AustLII Home | Databases | WorldLII | Search | Feedback

Journal of Law, Information and Science

Journal of Law, Information and Science (JLIS)
You are here:  AustLII >> Databases >> Journal of Law, Information and Science >> 2014 >> [2014] JlLawInfoSci 4

Database Search | Name Search | Recent Articles | Noteup | LawCite | Author Info | Download | Help

Trottier, Daniel --- "Police and user-led investigations on social media" [2014] JlLawInfoSci 4; (2014) 23(1) Journal of Law, Information and Science 75

Police and User-led Investigations on Social Media



Emerging forms of surveillance and policing make use of social media platforms like Facebook and Twitter. This paper considers top-down conventional policing by investigative agencies, as well as ground-up policing by crowd-sourced users. These practices have separate origins and organisational cultures, yet they now converge on platforms that increasingly monopolise social life. While bottom-up policing contains empowering potential, notably by shedding light on instances of police misconduct and political corruption, so to can it be directed towards categories of individuals that are suspected of criminal activity and breaching social norms. Furthermore, the emergence of top-down scrutiny of social media platforms by police suggest that institutions and governments are as capable as ever of asserting control over social life.

Three examples are considered as indicative of police presence and other forms of policing on social media: the emergence of technologies and services that enable police to perform top-down surveillance of social media platforms, bottom-up informal policing on social media following the 2011 Vancouver riot, and market-based attempts to crowd-source user-led surveillance on digital media. Ground-up and top-down forms of policing do not exist independently. Rather, they interact with and influence one another. Policing by the public suggests that although digital media allows for counter-power, so too does it allow a ground-up manifestation of state control in the form of law and order politics, including profiling and discrimination. And while users and members of the public may be willing participants in police work, so too are they unwilling participants when their personal information is repurposed as evidence by law enforcement agencies.


This paper considers monitoring on social media, with a focus on both conventional and crowdsourced policing through these platforms. In particular, it accounts for the interaction between two forms of policing: top-down conventional policing by investigative agencies, and bottom-up policing by crowdsourced users. These two forms of policing have separate origins and organisational cultures, yet they now converge on platforms for contemporary social life. The co-existence of these two forms of policing on the same platform impacts the nature of both visibility and sociality on social media. While bottom-up policing contains empowering potential, notably by shedding light on instances of police misconduct and political corruption, so too can it be used to target categories of individuals that are suspected of criminal activity and breaching social norms. Moreover, crowdsourced policing can be initiated and managed by organisations, such as private companies or law enforcement agencies. And while both beneficial and harmful aspects of bottom-up policing suggest an ‘empowered’ user base, the emergence of top-down scrutiny of social media platforms by police suggest that institutions and governments are as capable as ever of asserting control over social life.

Social media facilitate social convergence, insofar as previously distinct social spheres are able to interact on these platforms. Consider the example of the university student using Facebook, who discovers that their parents, employers and other unidentified watchers have access to their personal information. Indeed, Marwick and Boyd refer to this as ‘context collapse’.[1] As a consequence of this collapse, users may experience a more general convergence of contexts, but also of information that would otherwise be unique to one context, audiences that can access that information, and previously distinct surveillance practices that now mutually augment one another.[2] A generalised process of convergence will likely influence relations between citizens and states. Social convergence on social media marks a further assertion of state control, notably when police scrutiny creeps into domestic sphere. This development is especially salient in a global context marked by revelations about state surveillance of citizens and foreign nationals through PRISM and other schemes. Scholarly research needs to address the asymmetry of visibility between these systems that can gather so much information about individuals, all while remaining rather opaque in their operations. Yet social media also enable user-led counter-power when they make otherwise obscured police work visible. This paper builds on earlier research that theorises social consequences — especially social convergence — that result from the popularity of social media platforms.[3] It also draws on surveillance studies and other literature to explain changing relations between the police and public, as well as their respective uptake of new media technologies.

Three examples of policing on social media are briefly considered: police adoption of new social media surveillance technologies, crowdsourced policing following the 2011 riot in Vancouver, and business models based on crowdsourced surveillance online. Data for these examples comes from a textual analysis of public policing-themed communities on Facebook, as well as an overview of industry literature from information technology companies that specialise in online surveillance. While the first two examples consider police surveillance and user surveillance, respectively, the third is an example of how user activity itself can be appropriated into state and corporate regimes.

1 Monitoring and Policing on Social Media

Social media surveillance is characterised by the expansive growth of these services. Social media adopt new features and enrol new users, to an extent that challenges scholarly efforts to understand them. This is a challenge for scholars wanting to speak authoritatively about social media. But it also challenges users in their prolonged engagement with these services. Users invest their time and identities when creating a presence online, and this investment is tied to assumptions about what the platform is, how it is used, who is using it and which values govern its use. All of these features have changed extensively, leaving users to cope with this volatility.

Facebook is a public face to numerous institutions that monitor its users’ personal information. In addition to speaking about these separate kinds of monitoring as part of a broader category, we can also see how each of these practices changes as a result of social media. Understanding these effects rests on understanding how social media enable social convergence, a process whereby social media’s expansion into different social spheres results in augmented visibility and information sharing between these spheres. In the context of policing, police agencies are able to obtain potential evidence and actionable intelligence from social contexts that may not otherwise be available to them. If they choose to, they can solicit information from users, or even take advantage of user-led monitoring and information gathering that would otherwise take place in an inaccessible social sphere. Different kinds of audiences — and more of each of these different watchers — are turning to the same interface to access the same information. Personal relations are more closely linked to commerce and the workplace. Fuchs and Trottier identify a convergence of communicative flows in formerly distinct social spheres.[4] This imagery supports a leak-based view of Facebook, whereby information that was meant for one context flows into other contexts, either intentionally or as a result of technical fault.[5] While information leaks were formerly exceptional events, Facebook’s exponential increase of leaks amounts to a kind of convergence of social contexts. Such convergence amounts to a consolidation of visibility (all can be seen on one site), and of monitoring (all can watch on one site). Surveillance becomes decentralised, yet this convergence also facilitates a centralised kind of watching.

In terms of the way they retain and distribute personal information, social media platforms are a kind of digital enclosure.[6] Information is not only generated and distributed on social media, but it is retained and archived on its servers. Its users dwell in a controlled space that yields data from social interactions that occur on these sites. The coexistence of so many surveillance practices contributes to a mutual augmentation of visibility, such that any single act of surveillance has a much greater reach. The fact that previously discrete populations can now interact on these enclosures means that any single act of surveillance is amplified in its scope.[7] One consequence is the extent to which user activity on social media augments police work. This augmentation stems from Andrejevic’s study of lateral surveillance, which focuses on how information technologies enhance scrutiny among peers.[8] Social media augment this scrutiny by making these relations visible to police.

Social media’s saturation is a result of their domestication, that is, the degree to which they are embedded in everyday life.[9] Whereas most technologies emerge in other spheres like the military and then spread to the domestic realm, Facebook’s origins are firmly entrenched in everyday life. It developed a culture based on making university life visible, and then the consequences of this visibility emerged as Facebook opened up to institutions, including the police. This heightened surveillance of everyday life is noteworthy. What was formerly the remainder of modern institutional functioning[10] is heavily scrutinised in late modernity.[11] Everyday life used to be a product of institutional oversight. The homestead and other non-commercial spaces were locations where people were comparatively free from surveillance. But the domestication of technology augments the visibility of these locations. Local interactions take place on global telecommunication networks. Mediated everyday activity is more visible to policing and investigations. Using social media technologies, investigators have a much better view of everyday life.

Monitoring and policing on platforms like Facebook is a kind of surveillance creep. In other words, surveillance technologies deemed appropriate in one context can be repurposed in new contexts and applications.[12] Rather than an exceptional development, creeping is Facebook’s standard model for growth. In September 2006, Facebook allowed non-students to become users. With this expansion came an older, more heterogeneous population that shattered students’ expectations of privacy. Furthermore, other targets of scrutiny emerge with this growth. Non-student users were also willing to share personal details, making their everyday life visible in ways that brought troubling consequences. Insurance companies turn to social media to find evidence of fraud,[13] and divorce lawyers rely on it as a source for similar purposes.[14] The repurposing of social media platforms by police and law enforcement can be understood as extending from these examples.

Social media are distributed technologies, in that dispersed users actively contribute content, and coordinate amongst themselves through these sites. This marks a contrast from more centralised media like broadcast television, and suggests a potential empowerment of civil society in the face of state power. Yet distributed technologies do not preclude asymmetrical power relations. Recent events indicate that top-down control is as easy as ever. In 2011, the Egyptian government shut down their country’s telecommunications network, curbing the empowering potential otherwise linked to those technologies.[15] Likewise, the United Kingdom government allegedly ordered the removal of protest videos from YouTube.[16] In both cases, technology developers willingly complied with state power. Yet state control of social media goes beyond repression and censorship. States and institutions increasingly harness positive control over decentralised technologies, taking advantage of the way they make social life visible. Police and other investigators use social media in ways that are indicative of asymmetrical access and asymmetrical relations of visibility.

The kinds of visibility described in the examples below are not based on social media’s technological sophistication, but simply the social convergence resulting from their broad and enduring saturation in social life. They are diffuse and distributed, yet they are also centrally accessible. Police have relied on other techniques and technologies to watch over social life, but never has so much social life been accessible in a single enclosure. Moreover, the social convergence and mutual augmentation of different surveillance practices on one platform complicates — but ultimately enhances — police scrutiny. Everyday actions and conversations become online content. Archived and searchable, this content can be repurposed as evidence.

2 Crowdsourced Policing

Social convergence on platforms like Facebook brings police and intelligence agencies closer to the social activity on these platforms. Another consequence of this convergence is that users may also be emboldened and compelled to perform policing. Social and digital media users can view information about crime and policing provided by police, but also repurpose other users’ information as a kind of evidence. They can also collectively discuss criminal events and suspect categories, submit what they believe to be evidence, and call for social action beyond these sites.

User-led monitoring of citizens online is a kind of crowdsourced surveillance. Crowdsourcing refers to a process where individuals designated as non-professionals engage in a collaborative project for little to no financial compensation. Large crowds of non-specialised individuals now perform activities that would otherwise be reserved to a skilled few with professional designation. Crowdsourcing as a term emerged in a cultural context that celebrated the social virtues of freely available technologies.[17] Crowdsourcing serves as an entry point to conceptualise power and counter-power in a context of ubiquitous devices and shared — but uneven — access to networks.

In most instances, crowdsourcing marks a partnership between private companies and an amorphous social concept: the crowd. The contemporary crowd combines elements from related concepts. The fact that it is a large group of individuals who receive content from media suggests it is a kind of audience. The fact that relations between crowds and organisations are often based on production suggests that crowds are also a kind of labour force. Yet fees and material costs often structure these relations, such that crowds are also customers. Taken together, these features contribute to the concept of the user.[18] Users are increasingly involved in both the production and consumption of media, including digital media. Indeed, this kind of crowdsourced surveillance is a product of recent digital media culture. In particular, they are a product of a growing attention economy on digital media,[19] in which business models explicitly rest on users watching digital media content. In part, the attention economy has been supplanted by an engagement economy[20] that solicits greater participation and intervention from users.

The contemporary user is a product of both the entertainment and technology sectors. With crowdsourced surveillance online, policing and private security are actively involved in this socio-technical assemblage.[21] Crowds of users can operate autonomously within a broader framework that is guided by protocols. Whereas a police officer online is a sole actor, surveillance through crowds relies on a multitude of watchers. Their behaviour in seemingly ‘open’ networks is regulated at both a technical and political level. This is most apparently observed in the on-going shift from broadcast media to two-way ‘interactive’ communication.[22] Interactivity suggests an opening-up: a transition towards a decentralised network of information exchange. Yet this also marks an exponential increase in visibility, surveillance and control. Protocols exist as taken-for-granted routines for organising information, ensuring that categories and control can emerge from complexity.[23] The formerly passive user is continuously encouraged to speak up. At best this information is simply exploited through monetisation strategies; at worst it is used determine citizens’ life-chances.

