How ‘Digital’ is Traditional Crime? Lorena Montoya * , Marianne Junger † Pieter Hartel * , * Distributed and Embedded Security Group † Industrial Engineering and Business Information Systems University of Twente, The Netherlands {a.l.montoya, pieter.hartel, m.junger}@utwente.nl Abstract—Measuring how much cybercrime exists is typically done by first defining cybercrime and then quantifying how many cases fit that definition. The drawback is that definitions vary across countries and many cybercrimes are recorded as traditional crimes. An alternative is to keep traditional definitions of crime and quantify the amount of associated information and communication technologies (ICT) that each contains. This research established how much ICT was used a) in the three phases of the ‘crime script’ (i.e. ‘before’, ‘during’ and ‘after’), b) during the criminal investigation and c) in the apprehension of the suspect(s) and d) whether digital crimes differ from traditional crimes in terms of the relationships between the victim and the offender or in terms of the physical distance between them. Residential and commercial burglary, threats and fraud were investigated and 809 incidents from the Police Department of East Netherlands were studied. It was found that ICT does not affect all types of crime equally: 16% of the threats and 41% of all frauds have partial digital modus operandi (MO). To commit burglaries, however, offenders hardly ever use ICT. In 2.9% of the residential burglaries, however, bank cards were stolen and later used to steal money from a bank account. For commercial burglary there was no associated ICT. Digital crimes differ from traditional crimes in a number of ways: the geographical distance between the victim and the offender is larger; digital threats occur relatively more often between ex- partners and digital frauds occur more often between business partners compared to traditional fraud. The study found that physical tools are more often linked to apprehension than digital ones. The regression models, however, showed digital and physical tools to be equally strong at predicting apprehension. The main findings show that ICT plays a greater role in traditional crime than expected on the basis of previous research. I. I NTRODUCTION The question of how much cybercrime exists is difficult to answer. The imprecision of victim surveys [1] and the unstan- dardized description of cybercrime incidents by commercial companies [2], [3] and the police might explain the lack of figures [4]. It seems plausible that cybercrime has become a relatively large part of overall crime. Internet use has grown rapidly. In the U.S.A, for example, 43.1% of inhabitants were internet users in 2000 and by 2010 the figure had reached 74.2%. Similarly, in The Netherlands the figures are 43.8% and 90.7% respectively [5]. Due to its widespread accessibility, the Internet has further facilitated offenses carried out with a computer. It is possible that criminals might have adapted to the increasing digitalization of society and that accordingly, cybercrime is on the increase. Several authors consider that technology can have a pro- found impact on crime since it changes society; that the increased use of computers and the fact that internet connects (almost) everybody to (almost) everybody else in the world has made crime a lot easier [6], [7], [8], [9]. For instance, since the internet sometimes allows potential offenders to depersonalize victims, it might lead them to move more quickly towards ac- tual criminal behavior [10]. An offender does not have to come face-to-face with a potential target, therefore making it easier for the offender to complete the victimization of the target [11]. In addition, all the available information present on the internet can be used for good or for evil. These developments explain the increasing interest in collecting more information on the prevalence and the characteristics of cybercrime. There are two global approaches for the measurement of cybercrime. The first approach consists of developing a definition of cybercrime and then measuring how much crime meets this definition. This approach implies that there is ‘traditional’ crime on the one hand and ‘cybercrime’ on the other hand, meaning that cybercrime can be measured as a sep- arate category of crime. This approach was followed by [12]. They defined cybercrime as ‘the use of IT for committing criminal activities against persons, property, organizations or electronic communication networks and information systems’. [12] examined a representative sample of 13,037 crimes, as registered in the police records (10.4% of the total number of registered crimes) in the police region Zuid-Holland Zuid in 2007, and of 22,771 crimes (10.7% of the total number of cases) in the police region of Hollands Midden in 2007. In order to measure the amount of cybercrime, they used a search protocol for keywords that can be associated with cybercrime, such as ‘computer’, ‘cyber’ or ‘digital’. For Hollands Midden they found 72 cases of cybercrime, which constitutes 0.32% of all registered crime; taking into account the margin of error, the amount of cybercrime was estimated to be in the range of 0.25% and 0.39%. In Zuid-Holland Zuid there were 70 cases of cybercrime, which represented 0.54% of all crime. Taking into account the margin of error, the amount of cybercrime was estimated to be in the range of 0.42% and 0.66%. The implication of this study was that the amount of cybercrime is less than 1% of the total number of crimes registered by the police. A second approach follows a different line of reasoning. This approach focusses on the digital modus operandi (MO) of traditional crime. Most forms of cybercrime are not unique to the online world since they have long-established terrestrial counterparts [13], [14], [15] such as fraud, threats, sale of banned material and intellectual property offences. These types of offences pre-date the Internet but have found new forms of life online. Hacking activities could be seen as computer- aided versions of vandalism or trespassing. When a hacker