Demographic variables and risk factors in computer-crime: an empirical assessment
Kyung-shick Choi, Kyungseok Choo & Yong-eun Sung
Cluster Computing The Journal of Networks, Software Tools and Applications ISSN 1386-7857 Cluster Comput DOI 10.1007/s10586-015-0519-8
1 23
Your article is protected by copyright and all rights are held exclusively by Springer Science +Business Media New York. This e-offprint is for personal use only and shall not be selfarchived in electronic repositories. If you wish to self-archive your article, please use the accepted manuscript version for posting on your own website. You may further deposit the accepted manuscript version in any repository, provided it is only made publicly available 12 months after official publication or later and provided acknowledgement is given to the original source of publication and a link is inserted to the published article on Springer's website. The link must be accompanied by the following text: "The final publication is available at link.springer.com”.
1 23
Author's personal copy Cluster Comput DOI 10.1007/s10586-015-0519-8
Demographic variables and risk factors in computer-crime: an empirical assessment Kyung-shick Choi1,2 · Kyungseok Choo3,4 · Yong-eun Sung5
Received: 2 November 2015 / Revised: 8 December 2015 / Accepted: 19 December 2015 © Springer Science+Business Media New York 2016
Abstract The purpose of this research is to examine how demographics variables interact with factors such as online lifestyle, digital-capable guardianship, computer security management, and levels of individual computer crime victimization. The current study used a secondary data which was a self-report survey (N = 204) contained items intended to measure the major constructs of routine activities theory. The findings of SEM (structural equation modeling) analysis showed that: (1) gender did not substantially influence on digital guardian factor and computer crime victimization. However, males are more likely to be engaging in online risky leisure activities such as visiting unknown Web sites, downloading free games, free music, and free movies than females. Simultaneously, males tended to update computer security, change the passwords for e-mail account, search for more effective computer security software, check the operation of computer security online, and use different passwords and user IDs for their Internet accounts than females; (2) individuals with older age are less likely to equip the num-
B
Yong-eun Sung
[email protected] Kyung-shick Choi
[email protected] Kyungseok Choo
[email protected]
1
Department of Criminal Justice, Bridgewater State University, Bridgewater, USA
2
Boston University, Boston, USA
3
School of Business and Justice Studies, Utica College, New York, USA
4
Justice and Prevention Research Center, WestEd, San Francisco, USA
5
Department of Police Administration, Far East University, Gamgok-myeon, Korea
ber of computer security software with less duration; (3) race does not have any statistically significant impact on computer crime victimization. Lastly, the policy implications and the limitations of the current research were discussed at the last part of this study. Keywords Routine activity theory · Online lifestyle · Digital-capable guardianship · Computer security management · Computer crime victimization · Computer-crime
1 Introduction Since 1980s, numerous efforts have been made to understand crime victimization, and it is generally accepted that the victimization is correlated to demographic factors such as race, age, and gender [17]. Although computer crime victimization has recently become a focus of attention, most studies investigated crime victimization in the physical world rather than cyberspace. The current study explores the relationship between social context variables and individual computer crime victimization. Modern information/communication technology makes it possible for us to connect with one another beyond physical boundary through personal computer systems. While these computer systems help to create cyber connectivity, their use also raises a concern that computer criminals have developed advanced technologies to target victims. For example, new computer viruses are generated and spread on a daily basis, thus requiring computer users to protect their computer systems, with the most up-to-date version of security software. A common method of spreading computer viruses is through various online communication tools, such as email and online messaging programs. The virus attacks a computer when an email attachment is opened or a computer
123
Author's personal copy Cluster Comput
application is downloaded. Computer users are also vulnerable when clicking on pop-up messages, digital icons, or hyperlinks on Web sites or documents in cyberspace; these simple routine cyber activities can swiftly launch malicious computer program applications and immediately implant them on the users’ computer systems [21]. Since the activation of a virus depends on its design, many computer users are less likely to acknowledge their victimization, unless they have problems accessing their operating system, data, or software. When an infected computer system is connected with an online network, it acts as a new viral agent and spreads the virus to other computers if other online users share the same networks; therefore, even if an email with an attachment is sent from an acquaintance or friend, online users must be cautious when opening it [11]. Based on the lifestyle exposure theory, Choi (2008) suggests that online users must be constantly vigilant about any potential viruses by adapting adequate online lifestyle. In addition to viruses being transmitted through various communication tools, many free software and media files that are widely available online have also been identified as a virus carriers. Because of these potential threats from unknown viruses, scanning files for a potential virus before opening them has become a regular part of the online lifestyle. Thus, online users should be aware of potential victimization when downloading programs, opening files, or obtaining other features or programs from unfamiliar web sites. The current study aims to examine how demographics variables interact with factors such as online lifestyle, digital-capable guardianship, computer security management, and levels of individual computer crime victimization. The assessment of social context factors in cyber spatial structures will help understand the interaction between social environments and the traits of online spatiality. Structural equation modeling (SEM) will be used to assess the statistical relationships between demographic variables and factors based on computer crime victimization. A review of the routine activity and lifestyle exposure theories is presented, followed by a discussion of the research methods and a presentation of the data analysis. Finally, this paper concludes with a discussion of the findings, limitations, and implications of this study.
