Vigilantes and private security are policing the internet where governments have failed

Mark Button, University of Portsmouth

The internet revolution of the past 20 years has opened up countless new ways for people to shop, bank, find love – and to commit crimes. Every time we switch on a computer, open an email, view a website or make an online payment, there are multiple new opportunities for crimes to occur. In fact, almost half of all crimes against individuals in England and Wales now involve or are enabled by the internet.

These technological changes have fuelled a substantial new private policing sector that includes commercial companies but also online vigilantes. This change is comparable to the “quiet revolution” seen in the 1970s when conventional private policing, particularly the use of uniformed security officers, emerged on an industrial scale.

Despite its scale, online private policing activity has been largely ignored by researchers and politicians. Yet it is already creating some significant issues that need addressing.

This new online private policing sector exists most obviously in the numerous companies providing services. These include designing, testing and maintaining security systems, responding to cyber-attacks and moderating websites for harmful or illegal content.

But many other organisations have also developed their own cybersecurity structures to better protect themselves from online crime. In most large organisations, these structures are led by what are generally called chief information security officers (CISO) but there are also many other new cybersecurity roles such as security architects and ethical hackers.

Globally, this new sector is estimated to support around 6 million jobs and is predicted to be worth US$248 billion (£190 billion) by 2023. This is much more than the traditional private security industry, which is only predicted to be worth around US$167 billion (£128 billion) by 2025.

One of the most interesting roles to emerge in this new sector is that of the moderators who police the content published on the internet. They play an important role in preventing the publication of undesirable material, from hardcore pornography and footage from war zones through to abusive and inappropriate language.

There has been virtually no academic research of these important operatives. But media reports have raised concerns over the welfare of these staff, who often have to view large amounts of distressing content, including images. So their conditions of employment and capabilities should be more of a priority for researchers and regulators.

Online vigilantes

The internet hasn’t just stimulated new forms of commercial private policing but has also enabled a new type of vigilantism to flourish. For example, the limited law enforcement response to the masses of scam emails and bogus websites we’re at risk from everyday has led to the growth of “scambaitors”. These are private individuals who try to engage with scammers and waste their time or simply raise awareness of their scams.

One of the problems with scambaiting is the humiliation and racism often involved. For example some scammers have been encouraged to do repetitive tasks such as draw street maps and rewrite books, paint themselves or pose naked in humiliating positions, all of which have then been publicised. Sometimes this is done with explicit or implicit racist commentaries, relating to the fact that many of the scammers are black West Africans.

Perhaps the most controversial area of online vigilantism that has emerged is paedophile hunting. Organised groups of internet users pose as children in online chatrooms to lure and expose paedophiles.

The actions of these groups have clearly helped the police and led to the exposure of real paedophiles who have subsequently been charged and convicted. In 2018, at least 150 people in England and Wales were charged using evidence provided by paedophile hunters.

But some groups have made their exposures and confrontations public, in some cases even live-streaming them online. This has led to innocent people being falsely and publicly condemned, while others have killed themselves after the exposure. It has also been revealed that some of the people enacting this “justice” are themselves convicted criminals – whereas police forces themselves often bar people with criminal records from joining.

The rapid growth of both commercial and amateur attempts at policing the internet shows there is a demand that is not being met by the traditional provider of law enforcement, the state. But the problems that are emerging from this private security activity demonstrate why it isn’t enough to leave such significant operations to the market or volunteers.

The first “quiet revolution” eventually resulted in many jurisdictions introducing regulations to better control the activities of private security. This new shift at least warrants further research and investigation to determine if the controls are adequate. The suspicion is that they are not.

Mark Button, Professor of Security and Fraud, University of Portsmouth

This article is republished from The Conversation under a Creative Commons license. Read the original article.