Survey of Cyber-risk Management Practices in Community Corrections

Article Tools Print This Page | Comments(0) | Suggest a Story

By Art Bowker, Cybercrime Specialist

Published: 01/13/2014

Recently I wondered how things have changed since I started writing these articles. In my 2007 piece I concluded by noting:

"It is clear that technology has benefited society in so many ways. It is equally clear that offenders have found ways to use technology to the detriment of society. Probation, parole, and pretrial officers, like law enforcement previously, are learning that we must not let offenders go unchecked in this new arena of criminal behavior. Community supervision agency managers and administrators must be willing to support their staff in developing and learning these skills to be effective change agents in the future. Otherwise, offenders will continue to increase their technological edge, creating an unacceptable risk to our communities."

To kind of get an idea of where agencies are at I decided to do a survey. In September of this year I solicited input from a LinkedIn Group (Community Corrections Cyber-Supervision Group) by asking for their responses to ten questions related to cyber-offender management. I figured this would be a good group to target, since I started it in July 18, 2009 … “for community corrections officers (pretrial services, probation, and parole) and others who are involved with supervising individuals in the community and in cyberspace.” The vast majority of members work as line officers or as supervisors/managers in probation or parole agencies. However, there are also a few individuals who are consultants or work as vendors. At the time I solicited the group’s input we had 378 members. Thirty-five percent were in entry level positions; 32% in management, and 13% in senior level positions. The remaining 12% fell in the following three other categories, director, owner, etc. A high percentage of the group, eight percent, were located in either the New York or Boston areas. The online survey was only sent to group members and was only open from September 4, 2013 to October 31, 2013. I got 37 responses, or approximately 10% of the group.

Twenty-seven percent of the responses came from individuals located in California. Followed by 11% in Ohio or Texas; 8% in Nebraska; 5% in Illinois or Utah; and 2% in Idaho, Michigan, Minnesota, New Jersey, New Mexico, Oregon, Pennsylvania, Tennessee, or Virginia. Approximately 46% of the individuals worked for state agencies, with 35% working for local or county agencies. Fourteen percent worked in the U.S. federal system. One response was received for an individual working at an agency in Canada. The vast majority of individuals responding, 73%, had experience in probation. Thirty-seven percent had experience in parole and 13.5% with pretrial services cases. Approximately 11% of the respondents were chiefs or administrators.

The most prevalent supervision practice to manage offender cyber-risk was home and/or employment visits, with 70% identifying it use. This was followed by 68% using computer searches or Internet investigations (such as checking social media). Sixty-two percent used location monitoring devices. Fifty-seven percent of the individuals indicated they used computer monitoring. Thirty percent of the respondents used polygraph examinations.

Many of the individuals reported using more than one supervision technique. Fifty-four percent of those who used home/employment visits also used computer searches or Internet investigations. Thirty-eight percent of those using home/employment visits also did computer monitoring. Of those who did computer searches, 64% also did computer monitoring or Internet investigations. Twenty-seven percent of the respondents did home/employment visits, computer searches, computer monitoring, and Internet investigations. Eleven percent of the respondents did everything, ie. home/employment visits, third party contacts, computer searches and monitoring; Internet investigations, polygraph examinations, and location monitoring. Fourteen percent of the respondents report their agency has monitoring software installed by law enforcement. Another 11% used a private contractor to install monitoring software on offenders’ computers.
Approximately 32% reported that law enforcement personnel from outside their agency conduct computer searches on their behalf. No respondents reported their agency used a private contractor to conduct computer searches for them. Respondents noted their agencies used computer monitoring and/or searches to manage risk in the following types of cases:

Sex Offenders, 78%
Internet Harassment/Stalking, 35%
Internet/Identify Fraud, 27%
Check Fraud, 22%
Hacking Offenses, 16%
Counterfeiting, 16%
Approximately, 19% reported not using either computer monitoring or searches to manage cyber-risk in any cases.

Respondents collectively identified the following resources lacking in the management of offender’s computer use:

Training, 65%
Time/Other Resources, 62%
Staff, 46%
Equipment and/or Monitoring or Search Software, 41%
Policy/Procedures, 32%
Judicial Support, 27%
Administrative/Management Support, 22%
Legislative Support, 22%

Okay, what does all this mean? Well, clearly agencies are using various techniques to manage cyber-risk, with home or employments visits of all things, topping the list. Home visits are great for detecting if an unauthorized computer is in the home or work site. However, such visits alone are useless in determining what someone might have done on a computer. At least 54% of the agencies doing visits agreed with me because they also use computer searches. I would hope it would be higher. I was bit surprised to see that only 57% of the respondents report their agency used monitoring software and only 30% used polygraph examinations. I was disappointed more agencies were not using both computer monitoring and searches. They must not have read the American Probation and Parole issue paper or seen the webinar on that topic. I was not surprised to see how many individuals were reporting their agencies lack such things as training, time, staff, equipment and software. More is needed if officers are expected to effectively manage cyber-risks. I wonder what these results would have been had I done this survey when I started writing these articles. With 65% noting they needed more training, I can’t imagine it being much worse. Between 22% to 27% observe they lack administrative, legislative, or judicial support in managing offender computer use. I know law enforcement is being relied on by some agencies to install monitoring software and to search computers. But, will they be able to help to the extent needed? Remember my 2007 comment noted above. We clearly are still not doing enough and I fear we are creating an unacceptable risk to our communities. It is meaningless if courts and parole authorities impose conditions that can’t be enforced by supervision officers, with or without the aid of law enforcement. Hopefully, if I do this survey again in a year or two the results be will better. Until then I left a cigar lit somewhere. Be safe out there.

Mr. Bowker has over 27 years’ experience in law enforcement/corrections and is recognized as an expert in managing cyber-risk in offender populations. In addition to co-writing Investigating Internet Crimes, 1st Edition: An Introduction to Solving Crimes in Cyberspace, (Syngress, November 2013), he is also the author of The Cybercrime Handbook for Community Corrections: Managing Offender Risk in the 21st Century. In 2013, he was recognized by the Federal Probation and Pretrial Officers Association (FPPOA) and the American Probation and Parole Association (APPA) for his contributions in managing cybercrime risk in offender populations.

Other articles by Bowker:

Visit The Three C’s

Comments:

No comments have been posted for this article.

Login to let us know what you think

MARKETPLACE search vendors | advanced search