2 Literature review 2.1 Routine activities theory and computer crime The routine activities theory focuses on opportunity structure variations in our daily routines that provide motivated offenders with a range of opportunities to commit crime [5]. The theory posits that most crimes involve direct contact between the offender and the “target.” Subsequently, it stresses that
123
the occurrence of the crime requires the convergence in time and space of the motivated offender, a suitable target, and the absence of a capable guardian [6]. The theory also emphasizes that “the spatial and temporal structure of routine legal activities” will help one to understand how a motivated offender takes a given opportunity to commit criminal acts [5]. In other words, an individual’s daily activities in a social situation create certain conditions or opportunities for motivated offenders to commit criminal acts. For example, in the case of a burglary, frequent social activities away from home can produce certain criminal opportunities, as the absence of a capable guardian at home is likely to make their household property a suitable target [7]. Indeed, many studies support the belief that property crime victimization is related to frequent absences from the home [18]. Some also argue that crime victimization can be determined by a “proximity to high concentrations of potential offenders” [12]. The concepts of the theory have been well received and supported in the physical world. However, it still remains to be seen if these concepts are also supported for computer crime victimization in cyberspace. 2.1.1 Spatiality in cyberspace Interactions between social context factors and the traits of spatiality can often determine criminal opportunities. Previous studies have suggested that social context factors have a substantial influence on crime victimization [19]. According to the National Crime Survey and British Crime Survey, demographic factors such as age, race, and marital status are associated with general crime victimization [4]. An example of the demographic characteristics in typical larceny victimization shows “a family income of $20,000 or more a year, sixteen through twenty-nine year olds, people who live alone, and persons who are unemployed” [4]. It has also been found that the level of both minor and major theft victimization among college students is significantly determined by the victims’ demographic factors, along with their types of social activities, levels of self-protective efforts, neighborhood environments, and participation in illegal behaviors [15]. Bernburg and Thorlindsson [1] further tested the routine activities theory based on cross-sectional data from a national survey of Icelandic adolescents. They measured the concept of unstructured peer interactions in the absence of authority figures as a routine activities indicator in relation to violent behavior and property offense. They found that a routine activities indicator was positively associated with deviant behaviors. They also found that this association was significantly impacted by social contextual factors. Like the physical world, cyberspace also shares a common social environment. According to Castells (2002),
Author's personal copy Cluster Comput
cyberspace is oriented from the social and international environments in our society and reflects the “real world” of socioeconomic and cultural dimensions [2]. For instance, it has become a part of our routine activities to shop online or to access various web sites to obtain information. Castells (2002) also speculates that online users with different demographic backgrounds may visit different web sites based on their interests and, that this creates a distinctive cyber community based on its members’ online interests. Although cyberspace allows Internet users to access any web sites beyond physical boundaries, popular web sites (i.e., Ebay, MSN, AOL, or Myspace.com) typically attract many users and therefore, a higher density of Internet connections than other domains via a search engine (i.e. Google, Yahoo). A higher number of users of one web site creates a proximity of motivated offenders and their victims in cyberspace [23]. In fact, computer victimization occurrences can be seen on many social networking web sites. In other words, it is plausible to argue that demographic factors contribute to cybercrime victimization and an online lifestyle. 2.1.2 Temporality in cyberspace Routine activities theory also pays an attention to the temporal sequence of the crime event, which indicates the importance of a clear temporal order of events before, during, and after a crime occurs. The theory emphasizes that “the coordination of an offender’s rhythms with those of a victim” facilitates a convergence of a potential offender and a target in a temporal sequence [5]. Although Cohen and Felson’s proposition of crime occurrences in particular places may be applicable to a study of computer crime victimization [16], their proposition of a particular time does not seem to match with the temporal structure of cyberspace. It is also worth noting that the uniqueness of the temporal structure of cyberspace is what motivates offenders and that their targets or victims are located all over the world. The Internet is not limited to a particular time zone and is fully available to anyone at anytime [23]. Interestingly, cyber security breaches are committed by “quick ‘hit and run’ cyber-attack tactics on computers and by effectively bypassing audit traps [10]. In such a case, there is no particular temporal pattern or sequence of the cyber crimes or victimization. Thus, it is impossible to estimate the number of individuals that are engaging in computer criminal behavior at any specific point in time. However, as is noted in the routine activities theory, it is assumed that there is always a motivated offender waiting for the opportunity to commit a criminal act. 2.2 Lifestyle exposure theory: online behaviors The lifestyle exposure model focuses on the victims’ daily social interactions [8] compared to the traditional crimino-
