Is Facebook the right place to report a crime?

Filed Under: Facebook, Featured, Law & order, Social networks

Ballarat, a country town in Victoria, Australia, has made the news today thanks to social networking.

Under the headline Police tell users Facebook takes the complaints, regional newspaper The Courier reports:

Flyers have been sent to several police stations in the region, urging residents to contact Facebook's abuse department for minor matters rather than involve police.

But breathless, if unofficial, evangelist website All Facebook has reworked this headline to make it more impressive. They're shouting out loud that Australian Cops Want Crimes Reported Via Facebook.

But this isn't at all what the cops are suggesting. In fact, it looks as though the cops are urging people to seek resolution from Facebook for all matters which aren't crimes, so that they can have more time to deal with serious online matters which require police involvement.

Facebook isn't a law enforcement agency - and even if it were, it wouldn't have jurisdiction in Victoria, or almost all other places on earth. Crimes should be reported to the police. They're empowered to investigate and to act against wrongdoers.

(Police in your jurisdiction may have online reporting systems for cybercrimes. It's well worth checking. Examples include the FBI's gloriously easy-to-remember IC3 - the Internet Crime Complaint Center - at, and the Queensland Police Service's Advance Fee Fraud Reporting Form for dobbing in scammers.)

The Ballarat region, and the Ballarat police, are no strangers to Facebook-related criminality: almost exactly a year ago, the cops intervened over an odious Facebook page entitled "100 Biggest Sluts of Ballarat", which allegedly named girls as young as 14.

Of course, this raises the question, "How do I know whether online anti-social behaviour, or the latest outbreak of fraudulent Likejacking, is a crime or not?"

Where does online behaviour cross from being odious and reprehensible to being criminal? And what about cases that are on the borderline?

I suspect that many Facebook users might assume that the simplest way to get rid of abusive content would be to ask Facebook simply to to knock it offline. No need for police reports, official statements and potential lengthy entanglement in a criminal court case in which you have to front up to your abuser from the witness box.

But it's not always that easy to get Facebook on your side. Naked Security's own Graham Cluley found that out three years ago when he returned from an overseas vacation to discover that he was being subjected to arson and death threats against his family.

The provocation for this behaviour was a fraudulent Facebook page using Graham's identity to taunt British soldiers.

Graham was informed by Facebook that this was out of their bailiwick - indeed, they advised him to go to the police - and only took down the offending material when he came up with the master-stroke of pointing out that some of the malevolent material was violating Sophos's copyright. That got Facebook's attention at once!

So the Catch-22-esque problem faced by the Ballarat police is that to persuade people to stop phoning them with online behavioural complaints which are out of their remit, they've had to invite people to phone them to find out which complaints are in their remit.

Nevertheless, common sense can help shield you from a lot of odious on-line trouble. As Craig Pearce, a Sergeant with the Ballarat police, wryly points out, There's no need to have 1600 friends on Facebook if you don't like them."

You should also consider joining the SophosSecurity page on Facebook, where you can keep on top of the latest security threats, and ask for help with Facebook issues amongst our thriving community of more than 95,000 people. No, we're not suggesting you befriend them all. Keep friendships - both on-line and off-line - for people you actually know, and like, and trust.

, , , , , , , ,

You might like

3 Responses to Is Facebook the right place to report a crime?

  1. Adrienne Boswell · 1561 days ago

    Maybe it's time for Internet Police, so when someone says "Who are YOU, the Internet Police", and someone else can say "Well, yes, and as a matter of fact, your computer and anything connected to it have been electronically seized, and local police notified by GPS are breaking down your door to arrest you as you read this". The IP would have jurisdiction all over the world, so if you were a cyber-criminal in Nigeria and you were scamming a little old lady in Pasadena, you would get charged and arrested. If you posted libelous or other malicious content on Facebook, you would go to Internet jail, and not be able to post anywhere for X amount of time, plus have to pay real legal fees to the cyber court, cyber judge and cyber attorneys.

  2. jessi · 1561 days ago

    In Vancouver British Columbia, crowd-sourced online justice is not only encouraged, it's rewarded by leading to humiliating arrests and online shaming for all to see.

    If you were to complain to the Vancouver Police Department about someone saying you were a criminal on Facebook, the VPD would summarily arrest you for being a criminal on Facebook.

  3. The only problem with global jurisdiction is figuring out whose laws to use.

    For instance, the US and the UK have very different stances on libel laws. If someone in the US wrote something negative and unsubstantiated about someone in the UK, and the UK person reported them for libel, should the US person be sent to Internet Jail without a trial for something that's not a crime in their physical jurisdiction?

    How about if a US person wrote something about another US person and a UK person reported them?

    What steps would be taken next, and by who? US system of Judge (and possibly jury)? Sharia law? Some elected panel that would have to weigh each case? ISPs based on the IT department's feelings on the matter?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog