CYBERCRIME, CYBER-RELATED CRIME, AND CYBER-RELATED INCIDENTS
PURPOSE
The purpose of this Field Operations Directive is to establish procedures for handling cybercrimes, cyber‑related crimes, and cyber‑related incidents. This FOD also provides instruction for the proper use of newly created statistical codes 551, 552, and 559 which shall be used for the tracking of these incidents.
BACKGROUND
Computers, electronic tablets, smart phones, and related technology have become commonplace in our society. Rapid advances in technology along with the increased number of affordable computer-related devices have caused a rapid increase in the number of individuals using technology for the commission of crimes. In addition, Penal Code Section 13023.5 specifically requires the Los Angeles County Sheriff’s Department to gather and report statistical information regarding the use of electronic devices in the commission of various crimes.
Law enforcement personnel need to be aware and recognize when cyber devices might be in use, or have played a part in the commission of a crime. In addition, a working knowledge of how to properly handle these devices is necessary so valuable evidence is not lost or rendered inadmissible in court.
DEFINITIONS
Cybercrime: A crime wherein the internet, computers, mobile communications devices, or any related technology is used as the primary instrument. Examples may include:
Cyber‑Related Crime: Crimes wherein the internet, computers, mobile communications devices, or any related technology were used in its commission, preparation, or furtherance, but not as the primary instrument. Examples may include:
Cyber-Related Incident: Non‑criminal incidents requiring a police response, or which generates a call for service, wherein the internet, computers, mobile communications devices, or any related technology were used. Examples may include:
Cyber Device: Any electronic device which can be used to create, send, receive, or store digital information, files, photos, text, e‑mail, or any other type of electronic code.
Social media: includes any electronic medium where users may create, share, and view user‑generated content, including uploading or downloading videos or still photographs, blogs, video blogs, podcasts, or instant messages, or online social networking content. Examples may include:
POLICY AND PROCEDURES
The following statistical codes (stat codes) have been developed for the tracking and reporting of cybercrime:
551 ‑ Cybercrime
552 ‑ Cyber-Related Crime
559 ‑ Cyber-Related Incident (non‑criminal)
These stat codes shall be entered as a secondary stat code on the Incident Report (SH‑R‑49) and DDWS, in addition to the primary crime’s stat code.
The SH‑R‑49 has been updated to include check‑boxes for "Cyber" incidents. The appropriate checkbox shall be used in conjunction with the new 55x series of stat codes.
PATROL STATION PERSONNEL
Desk Personnel
Desk personnel shall dispatch a patrol unit to handle cybercrime, cyber-related crime or cyber-related incidents. The incident’s priority level shall be determined in the same manner as other calls for service. It is important to acquire pertinent information from the caller and include it in the narrative of the call.
The Sheriff's Information Bureau’s Electronic Communication Triage Unit (SIB e‑COMM) will notify station personnel of large parties, demonstrations, or other events that have been advertised on social media systems. Although these notifications are advisory in nature, these types of events could have a detrimental effect on station resources and have the potential for increased violence in the area. They shall be assessed and handled in the same manner as other information that is received by station desk personnel.
Field Deputies
When responding to a call for service or while conducting a field investigation, the following guidelines shall be followed when cyber devices may have been used:
Guidelines for Seizing Digital Devices
Notifications and SRD Guidelines
Commercial Crimes Bureau Cybercrime Detail shall be immediately notified by phone or if after hours, SHB, for incidents involving:
Routine notifications shall be made to the Commercial Crimes Bureau Cybercrime Detail by phone or FAX at [REDACTED TEXT], whenever any of the following incidents occur:
Approving Sergeant
Shall review all reports for cyber (computer, mobile phone or Internet) involvement; ensure the appropriate secondary stat code is used; ensure the check‑box for "Cyber" incidents on the SH‑R-49 has been selected, if appropriate; and upon approval of the report, ensure an SRD is made to DD/CCB.
Detectives
Shall determine whether or not a computer and/or social media was involved, and ensure the appropriate secondary stat code was used. If necessary write a supplemental report adding the appropriate secondary stat code. When a cyber-related arrest has been made, ensure the appropriate 55x series stat code was used before completing/clearing a case.
Detective Lieutenants
Shall ensure that the case file has been updated with the appropriate use of cybercrime or cyber-related stat codes and supplemental reports.
CONTACT INFORMATION
Commercial Crimes Bureau Fax: [REDACTED TEXT]
Cybercrime Detail Main Office: [REDACTED TEXT]
Cybercrime Detail Fax: [REDACTED TEXT]
Cybercrime Detail Supervisor: [REDACTED TEXT]
Cybercrime Help Desk: [REDACTED TEXT]
Special Victims Bureau, SAFE Team: [REDACTED TEXT]
SIB Electronic Communication Triage Unit (SHB e‑COMM): [REDACTED TEXT]
All after hour notifications shall be made through Sheriff's Headquarters Bureau: [REDACTED TEXT]
CITES/REFERENCES
Penal Code Section 13023.5