The Misdeeds and Security Framework

The Misdeeds and Security framework sets out broad ways by which offenders may exploit or harm things and people in their environment, and how security can respond. It is more crime-risk-specific than the Conjunction of Criminal Opportunity framework, but more general than risk factor approaches such as Hot Products, which focuses on theft.

The Misdeeds and Security Framework can support Crime proofing Crime Risk and Crime Impact Assessments in the design of new products, places, services and systems, and contributes to a crime futures mindset more generally.

This page sets out:

What the Misdeeds and Security Framework is
What it’s for and who can use it with what benefit
The framework in detail
Some technical issues
How Misdeeds and Security relates to other Crime Science Frameworks
The origins of Misdeeds and Security
Links to key articles and presentations

What is the Misdeeds and Security Framework?

The ‘Misdeeds and Security’ framework contributes to know-about crime problems. It lists some very generic functional aspects of criminal behaviour, and identifies equally generic security actions to counter them. The criminal behaviour and security actions relate to products, places, people, procedures and systems, what the offender does to them and how the security side protects them. The ‘mis-‘ prefix primarily denotes some purposive action done, either in direct violation of legal rules (see definition of crime) or as a means to that end. In a few categories (e.g. Mistaken), the intent is absent.

What is the Misdeeds and Security framework for?

It has several uses:

To compress and simplify the huge and ever-proliferating array of criminal offences and ‘offence elements’ into a manageable, limited and structured set of misdeeds, so practitioners and designers can get their heads round the totality of risk.
To help systematically envisage, and counter, tactical actions by offenders in here-and-now contexts.
To help systematically envisage how particular products, people, places, procedures and systems feature in crimes as crime risks and more broadly, to enable the security side to put themselves ‘in the shoes of the offender’ e.g. in the design and use of toolkits.
To help understand criminal affordances – the action possibilities in the environment that are readily perceivable as useful by an offender.
To support anticipation of future criminal actions against new products, places etc, and scientific and technological innovations, in order to design against these risks. It is thus an aid to Crime-Proofing, Crime Risk Assessment and Crime Impact Assessment, and a means of thinking about criminally disruptive technologies – those which re-write the balance of advantage and/or motivation between offenders and preventers.

Who can use the Misdeeds and Security framework and how do they benefit?

Practitioners are given a different angle to think about here-and-now crime risks relating to products, places, procedures and systems, and how to anticipate new risks
Researchers are given a way of envisaging and articulating crime scripts and script clashes, a technique for horizon-scanning
Designers and engineers are helped to anticipate how their products might feature in crime, and then design-in appropriate security

What are the details of the Misdeeds and Security framework?

The Misdeeds

Misappropriated – property or data stolen
Mistreated – property damaged, data destroyed or locked, people assaulted, self-harm
Misused – as tools/ weapons for crime to support a specific Modus Operandi, or to be consumed as illegal drugs; includes countermeasures against police or forensic tactics, and in particular those which Mislead attempts to identify people or property
Mishandled – property subject to smuggling; data exfiltrated, illegally divulged to third party
Misbegotten – property or data counterfeited, illegally copied (more recent addition thanks to Ken Pease)
Misbehaved with – items used in disorder (e.g. spraycans, fireworks) or creating an environment conducive to disorder

In each of the above cases where the targets, settings and resources for crime are persons, physical goods and buildings, means of payment, physical environments or electronic systems, intellectual property or information.

The misdeeds can constitute crimes in themselves (e.g. Misappropriation = theft) or subsidiary actions (e.g. Misuse of a tool in supporting a Misappropriation).

Additional ‘Mis’ categories

Additional ‘Mis’ labels do not so much represent intentional behaviour; rather, they cover undesirable consequences of criminal or security actions:

Mistaken – errors are also made by public or police which whilst not illegal serve to constrain or misdirect crime reduction activity (e.g. false alarms, arresting the wrong person – this is obviously central to the technology of sensor systems), whether in preventing or reacting to crime; serious mistakes can of course lead to Miscarriages of justice
Mistrusted – where for example, individual or corporate victims of crime do not report the incidents to the police due to antipathy, or reasoned judgement that there are risks such as disclosure to media or witness intimidation. The negative consequences include not just individual crimes not dealt with, but police lacking a strategic picture of the nature and extent of a given problem
Misaligned – having unintended adverse side effects, e.g. on privacy and other Human Rights, exacerbating fear, or creating stigma
Mishap – accidental damage, not criminally caused, but which may reduce resistance to crime

The Security (S) opportunities

The S categories of the Misdeeds and Security framework identify how the product, place etc of interest might be exploited by the security side to make persons, physical goods and buildings, means of payment, environments or information:

Secured against misappropriation – resistant to theft, indicating that theft has happened, or recoverable/ restorable to owner
Safeguarded against mistreatment – resistant to, fail-safe in, or indicative of damage
Shielded against misuse – resistant to misuse, including for attacks on law enforcers, or indicative of misuse, including tamper-evidence
Supporting – justice/ crime reduction/ community safety, covering:
- Supporting law enforcement – e.g. facilitating arrest/immobilisation
- Supporting detection – e.g. forensics, identification
- Supporting punishment – e.g. tagging/ curfewing of offenders
- Supporting emergency action – covering response to accidents etc
- Supporting police-public relations – e.g. IT-based tracking/ maintenance of contacts
- Supporting reassurance – e.g. surveillance technology
Scam-proofed – resistant to or indicative of fraud/ counterfeiting/ smuggling
‘S’ivilised – environment resistant or repellent to misbehaviour and conducive to good behaviour
Slip-proofed – resistant to mistakes
‘Sertain’ to report
Straightening adverse side-effects

Some terms need defining further. Resistance relates to the concepts of primary, secondary and tertiary security (stopping the crime happening in the first place, limiting it once under way and limiting adverse consequences). Indicativeness contributes to secondary and tertiary resistance, e.g. tamper-evident food containers help people avoid poisoning or fraud and initiate law enforcement or wider preventive action.

