CCO – relation to other Crime Science frameworks

CCO and other Crime Science and security frameworks

Crime Science theory

The CCO Framework brings together all the current theoretical perspectives in situational crime prevention/Crime Science (Wortley et al. 2019) including Routine Activities (Felson 2017), Rational Choice (Cornish and Clarke 2016), the Geometry of Crime/Crime Pattern Theory (Brantingham et al. 2017), Crime Precipitation (Wortley 2017) and some new ones, including on the offender side (e.g. self-control theory (Gottfredson 2017), into a one-stop-shop.

The CCO is not itself a falsifiable theory, but a convenient pulling-together of the defining elements of criminal events, which individually and collectively map out the broad kinds of cause of those events. The CCO could be called a truism, like the Problem Analysis Triangle and Routine Activities themselves, but one that has diverse uses, among which is the ability to articulate, map and bring together ‘proper’ theories such as Situational Action Theory.

‘Opportunity theories‘ is a rubric often used to refer to the main set of Crime Science approaches. However, opportunity is a rather complex concept, discussed in depth here. In brief, like situation, opportunity is not purely environmental, but inherently interactional.

In CCO terms an opportunity for crime depends on the conjunction of offender and setting. Thus for example, an open window three floors up is only an opportunity if the offender perceives it as such (see affordance) and has resources such as agility, strength, courage and maybe a ladder.

Likewise with crime precipitation, the tendency of an individual to be provoked, say, by an officious poster is inextricably co-determined by their own predisposition to be angered by certain things, interacting with the properties of the poster which inspire provocation, such as patronising or authoritarian language. (Precipitation and readiness to offend, given their motivational/ emotional content, strictly take the CCO beyond pure opportunity, but the name is long-established.)

The Scientific Realist Approach – causal mechanisms and Realist Evaluation

Pawson and Tilley (1997) sharpened the focus of (what was to become called) Crime Science by introducing the language and perspective of Scientific Realism with its use of the concept of causal mechanisms. (Related approaches include Theory of Change.) Mechanisms are detailed causal processes underlying agents’ perceptions, motivation and behavioural interactions with the setting and other agents, that are hypothesised or conjectured to be taking place.

Realistic evaluations (discussed here) attempt to go beyond conventional evaluation designs that rely solely on comparing crime outcome indicators before and after intervention, in action and control groups (ideally with randomised assignment). Instead, they combine this and other designs with the search for subtler evidence to confirm, or refute, underlying causal mechanisms hypothesised to have generated the pattern of observed results.

The Scientific Realist approach notes the extreme context sensitivity of crime prevention mechanisms. Realist Evaluations therefore use the ‘Context, Mechanism, Outcome‘ (CMO) format to describe how interventions are intended, or empirically shown, to work. ‘What works’ knowledge is thus expressed as ‘what works, in this context, by these mechanisms, to produce this outcome pattern.’ (A practical application of this is the UK College of Policing Crime Reduction Toolkit (Johnson et al. 2015)).

The CCO fits with CMO as follows (and see also Ekblom 2018b). As described in the Origins section, the CCO framework (in its earlier incarnation as Proximal Circumstances) was developed as a generic ‘mechanism map’ intended to describe and classify the rationales of the widest range of crime prevention methods, both situational and offender-oriented, in a major national programme, the UK’s Safer Cities. It’s worth going into a little more detail here for those who are interested in conceptual precision.

The 11 elements of the CCO can be taken as broad, abstracted ‘channels’ for causal mechanisms, e.g. the mental state of readiness that the stressed offender brings to a potentially provocative setting; the properties associated with these elements serve as preconditions, whose presence and interaction may be necessary or sufficient to generate a perceived crime situation, and perhaps a criminal event. (Strictly, the causal mechanism underlying the criminal event is irreducibly an interaction, an exchange of information, social influence, matter and/or energy between multiple elements – it can never be a single cause acting alone. However, it’s usual to speak of single causes because the other ones are usually givens that recede into the background of our attention, or statistical analysis.)

The ‘intervention’ version of the CCO diagram shows the principles of intervention as simple overlays on the causes that they are intended to modify. In reality, things are subtler. A practical intervention method inserts an additional set of mechanisms into the mix which may remove, block, weaken or deflect one or more of the other necessary causal preconditions such that the event is less likely to occur, succeed or generate so much harm.

The CCO Framework attempts to include and integrate all the immediate causes that, interacting together, generate criminal events. These causes will still be present as a background to the changes introduced by the preventive intervention – apart, of course, from any that the intervention itself blocks or removes. Therefore, it follows that the CCO Framework supplies both a broad account of intervention methods and mechanisms, and an immediate context map with which the intervention interacts to produce the outcome pattern. In other words, it covers context and mechanism in Realist Evaluation.

The debt to Nick Tilley in introducing Scientific Realism and the mechanism perspective to crime science, is substantial. Ekblom (2018b) describes it as a ‘universal acid’ that dissolves everything’ in a festschrift chapter subtitled ‘There is mechanism in my madness’. Without the mechanism perspective, the CCO and much else would not have emerged!

The Problem Analysis Triangle

CCO is an advanced, more inclusive and detailed counterpart of the Problem Analysis Triangle (PAT – target/victim, offender, location). The central triangle of PAT leaves out guardians and other preventer roles making for a confusingly partial overlap with the Routine Activities triad of offender, target and guardian. PAT does represent the roles of guardians of targets, managers of places and handlers of offenders as an add-on outer triangle. But the CCO term ‘crime preventers’ covers all three roles, in one core element.

The subsidiary distinctions can still be made within CCO (as in this table of the CCO elements) but arguably the all-inclusive preventer term has advantages, for example in connecting with the Involvement task stream in the 5Is process model, and making a simple contrast with the crime promoter concept (people/ organisations who increase the risk of crime, whether carelessly or deliberately).

The CCO Framework also flexibly allows incorporation of other roles such as the designer of secure products and places, and the ‘design decision-makers’ in the marketing department. In this, it serves a similar purpose to the concept of ‘supercontrollers‘ (Sampson et al. 2010), individuals/ organisations that ‘influence the influencers’, forming a second outer layer of the PAT.

The flexible use of roles in the CCO Framework enables a cross-mapping between the above crime roles and the civil roles of the everyday world (such as householder, passer-by, manufacturer, retailer). See further discussion on crime roles and the system perspective offered by the Crime Role Grid.

Note also the conceptual/ knowledge management issue raised here, that many researchers confusingly and inconsistently use guardians/guardianship to cover all three immediate preventer roles in the outer triangle of PAT (handlers of offenders, guardians of targets, managers of places). This probably stems from the fact that the original Routine Activities concept refers to (capable) guardians in general terms whereas the outer triangle of PAT differentiates the three sub-roles (handlers, managers, guardians) as described above.

CCO enters the 5Is process for doing security and crime prevention, in four of the task streams. Under Intelligence – analysis of causes and risk factors; Intervention – action to address causes and risk factors; Involvement – preventers and promoters; Impact – articulating the mechanisms by which an intervention method was shown to work, or fail. Chapter 9 of the 5Is book (Ekblom 2011) sets out the relationship in depth.

The SARA process, the less detailed counterpart of 5Is, tends to use the Problem Analysis Triangle for analysing causes and planning/describing interventions. However, there is no logical reason – apart from maintaining parity of detail and scope – why SARA cannot be used with CCO, or 5Is with PAT.

25 Techniques of Situational Crime Prevention

The 25 Techniques of situational crime prevention (25T) are a cumulative body of knowledge of practical intervention methods. These are organised in terms of five principles derived from the Rational Choice perspective (Cornish and Clarke 2016) – increasing the risk to offenders, increasing the effort and reducing the reward from crime – plus two add-ons, reducing provocations and removing excuses. Under each of these principles is a column containing methods such as target-hardening.

The CCO Framework is more inclusive and more analytic than 25T. It explicitly covers more situational principles. It covers offender-oriented interventions as well as situational ones. And it respects the many-to-many relationship between principles (as pan-contextual distillations of mechanisms) and methods. One practical method may act via multiple mechanisms (creating a target enclosure may block access, discourage offenders due to greater effort, deter them through greater perceived risk, and aid preventers who only have to guard the entry point). One principle may be realised via multiple methods.

It’s worth noting in this connection that risk, effort and reward are not fixed but ‘interchangeable currency‘ for adaptive offenders. To increase reward, they may tolerate greater risk; to reduce risk, they may put in more effort. Presumably all these trade-offs can be subsumed under a more general utility function, which itself is a key element of the economists’ Rational Choice theory.

Dynamic perspectives including Crime Attractors and Crime Scripts

The CCO Framework resembles a static anatomical dissection of crime causes – the dynamics of those causes have to be added on. The dynamics include how the various causal elements of the CCO are themselves caused by prior processes such as developmental sequences and priming events/circumstances (defined under ‘environment‘ – scroll down blue box on linked page); and how the elements come together in space and time to make criminal events happen. The coming together could be through Routine Activities; the habitual paths, nodes and awareness space of the Geometry of Crime (see below), Lifestyle preferences; offenders actively seeking targets or crime attractor situations; or even in the case of fraud or ambush, creating opportunities such as decoy situations or phishing emails. The dual caused agent perspective (offenders both caused and causing) helps capture the complexity of influences here.

Beyond pure opportunity, the existence of structural or personal/group-level conflicts that pre-date a criminal event can bring offender, target victim and target property together in a situation that is charged with readiness to offend.

Within and around the criminal event itself, there are the immediate dynamics of social interaction e.g. in an encounter that escalates into a dispute then violence; and of course a sequence of events such as the performance of a crime script. Scripts aren’t just for offenders – all the crime roles acquire, perform and develop them; and script clashes characterise archetypical tactical conflicts such as offender pursues versus victim escapes. Prevention is about designing the setting, procedures etc to favour the performance of the good guys over the bad. While CCO currently focuses on the offender it would be interesting to develop a notation that gave equal treatment, say, to crime preventer and/or victim roles.

Returning to individual scripts, the various steps of a crime script – e.g. acquire getaway car, buy forged passport, rob bank, launder money – are collectively enabled by an opportunity path. Each node in this pathway can be described using its own Conjunction of Opportunity. For more detail see the page on scripts and script clashes.

Attack trees

A related concept to opportunity paths is the attack tree (Schneier 1999; Kordy et al. 2013). Originating within cybersecurity, this works backwards from a particular operational goal of the offender (e.g. gain access to administrator control of IT system) and identifies the immediate logical/practical steps needed to achieve that (e.g. obtain password, bypass firewall) and then the immediate steps to achieve each of those alternatives, and so on.

Since every step might be achieved by several alternatives, this generates a branching tree structure of possible purposive offender actions that funnel down to the ultimate goal. An offender performing a crime script (and choosing between its alternate tracks) would play forward down the branches of the tree to the trunk. Again, each nodal action of the attack tree (obtain password etc) could be characterised by the environmental and offender-oriented causal factors of a conjunction of opportunity.

Geometry of crime

The Geometry of Crime, aka Crime Pattern Theory, seeks to cover patterns and causes of crime at a neighbourhood-to-city scale. Developed by the Brantinghams (Brantingham et al. 2017), it blends an environmental/ ecological approach with humans as agents perceiving, knowing and moving around their habitat. Key concepts include nodes/ destinations (such as home, workplace and entertainment venue) and paths connecting these, that people routinely take; and ‘awareness space‘ of the offenders and other agents.

The CCO Framework can describe the opportunities and precipitators that offenders encounter at particular nodes or whilst on particular paths, relating these to wider environments or enclosures as appropriate. It can also treat awareness space as a kind of resource for offending. But the whole process of travelling between nodes, the geometrical relations between them, and how, say, offender movement and location patterns overlap with those of victims, are beyond the scope of the CCO Framework itself. Indeed these processes are necessary additions to the CCO Framework to explain how the elements of the CCO come together. This is returned to under Risk and Protective Factors below.

Other concepts from the same Geometry of Crime stable are crime generators and attractors. Generators are places or routes of high crime risk simply by virtue of the high presence or flow rate of people, including offenders, going about routine, legitimate activities – conjunctions will keep happening and criminals will seize them opportunistically. Attractors are wider environments or enclosures that have such strongly criminogenic properties (e.g. lots of attractive targets, inadequate presence of preventers) that offenders, as active agents, seek them out.

Crime radiators (Bowers 2013) are places (enclosures or wider environments) such as rowdy pubs which either attract offenders to the general vicinity or send them out into it, inebriated, to offend close by the premises. Crime attractors come within-scope of the CCO, radiators can be assimilated by broadening the CCO concept of enclosures and environments but generators can only be accommodated by adding to the dynamics of how the causal elements come, or are brought, together (see Risk and Protective Factors below).

Risk and Protective Factors

The CCO Framework has focused on causes and causal mechanisms rather than risk factors – statistical correlates of crime or offenders’ criminal tendencies, that may or may not have a direct causal relationship. However, some connection can readily be made with situational risk factor approaches such as Hot Products (Clarke 1999) and Risky Facilities (e.g. Bowers 2014), covering targets and environments/enclosures respectively. Likewise the CCO can link to the mapping of protective factors (correlated with reduced risk) such as the IN SAFE HANDS formulation of mobile phone designs (Whitehead et al. 2008). Risk and Protective Factors are discussed in general terms here; how they relate to the CCO follows.

With situational Risk and Protective Factors, the sequence continues from general to particular:

• The CCO Framework applies to all kinds of crime, nearly all of which are directed towards targets
• Misdeeds specify particular broad types of crime in terms of what is being done to, or with, what, such as misappropriation (theft) of targets
• Risk and Protective Factors respectively identify properties of those targets and their typical ‘habitats’ that make them more prone to to particular types of crime – for example misappropriation, or even more specific categories such as theft of luggage at airports – or that make the targets less susceptible or exposed

There is no reason why the CCO Framework couldn’t be used to help guide and organise research and knowledge on offender-oriented Risk and Protective Factors too, for example covering offenders’ resources to avoid crime or factors in individuals’ current life circumstances likely to generate readiness to offend. Developmental Risk and Protective Factors potentially influencing individuals’ predisposition to commit crime are out of scope of the CCO, which focuses on immediate causes including the outcome of developmental pathways. But knowing that certain situations might attract people with certain developmental risk factors might be of some practical use (albeit ethical issues may arise).

Attack surfaces

Simulation and Agent-Based Modelling

Simulation of the behaviour of offenders and other crime roles in a virtual environment, using agent-based modelling, has much to offer for testing aspects of Crime Science theories – and developing an understanding of interactions between them. (For examples of such simulations see Gerritsen and Elffers 2021.)

Such modelling requires a sharpening and integration of the concepts and terminology of Crime Science, in order to make them precise and consistent enough to support computer coding. The CCO Framework aspires to supply such clarity and integration; it also offers more detail on the specification of the offender than the standard ‘cardboard cut-out’ model of criminals adopted in situational crime prevention; and a more crime-oriented specification than the standard PECS (Physics, Emotion, Cognition and Social Status) or BDI (Beliefs, Desires, Intentions) commonly used in agent-based modelling. Indeed, the CCO itself would further benefit from being put through the rigours of being rendered into code. The issue of clarity and consistency of concepts is discussed further under Nature of knowledge in crime and security and Glossaries and ontologies.

As far as is known, the CCO has not yet been used to support agent-based modelling, but if anyone is interested, please contact.

Situational Action Theory

Situational Action Theory (SAT) was developed by P-O Wikström (e.g. 2018) and is summarised here. SAT is a general, dynamic and mechanism-based theory of crime and its causes that analyses crime as moral actions. SAT proposes to explain all kinds of acts of crime (hence, general), stresses the importance of analysing the person-environment interaction and its changes (hence, dynamic), and focuses on identifying key basic explanatory processes involved in crime causation (hence, mechanistic). 

In their interest in interactions and mechanisms, and its aspiration to be general and integrative/comprehensive, CCO and SAT have plenty in common, and there is much scope for mapping the one onto the other.

