INTERVIEWER: Hello and welcome to the latest IBAC podcast. IBAC is Victoria’s first anti-corruption agency and our role is to expose, investigate and prevent public sector corruption and police misconduct. Today we’re joined by Dr Russell Smith, Principal Criminologist from the Australian Institute of Criminology. Good afternoon Dr Smith.
DR RUSSELL SMITH: Good afternoon
INTERVIEWER: Today we are talking about a serious threat to the security of personal information held by government agencies. That threat is posed by criminal gangs cultivating contacts in the public service and using those ties to illicit protected personal information. Dr Smith, you’ve done a lot of research into this at the national level and, following up on your research, we’re close to finalising a localised study. Now what evidence is there to show that criminal gangs are actively targeting and gaining information from public servants?
DR RUSSELL SMITH: Well to answer that question I think we need to think about what’s driving organised crime for getting involved in these sorts of situations. Firstly organised crime is really after money and there is an old anecdote from the United States concerning an inveterate American bank robber, Willy Sutton who was once asked by detectives when he was arrested why he kept robbing banks. Well his response was, ‘well that’s where the money is’. It’s the same with organised crime. They will really go wherever the money is and that can take them from everything from wildlife theft through to computer hacking, intellectual property fraud and straight fraud against government and organisations. In the past and in the age of computers, the simplest way of getting information was to hack into a computer network and try and extract the information from the computer drives. Now that’s becoming more difficult as computer security has increased, criminals have started reverting to more tried and true methods of getting information and one of those is to try and corrupt public servants into disclosing information improperly. It’s sometimes easier to form a relationship with someone who’s in a secure working environment and then persuade them by various means to leak information to them. The research is not extensive on the extent of the problem but there certainly have been anecdotal accounts of public servants in even anti-corruption commissions, tax office and police in particular who’ve given information to organised crime groups.
INTERVIEWER: In Victoria there is more than 300,000 individuals employed across the Victorian public service. Now these individuals have access to an extraordinary wealth of information about us. What, out of this information, do you think is most valuable to organised crime groups?
DR RUSSELL SMITH: Well without giving away inside information about what organised crime wants, I think it’s pretty obvious that organised crime is very interested in what police operations are taking place and particularly what police operations are proposed for the future, so that they can arrange their affairs in such a way that they won’t be detected. Finally there is a whole range of personal information that can be used for committing offences and a lot of personal identity related information can be used by organised crime to commit a range of frauds and also to get access to other sources of information, so finding out passwords or people’s secure codes to get into their computer networks is a key target.
INTERVIEWER: Organised crime often brings to mind images of the mafia or outlaw motorcycle gangs, is that accurate when we are talking about organised crime in Victoria?
DR RUSSELL SMITH: Yes, Victoria has got the full range of organised crime activity, unfortunately, although it’s not as bad as some overseas countries. So I think we are not in the same rank as particularly some European countries, but outlaw motorcycle gangs do operate in Victoria, there’s branches of the mafia work here, Chinese organised crime gangs all have some involvement. Again, we don’t have complete research knowledge about the extent of some of their operations although police intelligence certainly document the range of activities that they’re involved in. Apart from those, which might be called traditional organised crime groups, there are the newer ones which are operating in the online environment and these are slightly different in that they often tend to be younger people involved and sometimes people who don’t meet face to face. You have entire networks of organised crime groups just operating in cyber space and we can think about some of the people who are perpetrating consumer mass marketing scams who send out billions of email messages to potential victims
INTERVIEWER: Now some of our listeners might be thinking, well haven’t crime groups always sought to corrupt officials? I mean what has changed?
DR RUSSELL SMITH: The major change I guess is information, how it’s collected, recorded, kept and transmitted and the digital age has really made corruption much easier to commit. You can find out a lot of personal information about public servants simply by going online. Some unfortunately misuse social media and that’s a great source of information.
INTERVIEWER: Now you mentioned some risk factors there like social media, what else makes someone vulnerable to being corrupted by criminals?
