grow. In this extroverted operational environment, external perception of the company is a critical indicator of success. Thus, positive visibility and market impact are determining factors incorporate decision-making that help companies decide with whom to partner and why. Likewise the possibility of any negative associations or press will cause private sector interest to wither.
This leads to the question of how academia can fill this breach. The answer is at least four-fold. Given sensitivities related to brand and consumer perception that characterize the private sector, academia can provide a clear added value:
· First, by highlighting the value of PPP in crime prevention and guiding more effective utilization of the model, academics can help direct and justify and clarify the value proposition to the private sector.
· Secondly, by offering more expansive collaborative frames including their institutions. Academia and policy makers can facilitate partnerships in this arena. It will always be easier for private sector actors to act under the aegis of solid policy thought leadership which academia can provide.
· Thirdly, by maintaining an active role in the partnership, and committing to monitoring outcomes, policy setters and academics can help insure impact, necessary fine tuning and appropriate third party attribution for success.
· Finally, academia can sponsor innovative forums which promote effective PPP’s in the crime prevention agency by highlighting best practices and pinpointing emerging needs which will lead to visible, measurable results.
All four of these points are critical parameters for any effective CSR collaboration and will be well received by the private sector.
Although reaching out beyond the law enforcement community is not an immediate instinct for crime professionals, they do have certain organizational characteristics that make them attractive to private sector CSR partners. Crime-professionals are task and results-oriented. Their success is measured in concrete outcomes supported by solid data tracking of both trends and incidences. Their training and professional obligation enables them to comprehensively scope a problem, define a response and pursue a measured and monitored implementation plan. Moreover, the discipline crime fighting professionals bring to a task make them attractive PPP partners as they tend to deliver upon commitments in a timely manner. All of these characteristics guarantee a prospective private sector partner, quantifiable results for their investment and the promise of high profile visibility associated with successful performance.
Crime-fighting professionals, however, have a more natural symmetry to policy makers and academics. Universities have provided institutional and management support to increase the effectiveness of crime-fighting on a number of occasions. While clearly not exclusive, Jesus College at Cambridge University has provided an annual venue for information share on seminal issues related to economic crime for experts globally (both practitioners and academics) for the past 28 years at its International Symposium on Economic Crime. Recently, this has included efforts at promoting private sector engagement and new PPP partnerships.
The benefit of this triangulation is clear given the otherwise less than symmetrical relation between the private sector and public sector crime-fighters. Without a strong policy umbrella to work under, most private sector actors will either shy away from the sector or continue sporadic, largely un-scaled initiatives. Analytical work demonstrating the value-add of PPPs to support public security can help public institutions better understand what they have to gain from such collaboration and how to structure it. Moreover, once the collaboration has been engaged, impact assessment and performance reporting from credible policy and research organizations can ensure that CSR collaborations can reach scale and achieve positive spillover effects well beyond jurisdictional boundaries.
Given the extent of the challenge and the importance of real time response to real time threats, there is a need to augment opportunities to expand the partnerships between crime-fighting agencies and the private sector. No matter who the sourcing agency may be, Public Private Partnerships (PPPs) for crime prevention, and associated CSR work, require a sustained four step cycle to be effective.These steps are: Dialogue, Demand, Design and Dissemination. All four steps are critical components of a healthy, long term partnership.
Extrapolating from the “Four D’s” with an eye to an academia-led role looks as follows:
Given the insular nature of crime-prevention work, a proactive “partnership interface” towards the private sector is required. Crime prevention agencies and the private sector need more venues to explore areas of mutual interest where core private sector competencies can augment public sector crime prevention work. What is needed are fertile, independent and sustained spaces at the policy and technical level where crime prevention agencies and the private sector can match security and crime prevention needs creatively to private sector core competencies.
This is a space where academia can thrive. While there are meetings hosted by international organizations, they are generally meetings of experts and peers from the public sector. There is too little opportunity for interchange promoting the application of private sector core competencies to public sector requirements.