Like CCO, SAT gives equal coverage to offenders, whereas the main Crime Science approaches emphasise situations/environments and limit consideration of offenders to their being merely ‘likely or motivated’ (Routine Activities) or ‘Rational’ (Rational Choice).

The SAT concept of propensity is rather tricky to relate to CCO’s predisposition, however. Propensity amounts to the potential to behave in particular ways and covers both the ‘moral rules‘ acquired through socialisation, and the potential for self-control. As such, propensity would seem to cover both CCO’s predisposition (which relates to psychological traits, values, attitudes, beliefs and high-level purposes, all of which are stable/durable across settings) and resources to avoid offending (which range from self-control to the skills to hold down a decent job, de-escalate a dispute etc).

Having an embedded suite of moral rules could come under predisposition, while self-controlled adherence to those rules is a resource in CCO terms. However, one could also argue that being in possession of a set of moral rules that fits with societal norms is in itself an adaptive resource that enables a person to lead a successful legitimate life.

Another major difference seems to be that CCO is a truism (as stated under Crime Science above), simply noting the generic kinds of causes that come together to make a crime happen and that in effect define the elements of criminal events; but SAT is a full-blown theory, making more specific and evidenced claims as to the particular nature of the causes and interactions between them. As such it is falsifiable. In contrast, the CCO is a framework for managing knowledge and mapping/ integrating theoretical perspectives and ‘proper’ theories.

Despite these differences, in recent versions of the CCO and the other crime frameworks/ definitions on this website an effort has been made to draw on SAT concepts such as rules and the distinction SAT makes between setting and the more interactional situation (interactional because it is co-defined/determined by the setting and the potential offender’s perceptions and affordances regarding that setting).

The S5 Moral Ecology Framework

While drawing on Situational Action Theory (immediately above), S5 is a broader framework which sets out how five key categories of determinants at different levels interact to generate or suppress the risk of extremist propensity development with the potential for extremist action.

S5 is in effect a developmental and ecological model, with the potential to cover all kinds of criminal behaviour and more. It sees susceptible individuals, via processes of self-selection and selection by others, passing through various situations/settings en route to radicalisation, and in some cases to the generation of terrorist behaviour and terrorism events.

The settings themselves are generated/distributed via a ‘social ecology’ and this in turn is shaped by system-level societal processes. Structural-level influences such as social conflicts and inequalities fit in here, and the Situational Crime Prevention concept of opportunity structures relates to both social ecology and system level.

The CCO Framework is concerned with the immediate causes of criminal/terrorist events, but connects with S5 in various ways. S5 is in effect a ladder from the proximal here-and-now to the higher-level and/or distal causes (represented by the ‘rays’ in the CCO causes diagram). Over a protracted and cumulative course of interactions these higher causes shape the CCO elements, and bring them together. Offender susceptibility to moral change roughly equates to predisposition and resources to avoid offending in CCO terms (as discussed under SAT, immediately above). However, in S5 terms, these factors are operating in developmental settings, distinct from the tactical/ proximal ones covered in the CCO. Individuals pass through a series of such developmental settings. – partly at the behest of the selection by others, partly self-selecting which successive settings/social influences to expose themselves to. This dual process is consistent with the caused agent perspective applied in the CCO and other Crime Frameworks.

The CCO Framework bears a broadly similar relationship to Bronfenbrenner’s (1994) ecological model of human development, which envisages a multi-level system of progressive reciprocal interactions between individuals and their environment. Within the Crime Frameworks, more is made of the distinction between what is called ‘ecological’ (i.e. here-and-now) processes versus developmental and evolutionary ones (see the section on timeframes of crime – Co-eco-devo-evo, below).

CCO and other Crime Frameworks

The concepts and terms used within the other Crime Frameworks on this website have been designed to be consistent with those in the CCO (and with one another). However, this is an ongoing process as different frameworks were developed for different purposes and to meet the requirements of different users.