The kinds of surveillance made possible by crowdsourced efforts mark an ‘exponential multiplication of visibility’,[24] as formerly discrete surveillance practices (citizens watching citizens) are assembled into distributed, yet centrally managed, schemas. This presents two risks: one the one hand, distributed actors lack professional training, and can further discriminatory practices and other concerns that have already been identified with professional agents.[25] Yet distributed networks also augment the possibility for centralised coercion and force. These schemes mark a further political economy of surveillance, and can harness mandates based on categorical discrimination and social sorting.[26]

3 Example One: Social Media Surveillance Technologies for Police

Social media are often framed as empowering users, and citizens more broadly.[27] However, new technologies and legal protocols transform police and other agencies into power users. Investigative agencies benefit from an augmented visibility of social media content — and by extension the visibility of social life. Social media was originally framed as part of ‘dark web,’ where existing surveillance techniques could not access.

However, this is changing as a result of new surveillance technologies, as well as proposed legislation[28] and ambitions envisioned by law enforcement.[29]

We may think of police surveillance on social media as one single process, yet there are several categories of technologies available to agencies. Moreover, these technologies access different means of accessing social media content, and thus different relations between police, social media users and those who own and manage these platforms. This section considers six types of social media surveillance technologies.

First, police can perform manual searching on social media platforms. This technique refers to when an investigator takes advantage of content on sites like Facebook and Twitter as would a conventional user. This process is the most manual of all technologies described, as the investigator manually navigates the site’s interface. This most typically involves publically accessible data. In order to obtain private data on a social networking site, an investigator may submit a friend request to a targeted individual, or request to join a private group. Manual searching can be employed to either target a specific individual, or a group of individuals. In the latter case, the investigator can either target a series of individual profiles, or investigate a group, fan-page or event page. Manual searching is most often active searching, in response to a complaint or based on the suspicion that an individual has committed a crime. This approach includes retrospective searching of previous content, but also real-time interactions with suspects. Social media emerged as a possible investigative tool when individuals affiliated with security and intelligence organisations discovered that they could search these sites for information, as they would in an interpersonal context. Thus, it was a ground-level realisation, rather than a top-down mandate, that introduced social media as an investigative tool.[30]

Second, law enforcement agencies can contact social media companies directly and request specific content about a suspect. This is also a manual process, as investigators have to determine what content they want to obtain. However, the process of collecting the data is offloaded onto the social networking site company themselves. The data involved can be either publically accessible, but private data can also be retrieved. One can presume that this method is employed primarily to obtain private data, as public data can simply be obtained from the website directly. This approach is used primarily to target individuals. It is based on active searching, as investigators have to specify which individuals or collectives they want to monitor. This approach is primarily retrospective, as social media companies comply by sending a pre-determined range of data.

Third, investigators can perform searches of ‘open-source intelligence’ (OSINT) content. This refers to the use of non-private online data for intelligence and investigations,[31] including social networking site data that is not protected by privacy settings. This approach is a mix of manual and automated searching. While the investigator has to manually specify the search criteria and range, the tool (such as a web crawler) will then automatically retrieve this data. Such tools can be used to target groups of individuals, and it would be unconventional to use them to target a single individual. These tools are not as active than the techniques described above, as the investigator is less involved in the actual search for content. These tools can be used for both retrospective as well as real-time searching. As social media platforms develop a greater presence in social life, their users will continue to submit information, much of which is publically accessible. As a result, these publically accessible bodies of information provide unique insight into past, on-going and future criminal events.

Fourth, lawful interception involves directly intercepting the communication flow and obtaining information that is sent or received by a suspect. The decision to target a specific suspect is a manual decision, although the rest of the process can be automated. Through lawful interception, investigators can obtain information that is both private and public according to a social networking service’s private setting. However, it is also private in the sense that it intercepts a secure information flow. Lawful interception targets an individual connection, yet this connection can either belong to a group, or contain information pertaining to a group of individuals. This technology is comparatively passive, as it intercepts all data once it has been implemented. For this reason, it is also real-time, as it only intercepts data that is currently being transmitted.