logical theories, which concentrate on the characteristics of individual offenders or individual causal variables. It contends that criminal victimization results from the daily living the regular patterns of the victims [9]. has defined lifestyle as “routine daily activities,” including “vocational activities (work, school, keeping house, etc.) and leisure activities” [8]. The current research will use the lifestyle exposure theory to determine how demographic variables interact with online lifestyles by examining the individual’s online vocational activities and leisure activities that contribute to computer crime victimization. According to Hindelang et al. (1978), the lifestyles of individuals are determined by “differences in role expectations, structural constraints, and individual and subcultural adaptations” [8]. The lifestyle exposure theoretical model has been broken down into two stages. The first stage explains how role expectations and social structure form constraints. Role expectation is defined as expected behaviors that are corresponded to cultural norms, which link with the individuals’ “achieved and ascribed statuses” [8]. Demographic variables such as age and gender are substantially associated with role expectations, because certain age and gender differences are expected to follow normative roles in American society. The concept of structural constraints is defined as “limitations on behavioral options” that constantly deploy conflicts to individuals by corresponding with “the economic, familial, educational, and legal orders” [8]. Kennedy & Forde (1990) have found that demographic variables such as age, sex, marital status, family income, and race significantly influence daily activities and the level of criminal victimization risk. The study also suggests that lifestyle factors significantly reflect an individual’s amount of exposure time in places associated with victimization risk [9]. The second phase of the model associates differential lifestyle patterns with “role expectations, structural constraints, and individual and subcultural adaptations [8]. The theory further explains an adaptation process, which occurs when individuals or groups seek to gain knowledge of skills and attitudes in order to manage the constraints associated with role expectations and social structure. Some individual traits are developed through the adaptation process, including an individual’s attitudes and beliefs. Hindelang et al. (1978) believe that the individuals modify their attitudes and beliefs and that these learned traits naturally become a part of routine behavioral patterns in the course of continuing these processes. Hindelang et al. (1978) considered that vocational and leisure activities are central to a person’s life and are thus predictive of personal interactions with others in one’s daily lifestyle. Thus, they closely scrutinized the importance of the relationship between victimization and vocational and leisure activities. The specification of the lifestyle exposure model has confirmed that lifestyle is directly related to one’s level
123
Author's personal copy Cluster Comput
of exposure to victimization risk. Moreover, the model has indicated that association, which refers to the level of personal relationships among individuals who share common interests, is another factor that indirectly links exposure to personal victimization. In other words, personal associations increase one’s level of the exposure to individual victimization. Mishna et al. (2009) supported this notion in the case of the cyber victimization of children and youths. They described the notion through youth’s widespread involvement in online social networks comprised of both existing friends and acquaintances as well as relationships initiated and maintained through the Internet [13] addition, Tak et al. [20] found that excessive hours of computer use (e.g., for online gaming, interacting with cyber communities, and viewing adult websites) significantly increase the likelihood of engagement in cyber delinquency among high school students, especially, male students. In cyberspace, victims are lured through fraudulent schemes, such as free offers of popular software, music, or movie downloads. Various types of computer viruses, such as Trojan horses, logic bombs, and time bombs, are designed to breach computer security, and hidden virus codes are characteristically installed in these free programs. Thus, clicking on an icon without precaution in social networking sites in cyberspace can result in computer-crime victimization. Piazza (2006) found that computer users’ information can be easily sent to hackers by simply clicking a pop-up window on “social networking sites” such as sites for free downloads and online bulletin boards, in which the hacker has planted a malicious JavaScript code [16]. According to the 2005 FBI Computer Crime Survey, “the virus, worm, and Trojan category” was rated as the highest category of financial loss, which is over three times larger than any other category [22]. Based on the lifestyle exposures theory, one’s lifestyle pattern likely causes one to be in certain locations at certain times and to thus interact with people with certain characteristics. Thus, the occurrence of criminal victimization relies on “high risk times, places, and