The Ds Framework

The Ds Framework considers intervention mechanisms from the particular perspective of how they influence the offender. The Ds are a mix of practical, psychological and personal intervention principles. They currently comprise Deter known/unknown, Discourage, Detect, Defeat, Disable/Deny, Deflect/Direct, Demotivate/Dampen, Disconcert, Deceive and Detain. Their close relation to the CCO intervention principles is covered here. Disconcert and Demotivate/Dampen influence the CCO element of readiness to offend, and relate to manipulating crime precipitators, discussed above on this page.

The Misdeeds and Security Framework

The CCO Framework covers crimes in general, whereas the Misdeeds and Security Framework covers several broad but particular categories of crime such as Misappropriation (theft), Mistreatment (harm, damage to human or inanimate target) and Misuse (of resources). It’s therefore straightforward to adapt the CCO to focus on the causes of, and interventions against, the appropriate subset of criminal activity. A table showing how Misdeeds map onto the 11 CCO elements is here. There is further discussion above on how the CCO, Misdeeds and Security and Risk and Protective Factors relate.

The Misdeeds can also be used to understand criminal affordances – how offenders perceive utility of the various entities and agents in their environment.

Timeframes of Crime – Co-Eco-Devo-Evo

Prompted by work on a cybercrime project (ACCEPT – Islam et al. 2019), there emerged a way of distinguishing reciprocal change processes between criminals and the security side, operating over three timeframes, under the label Co-Eco-Devo-Evo. The main account is here.

• Eco refers to tactical here-and-now ecological interactions between players of the various crime roles and with their immediate environment(s) and enclosure(s), using their existing resource repertoire and including priming circumstances (see here – scroll down blue table). This timeframe of proximal causation, obviously, is where CCO is located.
• Devo covers developmental processes which relate, not just to acquisition of criminal predisposition but also (through learning or simply obtaining) of resources for offending and for avoiding offending. Devo thus covers some of the substantially upstream or distal causes and causal pathways (i.e. sequential interactions) that end up coming together in the CCO.
• Evo is about biological/ cultural/ technological evolution, including co-evolutionary arms races. Evo thus covers what in the biological evolutionary literature are often called ultimate causes. As such, the connection to CCO is indirect, via feedback from the successful/ unsuccessful outcomes of tactical Eco interactions and the learning experiences from Devo.
• The Co element represents the reciprocal influences and interactions between the players of the crime roles, not just in the evo timeframe (as in arms races), but also in eco (e.g. a tactical script clash, as in conceal vs reveal) and devo (e.g. one side ups their surveillance equipment; other side boosts their countersurveillance skills).

The Crime Role Grid

The Crime Role Grid is a way of developing a system-level view of all the players in a particular field of crime and security. It builds on those elements of the CCO framework which comprise agents playing crime roles (offender, preventer, promoter), in two ways. First, it extends the crime roles to include victim, responder, regulator, legislator and more; second, it enables all crime roles to be cross-classified with civil roles (e.g. householder, computer user, waste carrier, designer). Users of the grid can plan how to influence, for example, waste carriers who are offenders or designers who are crime promoters.

Security Function Framework

The Security Function Framework is a way of systematically describing the security aspects of designs of products, places, processes and systems in retrospect; and specifying such designs in prospect, as requirements briefings to designers. Its companion, the Vibrant Secure Function Framework (on the same page) seeks to combine reduction of the negative (crime) with promotion of the positive (vibrancy of places). These frameworks have four dimensions – purpose (who/what is the design for?), niche (how does the product etc fit within the wider security ecosystem?), mechanism (how does it work in terms of cause and effect?) and technicality (how is it constructed and operated?).

The CCO framework can be used to describe the mechanisms of security underlying the design.

The 5Is Framework

The 5Is Framework is an advanced process model for doing security, crime prevention and community safety action, and a means of capturing and organising detailed knowledge of practice. The CCO Framework is used in three of the 5Is task streams: under Intelligence – analysis of causes and risk factors; Intervention – action to address causes and risk factors; Impact – articulating the mechanisms by which an intervention method was shown to work, or fail. Chapter 9 of the 5Is book (Ekblom 2011c) sets out the relationship between the CCO and 5Is in depth.