Within this frame, academia needs to think more creatively about how it can package an offer to both the private sector and law enforcement agencies as a “relationship broker” and a neutral determinant of on the ground impact. While this function is perhaps outside the traditional academic role, it is literally just one operational step removed from policy guidance. It is also, arguably, the “professional stretch” that is required to ensure a new paradigm for academia-brokered, private sector engagement with public safety institutions.
Dialogue content needs to be clearly targeted towards the problem the crime prevention agency currently faces and why a company’s specific core competencies are relevant for a Public-Private Partnership. Corporations are designed to respond to demand. A clear “ask” will best enable a company to determine if it or its partners have the competencies necessary to respond. Too many internationally sponsored meetings end without this level of specification—much to the detriment of potential future collaboration, and the reputation of the convening agency.
In terms of impact, there is no better interface for academia than to help define this content. Yet, policy research driving operational content focus for PPP’s in this area is sorely lacking. The challenge therefore is to identify what institutional practices can be put in place to ensure this tripartite engagement.
As a start more directive research oriented towards linking problem identification to technical solutions must be prioritized. In this context, academia led, hands-on “black hat” style forums where policy and research can help guide effective interplay between public and private sector actors interested in crime prevention in designated sectors would be of great value.
While academic integrity and independence must be kept to the fore, perhaps such events could be at least co-financed by the private sector. The Berkman Institute appears to have set the precedent in this regard. Their particular funding mix from foundations and the private sector, ensures they retain their independence whilst enabling a robust engagement with, (and in parallel to) the private sector in policy, legal and operational spheres. Arguably, the return on investment to the private sector from policy-led, operationally-oriented engagements driving concrete PPP interfaces could easily exceed any other form of corporate giving to the academic world.
If the presumption, that academia can help pinpoint the most productive areas of private-public interface is true, then it is even more the case that academia can help identify new PPPs and fine tune the content and design of ongoing ones. Academia has the institutional capacity to conduct rigorous assessments of ongoing partnerships and to extrapolate from them a road map which can lead to greater impact and scale.
While not in the crime prevention space, the collaboration between the University of Washington and Microsoft is a case in point. Microsoft Citizenship has partnered with the University of Washington Technology and Social Change Group (TASCHA) on a program to monitor and evaluate our philanthropy and community investments worldwide - http://tascha.uw.edu/. TASCHA is focused on the role of information and communication technologies in addressing social and economic development challenges and as such has reviewed hundreds of projects supported by Microsoft through its NGO partners. In particular, the team as TASCHA has looked at basic digital literacy skills training and how access to such resources impacts individuals and communities, from young women rescued out of human trafficking rings, to senior citizens, to the mentally and physically disabled. The observations regarding impact and best practices have contributed to programmatic adjustments, such as a deeper focus on skills training as related to employability and workforce development.
No matter what the sector, innovations of this nature are far less likely to happen without academic engagement. The jurisdictional confine of law enforcement agencies means success is very spatially defined. The private sector on the other hand, although it may have an interest in greater scale, rarely can sustain the investment to ensure scale and visibility occurs. Rigorous analysis of ongoing PPPs, duly incorporating recommendations for improvements in design, could take this work to the next level and help the private sector see the value in a sustained CSR investment.
In certain instances, the convergence of corporate and public interest may be so great that information sharing may be enough to ensure that private sector products fully incorporate contemporary crime-related concerns. In other instances, making the right match might simply involve “tweaking” existing products, or providing relevant training to the partnering crime prevention agency. Academic analysis can help illuminate this process and keep costs in check.
In other cases, a problem identified by policy experts or by crime-fighters may require a completely new solution. The Child Exploitation Tracking System (CETS) is a case in point.While CETS development occurred under the CSR rubric, other large scale solutions could easily survive a business case assessment justifying intensive private sector R and D. Academic support to building the case, clarifying the breadth of potential application and assessing actual performance become critical adjuncts which could be determinative in assuring a private sector spend in such cases.
Once solutions are developed and implemented, sustained campaigns are required to broaden their utilization. One of the fastest ways to kill public private partnerships is for private sector actors to see their investments are under-utilized and visibility and impact resultantly lowered.