Note that some crime reduction opportunities and crime risks emerge, not from a single product etc, but from two or more in combination – for example, a new ceramic gun with a new propellant bypassing multiple security detector systems. These pose particular challenges in that knowledge from two technological or scientific fields, plus consideration of crime opportunities and risks, must get into one head, or one interacting group.

A technical issue: counter-countermeasures

Being an arms race, it is sometimes necessary to refer to counter-countermeasures and even more complex interactions between offenders and the security side. (An account of how these interactions play out over different timeframes can be given using the Co-Eco-Devo-Evo Framework.) This can be confusing if not carefully related to ‘goodies or baddies’. For example, a draft Misdeeds and Security assessment of the security potential of biometrics began by spelling out risks of crime which, it was realised, were in fact risks of criminal countermeasures (e.g. guessing the password) against existing security measures (the password system) intended to protect against an initial ‘primitive’ crime risk from unrestricted access.

A convention became necessary to spell out the degree of recursion at each stage: 1) risks of crime, 2) opportunities for crime reduction, 3) risks of criminal countermeasures, 4) security counter-countermeasures. However, schemes like this can, if too rigidly followed, hinder comprehensible story-telling.

How does Misdeeds and Security relate to other frameworks?

Given the complexity of some crimes (Ekblom 2003), it may be necessary to use several Ms in conjunction to characterise the crime risk – such as ‘Misappropriation of information leading to its Misuse’. In this respect, Misdeeds and Security can connect with crime scripts.

The Misdeeds, especially Misuse, relate to criminal affordance; flipping perspective between opportunities for crime and opportunities for security relates to the broader definition of opportunity adopted here.

Situational crime prevention focuses on very specific kinds of crime in very specific circumstances, e.g. theft of luggage in Heathrow Airport Terminal 5. The Misdeeds and Security Framework is broader, lying between the Conjunction of Criminal Opportunity framework, which applies a causal analysis relevant across all crime types and security interventions, and specific risk/protective factor suites covering targets and places of specific crimes.

The risk/ protective factors include CRAVED (Clarke 1999) for Misappropriation of objects; EVIL DONE (Clarke and Newman 2006) for criminogenic properties of buildings as potential targets for terrorist Mistreatment. They also include the even more specific IN SAFE HANDS (Whitehead et al. 2008) for protective design aspects of mobile phones: Securing them against theft, Shielding them against damage and Safeguarding them against misuse.

The Conjunction of Criminal Opportunity framework is normally presented as applying to criminal events in general. However, it is possible to produce versions of the framework which set out the causal elements and security interventions for specific misdeeds – covering, say, Misappropriation/ theft or Mishandling/ smuggling. An illustration of the relationship, from Ekblom (2017d), concerns the motor vehicle as a criminogenic object:

How did the Misdeeds and Security framework originate?

The demand for the Misdeeds and Security framework arose from work to systematically and rigorously identify future crime risks and crime prevention opportunities posed by advances in hard science and technology (a need identified by the England & Wales Police Science and Technology Strategy Group in 2002), in the context of a growing governmental and police interest in ‘crime futures’ more generally.

The content of the framework drew on understandings developed through the research conducted in support of the Design Against Crime initiative and the Crime Prevention Foresight Panel of the UK Government’s Crime Reduction Programme (1998-2003), in particular from studies commissioned through the Design Council from Cambridge, Salford and Sheffield Hallam Universities (Design Report 2000; Learmont 2005).

A multidisciplinary group of scientists, social scientists, engineers, forensic scientists, and police, chaired by the UK Home Office, used and refined Misdeeds and Security to review candidate scientific and technological innovations suspected of having crime implications, identify significant ones for further investigation and report to the Strategy Group with recommendations for action or inaction as appropriate. The wider purpose was to ‘alert, motivate and empower’ scientists, technologists and designers to ‘think thief’, to recruit them as ‘scouts’ to spot crime risks/ preventive opportunities within their diverse fields and to inform the design of new tools and technologies for preventing crime.

The Misdeeds and Security framework was incorporated in the reports of the Government Foresight Project ‘Cyber Trust and Crime Prevention’ (Collins and Mansell 2005) and contributed to ‘crime scenarios’ for the subsequent ‘Intelligent Infrastructure’ project (Ekblom 2006). It also features in an entry on ‘crime and communication technology’ in the International Encyclopedia of Communication (Ekblom 2014).

Publications

The main article introducing the Misdeeds and Security framework is Ekblom (2005) ‘How to police the future’. This contains some worked examples of Misdeeds and Security applied to Scientific and Technological Innovations.

The Misdeeds and Security framework also appears in Ekblom (2017d) – Designing products against crime in the ECCA handbook 2^nd edition, and many other design, technology and futures publications.