Lawful interception refers to ‘the process of secretly intercepting within a network communications between parties of interest to Law Enforcement Agencies.’[32] This process is commonly referred to as ‘wire-tapping’, and has been used historically to intercept telephone networks. As communications increasingly take place over the Internet, including social media, there is a push among law enforcement agencies and private security technology manufacturers to facilitate lawful interception online. One of the challenges for police is that communication over the Internet can take place over a myriad of platforms, using any number of protocols, and be transmitted over a variety of wired and wireless networks. Deep Packet Inspection (DPI) is the process by which the flow of online content, in the form of packets, is intercepted. Instead of scanning the header of an IP packet, DPI scans the content as well. DPI poses several functional advantages, including the fact that it can scan communication data in real time, and that this functionality can be integrated into other equipment ‘thus creating the possibility for major economies of scope in implementation.’[33] In some cases, DPI devices will separate the process of capture (Deep Packet Capture), and perform the inspection at a later point. Once data packets have been intercepted, decoding and reconstruction of data is a follow-up process. Free and open source protocol analysis programs like Wireshark can be used to detect traffic to and from social media sites like Facebook.[34]

Fifth, investigators can obtain social media information by installing software on the targeted individual’s computer. This is typically accomplished with a Trojan, which is software that masks its actual functions by appearing to perform a separate — and typically more benign — function. Once the Trojan has been installed, it automatically intercepts data generated on the target’s computer. It also automatically distinguishes between different kinds of data, and can specifically target data from a social media service. This is arguably the most private kind of surveillance, as it collects data directly from the targeted user’s computer. Not only can information obscured by privacy settings be obtained, but user names and passwords to social media accounts can also be sought. This approach targets an individual’s computer, but the targeted computer may be employed by several individuals, for instance, a criminal enterprise or political group. This technology is passive in that it simply collects data that is generated on the computer. This collection happens in real-time, as opposed to retrospectively searching for data.

Sixth, social media data that has been captured can then serve as the basis for subsequent kinds of analysis. Various applications can accept social media input in order to provide some kind of social mapping. When the input is provided, the mapping process is fully automated, although there may be the possibility of manually modifying the mapping process. These systems do not distinguish between private and public data, but rather function with whatever data has been previously collected. They typically function by targeting collectives of individual users, although a targeted individual can also be highlighted and scrutinised. These systems involve the active input of data, and retrospective analysis of events or groups. While these applications usually operate retrospectively, some products offer real-time monitoring and analysis, especially when combined with interception capabilities. Four categories of analysis are considered below.

Temporal-based reconstruction services provide an account of an event by sorting out and mapping social media data in a temporal and spatial manner, using time and location based data and meta-data. An example of mapping social media data in a temporal manner is Facebook’s Timeline, which arranges existing data on a Facebook profile in chronological order. While social media data is typically already arranged this way, Timeline’s interface makes it easier for any user to access content from a targeted user’s deep archive, as you can simply move to a specific year and month, as opposed to scrolling through a stream of data.

Sentiment analysis services purportedly assess the affective response of a group of users, based on words used in social media communications. Sentiment analysis has a number of practical applications. In the domain of market research, it provides insight into how a targeted market segment feels about a particular product, brand or related issues. In the domain of security and law enforcement, sentiment analysis reportedly can identify violent extremists online, as a result of the textual content these users upload.

Images and names obtained on social media services can be inputted into a database for facial recognition software. This is a feature that social media companies have integrated into their platforms, for instance, with Facebook’s introduction of Tag Suggestions in 2011. Tag Suggestions works by requesting that the user identify faces that appear in photographs. Once names are associated with faces, the Tag Suggestion features purports to then automatically identify those users in subsequent photographs.

Social media profiles contain relational data. This not only includes an individual’s friends, subscribers, etc, but also data that measures the extent to which one individual communicates with these connections. Mapping out social relations is relevant in its own right, as communication patterns online can serve as intelligence in an investigation, especially when this information also contains locational and temporal metadata. In addition, recent scholarship on social networking sites provides support for the claim that one can make assumptions about a target on the basis of the company they keep.[35]

This section provided a detailed (but likely incomplete) overview of various social media surveillance technologies currently employed by police and investigators. These include a range of techniques and technologies that make use of social networking site data, but also their interfaces. The table below provides an overview of the six general types of technologies, based on the five criteria identified in the descriptions.

