Recorded Crime in Scotland, 2020-2021

Statistics on crimes and offences recorded and cleared up by the police in Scotland, split by crime or offence group and by local authority. This bulletin also includes a new chapter which presents an estimate of how many cyber-crimes were recorded in Scotland during 2019-20 and 2020-21.

This document is part of a collection


3. Police recorded cyber-crime in Scotland

This new chapter within the Recorded Crime bulletin presents an estimate of how many cyber-crimes were recorded in Scotland during 2019-20 and 2020-21. It also considers the impact on these statistics of a recent procedural change to the recording of cyber-crime, whereby cases are now included for those incidents where the perpetrator was likely to be based outside the United Kingdom (UK).

The information provided below relates to cyber-crimes which have come to the attention of the police. It does not provide information on the characteristics of all cyber-crime committed in society, as not all of these crimes are reported to the police.

Background

Defining cyber-crime is complex, with no agreed upon definition of the term. The main debate centres around the extent to which cyber technology needs to be involved for the crime to be termed ‘cyber-crime’. For the purposes of recorded crime (as defined in the Scottish Crime Recording Standard), a broad definition of cyber-crime is adopted that includes crimes in which cyber technology is in any way involved. This ranges from crimes where a digital system, infrastructure or Information and Communication Technology (ICT) device is the target as well as the principal or sole method of attack, known as ‘cyber-dependent’ crimes (such as the spreading of computer viruses), to ‘traditional’ crimes where the internet has been used as a means to commit the crime, known as ‘cyber-enabled’ crimes (such as online fraud or sexual crime). Throughout this chapter, both ‘cyber-dependent’ and ‘cyber-enabled’ crimes are referred to collectively as ‘cyber-crimes’.

A procedural change was made in April 2020 to how crimes which could involve a victim and a perpetrator in different physical locations (e.g. cyber-crimes) are recorded. Prior to the 1st April 2020, these statistics excluded any crime with a victim in Scotland and a perpetrator who was confirmed by the police to be outside the UK when the crime took place. Following a recommendation by Her Majesty’s Chief Inspectorate for Constabulary in Scotland (HMICS) to review recording practice in this area[6], the Scottish Crime Recording Board approved a change so that from the 1st April 2020 these crimes are now included in the statistics. It should be noted that those cases with only a suspicion or insufficient evidence to confirm that the perpetrator was outside the UK were always included.

This change led to the recording of additional crimes for those types of crime which could be committed using digital technologies. As such, one of the aims of this analysis was to estimate the extent to which the procedural change has impacted the levels of recorded crime in Scotland.

The estimates provided in this chapter are based on a review of crime records, whereby a random sample of cases was drawn across Scotland for those types of crime that could in theory involve a cyber-element. The review considered which proportion, by crime type, actually were cyber-crimes in 2019-20 and 2020-21, along with how many may have been newly recorded in 2020-21 as a result of the procedural change discussed above.

As this analysis is based on a sample of police records (rather than all police records), it should be seen as providing a broad estimate of the volume and type of cyber-crime recorded in Scotland, rather than an exact count. The exception to this are crimes under the Computer Misuse Act 1990 (within the Fire-raising, vandalism etc. crime group) where all crimes were reviewed due to their relatively low volume recorded.

Estimated volume of cyber-crimes

In 2020-21, an estimated 14,130 cyber-crimes were recorded by the police in Scotland. This has almost doubled (increasing by 95%) compared to the estimated 7,240 cyber-crimes recorded in 2019-20 (Table A9).

It should be noted that whilst the estimated volume of cyber-crime has almost doubled over 2020-21, at least part of this increase may be due to the significant impact of the coronavirus (COVID-19) pandemic and government instructions to limit social contact. For example, in their ‘Crime in England and Wales: year ending March 2021’[7] release, the Office for National Statistics noted that an increase in fraud and computer misuse offences could reflect perpetrators taking advantage of behavioural changes during the pandemic, such as increased online shopping.

We estimate that at least 6% of crimes recorded by the police in Scotland in 2020-21 were cyber-crimes, compared to 3% in 2019-20. This includes an estimated one-in-three Sexual crimes (33%) in 2020-21, up from around a quarter (24%) in 2019-20. In addition, around one-in-ten of both Non-sexual crimes of violence and Crimes of dishonesty (12% and 10% respectively) were estimated to be cyber-crimes in 2020-21, compared to 6% and 3% in 2019-20. Less than 1% of crimes of Fire-raising, vandalism etc. were estimated to be cyber-crimes in 2020-21, unchanged from 2019-20.

It is important to note that whilst the sample of crime records reviewed for this analysis was designed to capture the main types of crime that could involve a cyber-element, this may not have included every relevant type of crime. As such, these figures should be taken as estimates. Going forward statisticians will keep the types of crime reviewed for this chapter under consideration, to ensure any additional types (beyond those discussed below) that may involve a cyber-element are included.

