Gráinne Kirwan and Andrew Power, authors of Cybercrime: The Psychology of Online Offenders, explain the use of forensic psychology in cybercrime.
Compared to many other disciplines, forensic psychology has a very short history. Even so, it has needed to adapt and adjust at a rapid pace in order to keep up with changes in policing techniques and criminal behaviour.
Probably the most pronounced of these changes is the criminality associated with the development and rapid popularisation of the Internet, which both created new types of crime (such as hacking and malware development) and enabled perpetrators of existing types of crime to conduct their behaviours in less demanding and/or more widespread ways (such as identity thieves, terrorists, and developers and distributors of child pornography).
A new type of criminality
This new type of criminality can best be studied and explained through a combination of theoretical and empirical perspectives, including those developed in criminology, forensic psychology and Internet psychology.
It could be argued that existing criminological and forensic psychological theories of crime might also provide explanations for online criminal behaviour.
Indeed, theories such as Routine Activity Theory, Rational Choice Theory and Social Learning Theory can provide valuable insights into cybercrime, particularly if considered in conjunction with the regularly examined concepts of anonymity, disinhibition, security and privacy which form a substantial portion of research to date in Internet psychology.
It is not just theoretical explanations of crime that are useful in tackling the problem of cybercrime. Some of the more applied aspects of forensic psychology are also directly applicable to online criminality.
For example, the possibility of extending offender profiling techniques to cybercriminals (particularly hackers) has been examined by some authors. Similarly, research examining the effectiveness and suitability of various types of punishment can be applied to online settings, with some research particularly noting the importance of specific deterrence for offences such as digital piracy. Similarly, the potential for restorative justice in cybercriminal cases has also been explored.
The importance of victim research has not been overlooked, and it should be remembered that just because an offence occurs online, this does not mean that the victim is precluded from experiencing cognitive, emotional and physiological effects. In addition to this, the victim may experience a certain degree of ‘victim-blaming’ (where the individual is ascribed blame for their victimisation by others, often due to perceived facilitation or precipitation of the criminal event). Considerable research has also attempted to determine what demographic and personality traits might lead to increased risk of cybercriminal victimisation.
Armed with victim profiles such as these, crime prevention strategies can be employed that specifically attempt to help these vulnerable groups to engage in protective measures. For example, it has been noted that self-efficacy is an important factor in determining whether or not an individual secures their technology appropriately. The parallels to health psychology are evident, and similar mechanisms can be employed to improve online safety as are used to successfully promote healthy behaviours.
Of course, there are many aspects of mainstream forensic psychology that have limited or no application to cybercrime. For example, topics such as eyewitness memory, while not completely irrelevant to all cybercriminal cases, certainly play a more limited role than in offline offending. Nevertheless, the vast resource of previous research in forensic psychology is useful and can, in many cases, be applied to cybercriminal cases. Similarly, the focus on technological solutions to cybercrime is essential – but consideration of the added value that psychology can contribute to investigations and preventative strategies is also important.
Technological and psychological methodologies addressing the problem of cybercrime are complementary – utilising both provides a stronger approach than either alone can achieve.