DR RUSSELL SMITH: If you look at the recruitment of people to become corrupt, they’re really looking at people who have some need to get money in some way. So someone who has access to information that might be valuable to an organised crime group, who also happens to have a need for extra money is a very vulnerable target. So they might have a personal addiction, maybe a drug addiction or a gambling addiction and they need money to get out of that and then they will be able to be compromised. The other avenue for recruitment is where people just simply strike up friendships with people who might happen to be organised crime gang members. And that often happens in a series of locations that have been fairly well documented – they might be gyms, you know, training fitness centres, the sex industry is one area where people can meet up and get involved in activities where organised crime’s involved. Some of the pubs and clubs where people associate you can strike up friendships with people and that can lead to a relationship which can be vulnerable for corruption purposes. And some people in particular occupations are also more at risk so people who are working in formation technology industry, tax office, law enforcement obviously, commissions against corruption, sometimes even transport can be a vulnerability.
INTERVIEWER: Now is there anything individual public servants can do to protect themselves? And would someone know if they’ve been targeted by an organised crime group?
DR RUSSELL SMITH: Sometimes you’re probably not going to be aware that you have been targeted until the point where you’re requested to provide information or give some benefit to the organised crime group that’s been pursuing you. Some of the ways you can protect yourself are to use social media carefully, that’s now pretty clear because that can be searched, not only by ones friends but sometimes by friends of friends on a social media site and you really don’t know who has access to quite sensitive information. Protecting computers and IT systems is very important and in the age of ‘bring your own device’ to a workplace, that can be a real risk. Sometimes people are bringing smart phones and tablets into the workplace that might not be as securely protected as the ones that are issued by a government department or an organisation. And then those of us who might have some high risk behaviours that we are engaged in need to try and deal with those so if you’ve got alcohol, drug problems, gambling problems or you’re trying to maintain a lifestyle that your income doesn’t support then you probably need to get some help from that, without waiting until an organised crime gang member comes and offers you some money.
INTERVIEWER: So moving away from the individual, the unauthorised release of government information presents great risk to the public sector agency and to government. Exactly what do organisations stand to lose as a result of this type of corruption?
DR RUSSELL SMITH: Reputational damage is the greatest I think loss of information particularly from large government departments that might deal in health records or personal tax information can be a serious problem for the reputation of the government. In terms of law enforcement having information disclosed about ongoing and future law enforcement operations can be seriously damaging, not only to the police service in question but also for individuals involved and that can occasionally lead to undercover operatives being compromised and even result in them being placed at a serious risk of violence. And of course the upshot of all forms of corruption is financial loss, sometimes these are direct so money taking from organisations and spent by organised crime groups are invested in future crime activities or sometimes consequential losses, things that you might not think of such as loss of personnel having to reinstate computer systems, damage to people’s livelihoods and personal relationships, they’re all effects that can result from corruption.
INTERVIEWER: Is there anything public sector bodies can do to prevent or respond to the threat posed by organised crime groups?
DR RUSSELL SMITH: I think being aware of what the risks are is the starting point so having a good understanding of how your organisation operates, where the risk areas lie and then putting systems in place to try and monitor those risks and see if they’re being used by organised crime. Staff monitoring is important so understanding what your staff are doing, knowing if you have people who have particular lifestyles or behavioural problems that might make then vulnerable to being compromised by organised crime. That’s not to say that everyone would be subject to acts of corruption but giving people support if they are suffering problems of addiction or lifestyle expenditure problems is important. Having computer security systems in place against malware and data loss in particular, having restrictions on use of social media in high risk situations. And having whistleblowing systems and reporting systems in place so that if corruption is taking place and someone becomes aware of it they can report that in a proper, efficient and confidential way so that action can be taken. One other idea is to ensure that any staff who have been found to be untrustworthy and who are dismissed from their employment are monitored to make sure they don’t take compromised data away with them from the workplace and also that they don’t go to another workplace and do the same thing. So the days I think of dismissing people, showing them the door and that’s the end of that problem I think have gone, we need to be very careful about staff who have been dismissed for acts of dishonesty to make sure they are not given references that might not be entirely frank in future and really try and avoid allowing them to re-offend in another work place.
INTERVIEWER: That was Dr Russell Smith, Principal Criminologist from the Australian Institute of Criminology, speaking about organised crime and public sector corruption. Now if you want to find out more about corruption go to www.ibac.vic.gov.au