For reasons previously noted, public sector agencies have a spotty track record of dissemination. Public relations and marketing for CSR-style solutions in the private sector often fare no better. In cases of a purely commercial PPP, the dissemination route can be directly down the standard customer/client chain. In these instances, fuller awareness of crime and security threats enables the private sector actor to improve their own products and protect customers from criminal activity.
For PPP collaborations which are not commercial propositions a different form of dissemination and visibility is required. Third party attribution is the name of the game in driving internal and external visibility for CSR. Academic attribute for solidly performing CSR PPPs could set a new standard, driving CSR commitments in this segment.
Conferences, training events, research, studies and creative use of the public media all support taking a solution and a partnership to scale. Academic institutions provide an excellent venue to foster this outcome. Partnership opportunities and joint initiatives between the public, private and academic communities should thus be forthcoming given the interest of all three parties in seeing greater visibility to work in this sphere.
The natural academic track from research to publication helps ensure visibility and a greater experiential share which can lead to greater scale for potential solutions. Adding to this, the possibility of visible forums-- including virtual ones--where reporting on best practices in PPP can occur, completes this very virtuous circle.
Microsoft collaboration with the University of Washington is again indicative. The TASCHA team has worked with local researchers to conduct regional topical analyses. For example, in 2010, TASCHA published a study of projects across five countries in Europe on the topic of digital skills training and immigrant women. The recommendations made as a result of the research have gained the attention of policy makers across the continent and in Brussels.
The ground for PPPs between corporations and crime prevention agencies is truly rich. While this summary highlights important examples of private-public partnerships in the crime prevention area, the missing link which could tighten every component of the four point value chain presented above is the academic community.
Academia can provide policy guidance, neutral and scientific impact assessments and pinpoint new areas of prospective collaboration. It can also bring attention to successful results and disseminate information on successful collaborative efforts which increase visibility and scale for ongoing partnerships. Both visibility and scale help cement private sector commitment for future engagement while reinforcing a sustainable long term partnership. Thus, the academic world has a unique and powerful opportunity to “leader” and “broker” PPP’s in a manner which can help both solve serious social problems in a creative format which also enables companies to demonstrate their commitment as global corporate citizens.
Crimestoppers Trust UK 2011, Crimestoppers Trust, Surrey, England, viewed 27th August 2011, <http:// www.crimestoppers-uk.org>
International Centre for Missing and Exploited Children 2011, Alexandria, Virginia, 26th August 2011, <www.icmec.org>
Internet Watch Foundation 2011, ‘Internet Watch Foundation Annual Report 2010’, accessed 27ty August 2011, <http://www.iwf.org.uk/corporate/page.208.htm>
Microsoft 2011, ‘December 2010Security Intelligence Report Volume VI’, Redmond
Council of Europe 2011, ‘Cybercrime: A threat to democracy, human rights and the rule of law’, accessed 27th August 2011, <http://www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/default_EN.asp?>
Gardiner, L 2009, ‘The Foundation for corporate citizenship and sustainable businesses’ VII Annual Local Networks Forum, Global Compact, Istanbul
Microsoft 2008, ‘CASESTUDY: Forefront helping to protect Australia’s borders from illegal immigration, drug smuggling, and other security threats’. Redmond
Walker F. 2008, ‘How the police Broke Net Paedophile Ring’, Sun Herald, 23 March accessed 19 September2009, <http://www.smh.com.au/news/national/how-police-broke-net-pedophile-ring/2008/03/22/1205602728709.html>
Black, T. 2008 ‘Detica White Paper: The Information Revolution and its impact on Homeland Security’ Homeland and Border Security Conference, London.
Internet Safety and Security.