people” [8]. As noted in the section on the routine activities theory, temporality is not absolutely necessary in cyberspace because there is no time zone in cyberspace [23]. The proposed research explores the relationship between individual demographic factors in cyberspace and computer crime victimization through the medium of online activity. Three demographic characteristics of race, age, and gender will be measured to determine their correlation to specific online lifestyle patterns that create “differences in exposure to situations that have a high victimization risk” [8]. Computer criminals search for suitable victims in cyberspace. Online users congregate at certain web sites based on their interests, and they socialize with others in cyberspace. High levels of network activity on a particular site and search engine tools can guide offenders to popular Web sites in
123
cyberspace [23]. These popular Web sites become a sort of shopping mall for offenders. It would be a natural expectation to find variability on individual’s online lifestyles and computer crime victimization according to demographic differences.
3 Methodology and analysis 3.1 Secondary data This research is considered as a secondary data analysis since we used an existing dataset retrieved from the previous research. Choi (2008) developed the computer crime victimization model derived from the combination of two victimization theories (i.e., Routine Activities and Lifestyle-exposure theory). Using structural equation modeling, the causal relationships among digital guardian, online lifestyle, and computer-crime victimization indexes were assessed in his research. The research revealed that digitalcapable guardianship and online lifestyle directly influence computer-crime victimization [3]. In the spring 2007 semester, a self-report survey (N = 204) that contained items intended to measure the major constructs of routine activities theory was administered to university students in nine liberal studies classes at a university in the Pennsylvania State System of Higher Education (PaSSHE). Using a stratified-cluster, random-sample design, any students, who was enrolled in the general studies course and utilized his or her own personal computer, or laptop, was qualified to participate in the proposed survey. The analysis section focuses on the relationship between demographic variables (race, age, and gender) and causal factors of computer crime victimization (digital capable guardianship, online lifestyle, and security management) derived from the computer crime victimization model (Table 1). 3.2 Measurement 3.2.1 Digital guardian measures Digital guardian measures consist of two observed variables. First, the first observed variable is number of Installed Computer Security Programs (0 as absence of security and 1 as presence of security). The value 0 refers to absence of computer security and 3 means that computer users installed antivirus, anti-software, and firewall software in their own computer. The mean of the number of computer security score was 2.6, with a standard deviation of 0.73, alpha coefficient of 0.62. Second, the second observed variable is duration of equipping the Security Programs (10-cm line their responses regarding each of the three main computer
Author's personal copy Cluster Comput Table 2 Fit indices for structural model
Table 1 Demographic characteristics Demographic characteristic
Study sample (N = 204)
Age Mean age
20.41
Model
χ2
Df
TLI
CFI
RMSEA
Measurement model
339.477
95
0.744
0.818
0.103
Structural model
320.050
88
0.767
0.821
0.106
Gender Female
54.9 % (n = 112)
Male
45.1 % (n = 92)
Race African American
7.4 % (n = 15)
Asian
2 % (n = 4)
Caucasian
84.3 % (n = 172)
Hispanic
2 % (n = 4)
Native American
0 % (n = 0)
Other
4.4 % (n = 9)
security measures during the 10-month period). The mean of the duration of having computer security score was 22.3, with a standard deviation of 7.65, alpha coefficient of 0.70. 3.2.2 Online lifestyle measures Individual online lifestyle is measured by three distinct observed variables: (a) vocational and leisure activities on the Internet, (b) online risky leisure activities, and (c) online risky vocational activities. For the first measure of online lifestyle, eight survey items that made up the vocational and leisure activities scale, along with their item-total correlations. As with the vocational and leisure activities scale, respondents were asked to indicate on a 10-centimeter response line their level of agreement or disagreement with each statement. The items were anchored by strongly agree at the lower limit and strongly disagree at the upper limit. The scale’s possible aggregate range is 0–80 with higher scores reflecting higher online vocational and leisure activities. The mean vocational and leisure activities score for this sample is 53.62, with a standard deviation of 11.22. The scale based on eight items had satisfactory skewness and kurtosis levels, and the assessment of principal factor analysis and a Scree test validated the scale items as a unitary construct. For the measures of two categories of online risky lifestyle, each of four survey items was designed to rate the respondents’ online leisure and vocational activities that are risky. Like other online lifestyle scale, respondents were asked to indicate on a 10-centimeter response line their level of agreement or disagreement with each statement. The terms strongly agree and strongly disagree anchor the response line. In the category of online risky activities (“Risky Leisure Activities”), the scale’s possible aggregate range is from 0 to 40. The mean of the first risky activities score for this sample is 16.02, with standard deviation of 8.93.
The second category of online risky activities (“Risky Vocational Activities”) consisted of four items, so the scale’s possible aggregate range is also from 0 to 40. Both categories have met the appropriate levels of skewness and kurtosis for SEM analysis, and the results based on principal components factor analysis and a Scree test suggested that each of scale items consists of unitary construct.
3.2.3 Security management measurements The structure of computer security management questionnaires indicated that higher levels of computer security management are likely to minimize computer-crime victimization. Thus, the original scale’s possible aggregate range is 0–50, with the higher scores reflecting higher levels of computer security management. The research hypotheses propose that the more time online users spend and the more users engage in risky behaviors in cyberspace, the greater the chance they will be victimized. Thus, each computer security management item needed to be reversely coded for fitting into the model by subtracting the values from absolute value of 10. In other words, higher values represent higher negligence of security management after the recoding process. The recoded computer security management scale has an adequate internal consistency coefficient of 0.76, which is sufficient for research purposes. The mean security management score is 31.79, with a standard deviation of 11.34. The scale has a satisfactory skewness of −0.52 and kurtosis of −0.34. The results from skewness and kurtosis indicated that the scales have met the acceptable levels of approximate normality for SEM analysis. SEM was used to test the existence of any statistical significance between demographic variables (age, gender, and race) and main computer crime victimization factors (the online lifestyle factor, the digital-capable guardianship factor, computer security management factor, and security management). Table 2 shows the fit of the structural model using the descriptive fit index. Although three measures of absolute fit (adjusted chi-square, RMSEA, TLI, and RMESEA) were unable to convey an adequate fit for model, the model had attained minimal overall good model fit for this study (Table 3).
123
Author's personal copy Cluster Comput Table 3 Correlation, skewness, and kurtosis for observed variables Gender Gender
Age
OL1
OL2
OL3
DG1
DG2
SM1
SM2
SM3
SM4
SM5
1 0.249
Age OL1 OL2
−0.117
1
−0.153
6.943
−0.031
−0.209**
−0.173
−6.176
−0.274** −0.061 −1.222
OL3 DG1 DG2
−1.446
0.173*
−0.150*
0.768
−3.510
1 125.939 0.412** 41.235 0.268** 26.751
1 79.731 0.272** 21.633
1 79.064
−0.107
−0.152*
0.172*
0.147*
−0.004
1
−0.039
−0.297
1.431
0.968
−0.028
0.547
−0.037
−0.162*
0.181**
0.112
−0.019
0.788**
−0.140
−3.261
7.667
−1.318
4.458
SM1 SM2 SM3 SM4
1 58.538
0.165*
0.050
−0.264** −0.176*
−0.028
−0.337** −0.378**
0.277
0.446
−9.956
−5.291
−0.830
−0.838
−9.724
0.070
−0.049
−0.075
−0.047
−0.109
−0.097
−0.078
0.212**
0.107
−0.394
−2.567
−1.284
−2.980
−0.220
−1.830
2.181
9.413
0.059
0.067
−0.191** −0.127
−0.032
−0.107
−0.072
0.183**
0.473**
0.095
0.571
−6.939
−3.668
−0.931
−0.257
−1.789
1.993
4.701
0.223** −0.047
−0.098
−0.003
−0.016
0.497**
0.497**
0.378**
0.427**
−0.411
−3.605
−0.082
−0.472
5.491
5.491
3.821
4.546
0.176*
−0.047
−0.151*
−0.136
0.006
−0.222** −0.103
0.385**
0.327**
0.387**
0.621**
0.255
−0.358
−4.930
−3.527
0.150
−0.478
−2.304
3.764
2.916
3.644
5.951
8.471
0.31
−1.157
−0.488
−0.505
−1.226
0.046
−1.067
−1.101
0.385
0.367 SM5
15.576
Skewness Kurtosis
−0.186** −950.823
−0.60
0.436
−0.52
−1.96
−0.99
1.01
−0.441
−0.34
3.37
0.25
1 11.278
−1.264
1 1 10.480
The top value in each cell is the correlation coefficient. The value below it is the variances or covariances ∗∗ Correlation is significant at the 0.01 level (2-tailed); ∗ Correlation is significant at the 0.05 level (2-tailed)
4 Results This section presents how demographic variables (race, age, and gender) relate to main factors in computer crime victimization (capable guardianship, online lifestyle, and security management), which are the major constructs in this research. In order to delineate significant relationships between demographic variables and the suggested main factors, SEM was applied by taking into consideration the scales of the variables. In order to examine whether demographic variables have a substantial impact on the level of individual online lifestyle, capable guardianship, and computer crime victimization, SEM was applied (Fig. 1). 4.1 Gender As first demographic variable, the research inspected the statistical relationship between gender and the suggested main