Impact of change to the recording of international crimes

As a result of the procedural change outlined above, an estimated 1,160 additional crimes were recorded in 2020-21 (i.e. cases where the perpetrator was likely to be outside the UK when the crime was committed) (Table A10). These additional crimes represent less than 1% of all crime recorded this year.

Fraud was by far the biggest contributor to this increase, with an estimated 900 additional crimes being recorded due to this change. This equates to around one-in-six of the estimated increase in crimes of cyber fraud between 2019-20 and 2020-21 (Tables A10 and A12). Although the impact of the procedural change was greatest for crimes of Fraud, this still equated to less than 1% of all Crimes of dishonesty recorded in 2020-21.

Cyber-crimes within Non-sexual crimes of violence

This analysis looked specifically at crimes of (i) Threats and extortion and (ii) those recorded under the Domestic Abuse (Scotland) Act 2018.

In 2020-21, an estimated 730 crimes of Threats and extortion were cyber-crimes, an increase of 152% from the estimated 290 recorded in 2019-20. Around one-in-four of the additional crimes of Threats and extortion were as a result of the procedural change discussed above. In the latest year, over three-quarters (77%) of recorded threats and extortion were cyber-crimes, an increase from two-thirds (66%) in 2019-20.

In 2020-21, an estimated 360 crimes under the Domestic Abuse (Scotland) Act 2018 were cyber-crimes, an increase of 33% from the 270 recorded in 2019-20. There was no impact on these crimes as a result of the procedural change. In the latest year, over a fifth (22%) of recorded crimes under the Domestic Abuse (Scotland) Act 2018 were cyber-crimes, an increase from around one-in-six (16%) in 2019-20. It should be noted that as a course of conduct type offence, some of the Domestic Abuse cyber-crimes highlighted in 2019-20 and 2020-21 may have involved a mix of cyber-based and in-person activity, rather than occur exclusively online.

Cyber-crime within Sexual crimes

This analysis looked specifically at those types of Other sexual crimes that could have a cyber-element. For example, crimes of Communicating indecently, Cause to view sexual activity or images, Indecent photos of children, Disclosing or threatening to disclose intimate images and Voyeurism.

In 2020-21, an estimated 4,390 Other sexual crimes recorded by the police were cyber-crimes, an increase of 37% since the estimated 3,210 recorded in 2019-20 (Table A11). The estimated volume of Other sexual crimes that were cyber-crimes has gradually increased over the longer term from 1,100 in 2013-14[8].

In the latest year, two-thirds (66%) of recorded Other sexual crimes were estimated to be cyber-crimes. The proportion of Other sexual crimes that were cyber-crimes has gradually increased over recent years from 38% in 2013-14, to 51% in 2016-17 and 54% in 2019-20. Part of the increase after 2017-18 will likely relate to new crimes of Disclosing or threatening to disclose intimate images being recorded under the Abusive Behaviour and Sexual Harm (Scotland) Act 2016, which was implemented on 3rd July 2017. However the clear majority of this increase will be due to other factors.

Figures on the proportion of specific types of Other sexual crimes that are cyber-crimes should be treated with some caution due to the small base sizes in the sample. Despite this, it is likely that the majority of several types of Other sexual crimes, including Communicating indecently, Cause to view sexual activity or images, Indecent photos of children and Disclosure or threaten to disclose intimate images are cyber-crimes (Table A11).

The analysis also suggests an estimated 2,080 Other sexual crimes recorded in 2020-21 were both cyber-crimes and had a victim under the age of 16. This increased by 7% from the equivalent estimate of 1,950 for 2019-20. Over the same period the estimated number of cases which were both cyber-crimes and had a victim aged 16 or over increased by 87% from 1,110 to 2,080.

Cyber-crime within Crimes of dishonesty

This analysis specifically covers the crime of Fraud, which includes a wide range of criminal activity such as bank card fraud, failure to pay for goods and services (either online or in person such as taxi fares and meals at restaurants), fraudulent sales, bogus workmen, phishing, banking scams etc.

In 2020-21, an estimated 8,580 frauds recorded by the police were cyber-crimes, which more than doubled (increasing by 149%) from the estimated 3,450 recorded in 2019-20. As such, it is the increase in cyber fraud that contributed the most to the estimated doubling of recorded cyber-crime between 2019-20 and 2020-21.

Over the same period, we find that there has been a fall of around two-fifths (39%) in the estimated volume of recorded frauds which were not cyber-crimes, from 8,480 in 2019-20 to 5,120 in 2020-21 (Table A12).

In the latest year, over half (57%) of recorded frauds were estimated to have been cyber-crimes. The proportion of fraud estimated to be cyber-crimes has increased from 28% and 29% in 2018-19 and 2019-20 respectively.

As highlighted above, we estimate around 900 additional frauds were recorded as a result of the procedural change. Therefore, only around one-in-six of the estimated increase in cyber-crime frauds in 2020-21 was as a result of the change to the crime recording rules.

Contact

Email: Justice_Analysts@gov.scot

Back to top