Cyber crime as a fragmented policy field in the context of the area of freedom, security and justice

Cyber crime has recently become one of the most important internal security priorities for the European Union (EU), second only to the disruption of international organized crime networks and the prevention of terrorism (European Commission 2010). It is considered as an ever-growing threat to the lives of citizens, the political systems and economic infrastructures in the EU (European Commission 2015c): ‘The threat is very much a real one. The number of cyber attacks in the world is on the rise and the cost of cybercrime is skyrocketing’ (Malmström 2011: 1). The understanding of this phenomenon as having become exacerbated has been the result not only of the perceived risks associated with the increased technological dependency of Europe, and indeed the proliferation of new technologies such as smartphones, which create new vulnerabilities and opportunities for criminal activity, but also of a societal pressure to take swift action in this field. After all, as the saying goes, ‘something must be done’. In recent years, the number of objects and processes that have incorporated advanced computerized elements has grown exponentially, to include not only laptops, tablets and smartphones, but also cars, fridges, toys, classrooms and musical instruments. In 2012 there were 8.7 billion devices connected to the Internet, a figure that had grown by 2014 to 10 billion (Europol 2014a), and is projected to increase to 50 billion by 2020 (Europol 2014b). The ‘digital revolution’ has led to dramatic changes in the way we live our personal lives, interact with others, conduct business and learn in school. Although predominantly portrayed in a very positive light through having brought significant economic development and improved quality of life, these technologies are also understood as vulnerable, insecure and easily taken advantage of by criminals (European Commission 2015c). The idea that technology, and more specifically cyberspace-related activities, are susceptible to attacks has also become widespread among the European population, which has expressed concern over the frequency and severity of cyber crime risks and the existence of insufficient measures. According to the 2015 security Eurobarometer, 63 percent of the population believes that cyber crime will continue to increase, with 20 percent of the population believing that it is the most important security threat the EU currently faces (European Commission 2015b). In addition, only 28 percent of the global population feels that law enforcement has the adequate tools to respond to this problem (PWC Global 2016). Such societal pressure has contributed considerably to the development of a range of ‘anti-cyber crime’ measures as part of the EU’s cyber security strategy. Although the field of cyber crime is a fairly recent policy development, 1 the EU has already invested heavily in preventive programs, enhancing law enforcement capabilities, fostering awareness and developing institutional coordination mechanisms.