Private Data
Manual search on platform
Public and Private
Individual or Collective
Real-time or Retrospective
Legal compliance
Private (including Public)
Open source intelligence
Manual and Automated
Real-time or Retrospective
Lawful interception
Private (including Public)
Individual or Collective
Targeted interception
Private (including Public)
Further analysis
Automated and Manual
Public and Private
Real-time or Retrospective

Table 1: Summary of Social Media Surveillance Technologies

The table above indicates that the options for social networking site surveillance made available to law enforcement vary according to degree of automated versus manual intervention, the use of public versus private data, the targeting of individual versus collectives of users, the active versus passive collection of data, and the use of real-time information flows versus retrospective data.


Figure 1: Mapping six different Social Media Surveillance Technologies

In addition to possessing different attributes, the six techniques also target specific points in the communication process on social media. Manual search on a platform involves creating a profile on the social networking platform, and either accessing public information from public sections of profiles, or private information from profiles with which the investigator has a connection. In the case of legal compliance by social networking sites, police will contact the platform operator directly, who will then provide both public and private content from the site. In the case of open source intelligence, an external service is used to access public content from the platform. With lawful interception, data is accessed at the communication stage. This is typically performed at the level of the service provider, but interception can occur at other stages, for instance, on a telephone line. Targeted interception, such as Trojans, retrieve data directly from the target’s computer. Finally, once social networking data has been collected, investigators can then perform further types of analysis, including social network analysis and facial recognition.

The technologies described in the preceding sections and visualised in the above figure provide a working inventory of systems available to police for the analysis and monitoring of social networking sites. However, other means of intervention are possible. Investigators may also rely on various forms of hacking, including attempting to crack a user’s secured account, attempting to break into a secure server, but also using social engineering to gain a user or network operator’s trust.

The above findings are multifaceted and disparate, but together they provide some indication of the current and future state of social media policing. A broad range of technologies — including hardware, software, techniques and assemblages of the above — make up a robust set of systems from which social media content is accessible to police and other investigators. These technologies intercept at almost every point in the communication process. Given the novelty of these technologies, coupled with a general lack of awareness of how they function, several concerns are apparent.

For the public, relations with the police and awareness of current and potential police practices are compromised by a general opacity surrounding social network analysis by investigators. This opacity is twofold: not only are the public unaware of when the systems described above are put to use, they are often unaware that these systems are used in their jurisdiction. While intelligence agents require a degree of secrecy in their operations, the lack of public knowledge surrounding of these systems, their affordances and their social consequences, is striking when public interest in social media platforms is so high.

Insofar as social media platforms and the technologies that enable their monitoring can both transcend any single jurisdiction, the full legal impact of this monitoring is beyond the scope of this article. However, we can immediately note that the use of such monitoring technologies has generated widespread controversy.[36] The continued development of large-scale monitoring of social media content with schemes such as PRISM will generate controversy in terms of legal jurisdiction. In addition, their use will call into question existing protocols such as probable cause, as there is no consensus regarding the threshold for criminality on social media platforms. Furthermore, we may anticipate controversy about police use of social media content that is authored in one cultural context, and is interpreted in a separate context.

The example described in this section addresses an array of technologies made available to police to monitor social media platforms. This constitutes a growing form of social media policing, where user activity meant for non-policing sociality is repurposed for investigations. The following two sections consider examples where users themselves are more actively involved in monitoring and policing, as ground-up and top-down schemes, respectively.

4 Example Two: The 2011 Vancouver riot[37]

The previous section considered the expansion of police powers through new investigative techniques and technologies on social media platforms. In contrast, the example in this section considers bottom-up (that is, user-led) crowdsourced policing. Users are able to direct visibility and scrutiny against instances of police misconduct. Yet user activity does not always follow this tendency. User response to the 2011 Vancouver riot illustrates an amplification of policing through social media. Social media users are identifying and shaming suspected criminals. Sites like Facebook are remarkably effective platforms for citizens to persecute each other, following a broader online culture of sharing and interacting. Citizen activity, far from supplanting conventional policing, actually enhances its scope.