123
Fig. 1 Path diagram for structural model
1 10.838 1
Author's personal copy Cluster Comput
factors. SEM result indicated that gender difference contributes to the level of risky leisure activities, risky vocational activities, and security management. In risky leisure activities, the unstandardized coefficient of −1.620 suggests that the risky leisure activities are statistically associated with gender difference. In overall, males tend to be engaging in online risky leisure activities such as visiting unknown Web sites, downloading free games, free music, and free movies than females. Security management items were reversely coded for gaining the same directions with other online lifestyle variables. Thus, higher values represent higher negligence of security management. In recoded security management, the unstandardized coefficient of 1.023 indicated that males are more likely to update computer security, change the passwords for e-mail account, search for more effective computer security software, check the operation of computer security online, and use different passwords and user IDs for their Internet accounts than females. However, gender did not substantially influence on digital guardian factor and computer crime victimization. 4.2 Age The research also examined the statistical relationship between age difference and the computer crime victimization variables. Three specific hypotheses were tested in order to measure how age difference has substantial influences on the level of digital capable guardianship, individual online lifestyle, computer crime victimization, and security management. In the first hypothesis, the unstandarized coefficients of −0.470 indicated that age has negative, substantial impacts on the level of digital capable guardianship ( p < 0.05). This result suggests that individuals with older age are less likely to equip the number of computer security software with less duration. In other words, as age increases, the level of capable guardianship decreases. In the second hypothesis, online lifestyle factor was tested by taking account into age difference. The results suggested that age difference significantly contributes to online lifestyle variables; the level of online vocational activities, online leisure activities, and online risky vocational activities ( p < 0.05). The unstandarized coefficients of −0.252 indicate that age has a negative influence on individual vocational and leisure activities and risky vocational activities. In other words, older online users were less likely to spend extensive time for vocational activities, leisure activities, and engagement in risky vocational activities. Although research hypothesized that age difference significantly contributes to the computer crime victimization factor and the level of security management factor, any significant finding was not found. Hence, age difference does
not significantly influence on computer crime victimization and the level of security management. 4.3 Race SEM analysis suggested that race variable does not statistically influence on the main factors. Although the research originally hypothesized that there is statistical variability in the population based on race, which contributes to the level of digital guardianship, online lifestyle, and computer crime victimization, the result indicates that race does not have any significant impact on any main factors. Thus, race variable was removed from the model. In summary, specific findings were revealed via the application of SEM, which confirmed that racial difference has no substantial impact on any of computer crime victimization factors. First, age difference has a substantial influence on the level of digital capable guardianship and online lifestyle. Second, gender difference differentially influence on the degree of engagement of online risky leisure and vocational activities, and the level of computer security management. Lastly, race does not have any significant impact on the main factors in computer crime victimization (capable guardianship, online lifestyle, and computer crime victimization)