In 2003, Microsoft Founder, Bill Gates received a personal letter from Sergeant Paul Gillespie of the Toronto Police, concerning the formidable technical resources online predators employ and the challenge the police force faced in tackling this. In response to this plea, the company designed a new software known as ‘CETS’ which supports criminal investigators to efficiently organize and share media they come across during investigations. It allows units from various countries to effectively classify track and identify links between indecent material, enabling them to identify owners and uncover international child-porn syndicates. The tool is now in use in ten countries by over 400 investigators worldwide, with demand growing steadily as successes become known (Microsoft 2009). Microsoft offers the program to interested law enforcement agencies free of charge and donates all training and server software required to deploy the application.
Support to Interpol and the International Center for Missing and Exploited Children (ICMEC).
The International Centre for Missing & Exploited Children (ICMEC), founded in 1998 and launched by the U.S.-based National Center for Missing & Exploited Children (NCMEC), works to identify and coordinate a global network of organizations fighting child-sexual exploitation and abduction. ICMEC’s Executive Board includes prominent private sector representatives from CRT Capital, Deutsche Bank AG, F. Hoffmann-La Roche, Kermet Corporation, Kramex Inc. Mayo Clinic, Microsoft, Standard Chartered and others (ICMEC 2011). Interpol, ICMEC and Microsoft have collaborated under this partnership to train approximately 3,219 police officers from 113 countries through seminars conducted in collaboration with ICMEC and Interpol titled “Computer Facilitated Crimes Against Children”. This 5 year program, ended in November 2008, with a final seminar in Rome. ICMEC continues to deliver similar training in conjunction with the Organization of American States,
Microsoft Latin America and others. In 2010 alone, ICMEC participated in training sessions in Barbados, Brazil, Belize, Costa Rica, Dominica, Grenada, Guatemala, Guyana, Honduras, Russia, and Trinidad &Tobago.
In March 2006, Senator Richard Shelby (R-AL), Chairman of the U.S. Senate Banking, Housing, and Urban Affairs Committee, was the catalyst in establishing the Financial Coalition Against Child Pornography (FCACP). NCMEC and ICMEC now manage this initiative with the support of 35 of the world’s most prominent banks, credit card companies, third-party payment companies, and Internet services companies. Members of the Coalition include America Online (AOL), American Express Company, Banco Bradesco, Bank of America, Bank of New York – Mellon, Capital One, Chase Paymentech Solutions, CheckFree, Citigroup, CyberSourceÃ???Ã??Ã?Â¢Ã???Ã???Ã???Ã??Ã¯Â¿Â½Authorize.Net, Deutsche Bank Americas, Discover Financial Services, Elavon, First Data Corporation, First National Bank of Omaha, Global Payments Inc., GoDaddy.com, Inc., Google, Green Dot Corporation, HSBC – North America, JP Morgan Chase, MasterCard, Microsoft, National Processing Company, North American Bancard, PayPal, Premier Bankcard, ProPay Inc., Standard Chartered Bank, Visa, Wells Fargo, WePay, Western Union, Xoom.com, and Yahoo! Inc. To date, the FCACP represents nearly 90% of the U.S. payments industry. Microsoft has also donated the Photo-DNA system to both NCMEC and ICMEC in collaboration with Dartmouth College.
To combat cyber-crime effectively, law enforcement agencies need the right legal instruments, IT crime prevention training, and a pro-active tool-set and capacity to detect, track and combat emerging cyber-crime trends.
The list of requirements for an effective response is vast but can be generally characterized by:
· On-line cyber-crime Information portals to inform officers and the public to be better able to protect themselves;
· Agile and integrated data management systems that monitor cyber-crime trends
· Synchronized IT platforms to support cross jurisdictional information share at a speed sufficient to counter the global threat cyber-crime poses.
· IT systems which can counter cyber-attacks and track cyber-criminal footprints;
· A uniform transnational legal arsenal criminalizing the use of computers, access devices and the internet for criminal purposes;
· International agreements to support better global collaboration;
· Advanced training for law enforcement personnel on cyber-crime and cross-jurisdictional collaboration;
· Training for judges and judiciary personnel on cross-jurisdictional collaboration.