The final game of the 2011 Stanley Cup Playoffs was a turning point for social media policing. After the Vancouver Canucks lost to the Boston Bruins on 15 June 15, roughly one hundred thousand people converged in downtown Vancouver, set fire to cars, and destroyed storefronts. Within an hour of these events, citizens turned to Facebook to express their outrage. They submitted photographic and video evidence in the hopes of identifying suspected rioters. Users took advantage of ubiquitous mobile cameras, an element that was missing from previous hockey riots. These riots are not a novelty in Canada, but they have always had a degree of anonymity; they were never this visible. Yet in 2011, they yielded an unprecedented amount of social media content. Riot-themed groups grew on Facebook, and one entitled ‘Vancouver Riot Pics: Post Your Photos’ garnered over one hundred thousand users, over five million views and countless photographs in under five days. Its members believed that this kind of shaming through visibility is ‘as strong as a deterrent you will find to prevent this [riot] from happening again.’[38] While the admissibility and credibility of many of these photographs were questionable, the group marks a shift towards greater policing of social life through social media and mobile technology. Users directly contributed photographs, names and descriptions of incidents. Since 2011, other instances of such user-led crowdsourced policing can be found on Facebook, including a group page where tourists can share images and other information about thieves in Barcelona.[39]

User-led crowdsourced policing appears to serve two purposes. First, it can be treated as a source of information for police. In other words, it is situated as an ancillary branch of conventional policing. Yet it is also a distinct, citizen-led form of criminal justice. When suspected criminals are made visible online, ‘naming and shaming’ becomes a separate kind of punishment. Following the Vancouver riot, first charges were not issued for six months,[40] but the visibility and persecution found on the Facebook group had an immediate impact on the lives of suspected rioters.[41] Such impacts must be considered when evaluating these kinds of user-led policing of citizens. By publicising the personal details of individuals who are suspected of rioting and non-criminal breaches of social protocols, the targeted individuals’ privacy and other rights may be violated. The legal implications need to be considered, especially in a context where anti-bullying legislation targets attempts to harass or otherwise target individuals online.[42] The boundary between seeking justice and persecuting individuals online is blurry, especially when such activity is left to untrained and unaccountable amateurs.

Police investigations certainly benefitted from the thousands of photographs and hundreds of videos that they received.[43] In the aftermath, a report commissioned on the Vancouver riot pointed to the importance of social media in the above events. However, they acknowledged that Vancouver police did a suboptimal job of anticipating rioting based on social media activity, and recommend more aggressive intelligence gathering online.[44] Commenting on the ‘overwhelming’ volume of data. VPD Sergeant Dale Wiedman states that they ‘have names of suspects before we know exactly what they did and where they did it.’[45] While the amount of information and the speed at which it can be accessed may be a challenge for police, their continued adoption of social media suggests that this challenge is temporary. Identifying suspects before knowing ‘what they did’ furthers pre-emptive policing,[46] as identification and judgement occur before any formal investigation.

Police are developing ways to sort out social media content with strategies that simultaneously bypass and enrol users. In the case of the Vancouver riot, users drew on their social ties to identify and shame suspected rioters. Yet as seen in the previous section, police can also to skip these interactions to access evidence online. The Vancouver police partnered with the Insurance Corporation of British Columbia, who offered their facial recognition technology to identify suspects online.[47] While they still rely on social media users to submit this content, it is only their content that matters. The increased scrutiny of sites like Facebook suggests that while users can be active agents through self-expression and social coordination, so too are they visible and accessible to institutions and governments, reduced to searchable and contextually relevant content. They may choose to actively contribute to police work and social scrutiny more generally, but they are always involved through their digital presence. Individuals and police are collaborating, but this is often an unwilling partnership. The developments described above suggest that users are made all the more visible as a result of the personal information that they and their peers upload on social media. They are also decoupled from that evidence when it comes to investigative practices. In effect, social media content speaks on users’ behalf.