5 Discussion and conclusion The present study serves as an empirical attempt in examining the extension of the routine activity theory of crime in cyber space in explaining computer crime victimization. Thus, this study aims to examine how demographics variables interact with factors derived from Choi’s (2008) computer crime victimization model. First, the result shows that males tend to be engaging in online risky leisure activities such as visiting unknown Web sites, downloading free games, free music, and free movies than females. At the same time, males are more likely to update computer security, change the passwords for e-mail account, search for more effective computer security software, check the operation of computer security online, and use different passwords and user IDs for their Internet accounts than females. However, gender did not substantially influence on digital guardian factor and computer crime victimization. This result reveals a critical implication for understanding both computer crime victimization and computer crime behavior. Recently, Moon et al. (2012) examine the generality of the general theory of crime in explaining computer crime by using a panel of 2751 Korean youths. The result shows that female youths report a lower level of involvement in both computer crime behaviors than male youths [14]. This was a significant gender gap in computer-related opportunity factors, they explained this gap, and “boys are more likely to use a computer longer on
123
Author's personal copy Cluster Comput
a daily basis, whereas girls have greater computer access at home and through membership to cyber clubs.” Fortunately, male students in this study are more sensitive on protection for their computer security than female students. Second, in terms of the relationship between age and computer crime victimization factors, the result suggests that individuals with older age are less likely to equip the number of computer security software with less duration. It means that as age increases, the level of capable guardianship decreases. Moreover, older online users were less likely to spend extensive time for vocational activities, leisure activities, and engagement in risky vocational activities. Third, regarding the relationship between race and computer crime victimization factors, the result indicates that race does not have any statistically significant impact on computer crime victimization. The main contribution of this research is that it empirically attempts to examine relationship between computer-crime victimization model and demographic variables. Nonetheless, the current study has a number of limitations that should be considered for future research. First of all, this study focused on only three different types of computer crime victimization (e.g., total frequency of victimization, total number of hours lost, and total monetary lost), and future research should include additional types of computer crime victimization. Second, items used to measure key factor measure several key dimensions; however, they fail to capture all dimensions of computer security and online users’ behaviors. Thus, researchers in future studies need to develop more precise scales to measure computer security and online users’ behaviors and explore other theoretical perspectives for delineating a true crime victimization model. In this regards, it should be considered to put other theories and measurements, such as self-control and learning mechanism in order to provide more insights in the computer crime victimization.
8. Hidelang, M.J., Gottfredson, M.R., Gaffalo, J.: Victims of Personal Crime: An Empirical Foundation for a Theory of Personal Victimization. Ballinger, Cambridge (1978) 9. Kennedy, L.W., Forde, D.R.: Routine activities and crime: an analysis of victimization in Canada. Criminology 28, 137–151 (1990) 10. McMullan, J.L., Perrier, D.C.: Controlling cyber-crime and gambling: problems and paradoxes in the mediation of law and criminal organization. Police Pract. Res. 8(5), 431–444 (2007) 11. McQuade, S.C.: Understanding and Managing Cybercrime. Pearson Education Inc., Upper Saddle River (2006) 12. Meier, R., Miethe, T.: Understanding theories of criminal victimization. Crime Justice 17, 459–499 (1993) 13. Mishna, F., McLuckie, A., Saint, M.: Real-world dangers in an online reality: examining online relationships and cyber abuse. Soc. Work Res. 33(2), 107–118 (2009) 14. Moon, B., McCluskey, J.D., McCluskey, C.P., Lee, S.: Gender, general theory of crime and computer crime: an empirical test. Int. J. Offender Ther. Comp. Criminol. 57(4), 460–478 (2012) 15. Mustaine, E., Tewksbury, R.: Predicting risks of larceny theft victimization: a routine activity analysis using refined lifestyle measures. Criminology 36, 829–857 (1998) 16. Piazza, P.: Technofile: antisocial networking sites. Secur. Manag. 