Filling this demand set requires cutting-edge technological support. PPPs involving IT companies provide one beneficial venue. Not surprisingly, lead IT companies are strongly invested in promoting safe and secure ICT. Responsible business practice requires IT companies to invest heavily in R & D to maintain and improve upon the integrity and viability of their commercial offer. Thus, leading IT companies have a solid competency set and an array of security tools developed for commercial application which could support public efforts to fight cyber-crime.
For example, the Australian Customs Service employs high-tech methods to protect Australia’s borders from illegal immigration, drug smuggling, and other security threats (Microsoft 2008). To support its efforts, the organization uses a comprehensive IT infrastructure to manage thousands of computers and mobile devices. Since early 2007, Customs has successfully implemented a new security solution based on Forefront Client Security technology to help protect its systems against viruses, spyware, and other security threats. Forefront is a commercial software package that delivers protection, access, and management solutions, built around user identity and is integrated with an interoperable platform.
Most recent Example
Numerous studies have assessed the most effective mechanisms of assuring this social contract in traditional, modern and post-modern societies. Many such studies point to the fact that in democratic societies, “policing”, is most effective when it has the engaged support of civil society. Police states and repressive forms of government have their own forms of effective control which assure security. The costs of such security are significant and multi-dimensional and go well beyond the scope of this article.
True to the PPP model, such partnerships may reflect the pursuit of a commercial opportunity, pro bono philanthropy, or Corporate Citizenship. The result, however, whatever the mix can be very powerful indeed. Private sector competencies aligned to the task of preventing criminal activity have demonstrated far reaching impact.
Is it enough for academia in the public security space to cite trends, challenges and policy prescriptions? Or, is a more constructive engagement now increasingly necessary, one that would include promoting private sector partnerships that can work to mitigate or respond to emerging trends.
CETS: a software solution built using open industry standards, assists law-enforcement officials in their work to stop the exploitation of children on the Internet by enabling effective collaboration and providing a set of advanced software tools and technologies for use by investigators. Officially launched in 2005, CETS was developed jointly by Microsoft Canada, the Royal Canadian Mounted Police (RCMP) and the Toronto Police Service. Source:<http://www.microsoft.com/presspass/features/2005/apr05/04-07CETS.mspx>
Amounts as of March 2009. Source: Microsoft Asia Public Sector Presentation in Manila.
Source: USA Today 5 August, 2011 page 4a
See “Digital Forensics for Catching Child Predators” Sam Khoury; Publicyte Digital Magazine; http://www.publicyte.com
The use of digital signatures implies a different means where information about child sex crimes can be shared. Because, like actual fingerprints or biological DNA signatures, one can have evidence that two people are the same without actually seeing what they look like, sex crimes information can be “shared without being fully shared,” which is respectful of victims, does not violate certain local laws, and has other useful qualities. Source: The Sam Khoury blog.
Source: USA Today 5 August, 2011 page 4a
The International Centre for Missing & Exploited Children (ICMEC), founded in 1998 and launched by the U.S.-based National Center for Missing & Exploited Children (NCMEC), works to identify and coordinate a global network of organizations fighting child-sexual exploitation and abduction. ICMEC’s Executive Board includes prominent private sector representatives from CRT Capital, Deutsche Bank AG, F. Hoffmann-La Roche, Kermet Corporation, Kramex Inc. Mayo Clinic, Microsoft, Standard Chartered and others (ICMEC 2011). Interpol, ICMEC and Microsoft collaborated under this partnership to train approximately 3,219 police officers from 113 countries through seminars conducted in collaboration with ICMEC and Interpol titled “Computer Facilitated Crimes Against Children”. The final training of this partnership was held in November 2008 in Rome. ICMEC continues to deliver similar training in conjunction with the Organization of American States, Microsoft Latin America, and others. In 2010 alone, ICMEC participated in training sessions in Barbados, Brazil, Belize, Costa Rica, Dominica, Grenada, Guatemala, Guyana, Honduras, Russia, and Trinidad &Tobago.
Paulo Freire was a Pedagogical Specialist who pioneered the use of Praxis as a component of educational methodologies. In short, praxis implies the field application of intellectual knowledge to ground test and refine its validity.