1–5 (2006) 17. Sampson, R.J., Lauritsen, J.L.: Deviant lifestyles, proximity to crime, and the offender-victim link in personal violence. J. Res. Crime Delinq. 27(2), 110–139 (1990) 18. Sampson, R.J., Wooldridge, J.D.: Linking the micro-and macrolevel dimension of lifestyle-routine activity and opportunity models of predatory victimization. J. Quan. Criminol. 3, 371–391 (1987) 19. Swan, S.C., Gambone, L.J., Horn, M.L., Snow, D.L., Sullivan, T.P.: Factor structures for aggression and victimization among women who used aggression against male. Partn. Violence Against Women 18(9), 1045–1066 (2012) 20. Tak, S., Park, Y., Kim, U.: Cyber delinquency of high school students focusing on human relationship, psychological and behavior characteristics. J. Juv. Study 14(4), 233–258 (2007) 21. Taylor, R.W., Eric, J.F., Liederbach, F., Holt, T.J.: Digital Crime and Digital Terrorism, 2nd edn. Pearson Education Inc., Upper Saddle River (2011) 22. 2005 FBI Computer Crime Survey (2006). http://www.fbi.gov/ publications/ccs2005.pdf (2006). Accessed 19 Feb 2013 23. Yar, M.: The novelty of ‘cybercrime’: an assessment in light of routine activity theory. Eur. Soc. Criminol. 2, 407–427 (2005)
References 1. Bernburg, J.G., Thorlindsson, T.: Routine activities in social context: a closer look at the role of opportunity in deviant behavior. Justice Q. 18(3), 543–567 (2001) 2. Castells, M.: The Internet Galaxy: Reflections on the Internet, Business, and Society. Oxford University Press, New York (2002) 3. Choi, K.: An empirical assessment of an integrated theory of computer crime victimization. Int. J. Cyber Criminol. 2(1), 308–333 (2008) 4. Cohen, L.E., Cantor, D.: Residential burglary in the United States: life-style and demographic factors associated with the probability of victimization. J. Res. Crime Delinq. 18(1), 113–127 (1981) 5. Cohen, L.E., Felson, M.: Social change and crime rate trends: a routine activity approach. Am. Sociol. Rev. 44, 588–608 (1979) 6. Cullen, F.T., Agnew, R.: Criminological Theory: Past to Present, 3rd edn. Roxbury Publishing Company, Los Angeles (2006) 7. Garofalo, J.: Reassessing the lifestyle model of criminal victimization. In: Gottfredson, M., Hirschi, T. (eds.) Positive Criminology, pp. 23–42. Sage, Newbury Park (1987)
123
Kyung-shick Choi is an Associate Professor in the Criminal Justice Department at Bridgewater State University. As cybercrime program Coordinator at Boston University, Dr. Choi oversees the graduate concentration and certificate in Cybercrime Investigation and Cybersecurity. His research focus is on the intersection of human behavior and technology – and how criminal justice can respond effectively to the challenges of cybercrime. Dr. Choi’s work has appeared in numerous criminal justice journals. He published the books Risk Factors in Computer Crime in 2010 and Cybercriminology and Digital Investigation in 2015.
Author's personal copy Cluster Comput Kyungseok Choo Ph.D. is an Associate Professor of Criminal Justice and Economic Crime and Director of M.S. graduate program of Financial Crime and Compliance Management. He also serves as Senior Research Associate of Justice and Prevention Research Center at WestEd. He has involved in numerous federal/state/foreign government funded projects: 1) the Office of Juvenile Justice and Delinquency Prevention (OJJDP) funded initiative for Juvenile Drug Court Guidelines, 2) a National Institute of Justice (NIJ) funded study for a school safety intelligence fusion center in Miami-Dade, 3) a Bureau of Justice Assistance (BJA) funded research on Sex Offender Authentication, 4) a Korean Institute of Criminology funded transnational human trafficking study, 5) the Massachusetts Shannon Community Safety Initiative, and 6) a BJA-funded research on Identity Fraud Trends and Patterns. The research results have been published as academic journal articles in Asian Journal of Criminology, Victims and Offenders, Sex Offender Law Report, British Journal of Community Justice, Crime and Criminal Justice International, and Women and Criminal Justice.
Yong-eun Sung is an Assistant Professor in the Department of Police Administration (Criminal justice) at Far East University. He was an instructor and research assistant in the School of Criminal Justice at Rutgers University-Newark. His research interests include cybercrime, sexual crime, fear of crime, and policing. Dr. Sung’s work has published in numerous criminal justice and criminology, and policing journals. He published the book Introduction to Criminology in 2015.
123