Source: Crime Stoppers UK 2009/2010 Annual Report. http://www.crimestoppers-uk.org/media-centre/publications
Black, T. 2008 ‘Detica White Paper: The Information Revolution and its impact on Homeland Security’ Homeland and Border Security Conference, London.
International Herald Tribune August 5-6 edition.
Began in 1997, the Black Hat Conference has become the most important technical security conference series in the world with an estimated 6,500 digital experts and professionals including representatives of federal agencies and corporations along with hackers present at the August 2011 conference in Las Vegas Briefings cover various topics including Reverse Engineering, Identity and Privacy, and hacking. Black Hat is known for the antics of its hacker contingent, and the disclosures brought in its talks. Conference attendees have been known to hijack wireless connections of the hotels, hack hotel TV billing systems, and even hack the automated teller machine in the hotel lobby.
Global Edition New York Times, August 6-7, 2011
The December 2010 report for example shows that:
Product advertisements accounted for 54.0% of spam in 2010, which is down from 69.2 percent a year ago (32.4 % nonsexual pharmaceutical products, 18.3% non-pharmaceutical product and 3.3 % sexual performance products...
In the first half of 2010, phishers showed signs of targeting online gaming sites with increasing frequency, although this push appeared to have dwindled as social networks came under increased attack. Phishing sites that target social networks routinely receive the highest number of impressions per active phishing site. After increasing gradually and then reaching a plateau through the first eight months of 2010, the number of spam messages received and blocked by Microsoft Forefront® Online Protection for Exchange (FOPE) dropped abruptly in September, and again in December. These drops can be correlated with events involving two of the world’s most significant spam-sending botnets: the Win32/Cutwail spambot and the large Rustock botnet. When the Rustock botnet was taken down some spam trackers reported a drop in the global spam rate as high as 50 percent or more.
Vulnerabilities in applications versus operating systems or web browsers continued to account for a large majority of all vulnerabilities in 2010, although the total number of application vulnerabilities declined 22.2 percent from 2009.
 Source: http://www.safeinternet.org/about/mission-goals-principles 27th August 2011
Source: http://www.microsoft.com/presspass/emea/presscentre/pressreleases/WAFightScams-02122010.mspx 27th August 2011
CETS allows units from various countries to effectively classify track and identify links between indecent material, enabling them to identify owners and uncover international child-porn syndicates. The tool is now in use in nine countries by over 400 investigators worldwide, with demand growing steadily as successes become known. Microsoft offers the program to interested law enforcement agencies free of charge and donates all training and server software required to deploy the application. So far, this collaborative initiative has achieved impressive results. It has been used to solve several high-profile cases and in establishing an international network of information and communications to help fight the problem. One such success story was an investigation conducted by the Australian Federal Police in 2008, which used the program to smash an international paedophile internet network (Walker 2008). The investigation led to the arrest of more than 22 paedophiles in the US, Canada, Europe and Australia who believed their super encryption code was enough to make them undetectable. From the perspective of Australian Federal Police High Tech Crime Centre director James McCormack, collaborations with the private sector of this kind are helping police to outsmart internet criminals. "It is a war being fought on many fronts. They do have very sophisticated means to hide their crimes but we are also using more and more sophisticated techniques and we are now having great success in this area” (Walker 2008).
So far, this collaborative initiative has achieved impressive results. It has been used to solve several high-profile cases and in establishing an international network of information and communications to help fight the problem. One such success story was an investigation conducted by the Australian Federal Police in 2008, which used the program to smash an international paedophile internet network (Walker 2008). The investigation led to the arrest of more than 22 paedophiles in the US, Canada, Europe and Australia who believed their super encryption code was enough to make them undetectable. From the perspective of Australian Federal Police High Tech Crime Centre director James McCormack, collaborations with the private sector of this kind are helping police to outsmart internet criminals. "It is a war being fought on many fronts. They do have very sophisticated means to hide their crimes but we are also using more and more sophisticated techniques and we are now having great success in this area” (Walker 2008).