5 Example Three: Crowdsourcing Online Surveillance[48]

The riot response detailed above is an instance where policing is performed by a self-organising crowd of users. But many examples of crowdsourcing have a top-down organisational structure. In the context of policing and Internet surveillance, initiatives and business models harness user activity in order to supplement existing top-down policing and surveillance, but also to yield a profit. While these initiatives are not exclusively located on social media, they represent an increased presence of crowdsourced surveillance on digital media that are regulated by institutions. An early example of such criminal justice crowdsourcing is Blueservo. This project was first proposed in 2006 with the intention of crowdsourcing the policing of the Texas region of the US-Mexico border. It is ‘designed to empower the public to proactively participate in fighting border crime.’[49] Here, crowdsourcing intersects with the media culture of crime-based reality shows like Crimewatch and America’s Most Wanted, which made appeals to their audiences for personal information about suspects.[50]

Following BlueServo, other initiatives attempt to regulate the crowdsourced surveillance of social life online. Internet Eyes[51] acts as an intermediary between businesses that require personnel to sort through their CCTV footage, and individuals who want to do this work. Quoting their website: ‘Internet Eyes is an online monitoring solution, allowing our registered members to view live CCTV camera feeds from our Business Customers, and notify them the instant a crime is observed.’[52]

This service has a rather explicit business model. Its customers are shop-owners and other businesses-owners who require a crowd of individuals watch over their shop via CCTV footage that is live-streamed over the Internet. This costs businesses £75 per month. Individuals include anyone from EU/EEA countries, as well any countries with a data sharing agreement with the EU. These individuals have to pay a membership fee, ostensibly for legal reasons. Membership fees start at £1.99 per month, but there are discounts for quarterly and annual subscriptions. Individual performance is assessed through a points-based system, where users receive points directly from businesses. Individuals receive ten points if they alert the business to a crime, one point if they act on good faith, but no crime is detected, and they lose two points if the business believes that individuals provided a false or malicious alert. While the point system is a way of managing relations between businesses and individuals, Internet Eyes offers a £1,000 reward every month to the user with the highest amount of points. It also offers monthly payments based on the amount of hours a viewer is engaged. For every thirty hours of viewing, the user receives £0.50.[53] This amount increases to £1.00 for forty-five hours, and £1.50 for sixty hours. CCTV feeds are transferred from the store’s cameras to the site’s servers, at which point it is encrypted and then accessed by the user. Feeds from all clients are combined, randomised and anonymised, in order to prevent users from determining the location of a camera. Users access four feeds at once, which they can refresh at any point to obtain new feeds. Otherwise, new feeds are automatically selected after twenty minutes.

Internet Eyes also maintains a Facebook group, where the company promotes new features as well as any mass-media coverage. Users also turn to this Facebook group to discuss their activity and occasionally raise complaints. User complaints include technical issues like when a camera fails to load, as well as when they receive negative feedback from shopkeepers. This forum also contains user comments about monitored shoppers’ behaviour and appearance. One user comments on poor shopper etiquette: ‘wouldn't you think that if you knock something off a shelf when doing your shopping, you might pick it up? Grrrr.’[54] This same user polices how shoppers are dressed: ‘Brrrr....... [sic] someone shopping wearing shorts! Everyone else in boots and coats!’[55] The combination of crowdsourced CCTV and social media gives users a venue to observe people (who are unaware that they are under watch), and report their behaviour to an audience. Even if they do not identify these people by name, their personal details leak from being captured on camera, to having that footage sent to an Internet Eyes user, who then describes their behaviour and appearance on a public forum.

As of 6 February 2012, Internet Eyes had over 7 000 subscribers for roughly 70 businesses.[56] Although Internet Eyes has many supporters between its user base and the media, it has also elicited controversy and sanctions. The UK Information Commissioner’s Office (ICO) ordered the company to take better measures when footage from their site was leaked onto YouTube. Deputy commissioner David Smith asserts that ‘CCTV footage should not end up on YouTube when it shows someone simply out doing their shopping. A person’s CCTV image is their personal data.’[57] Not only does this complaint identify a person’s image as personal data, it makes reference to the ease with which this personal data can leak to other contexts. James Welch, legal director of the civil liberties organisation Liberty questions professionalism of crowdsourced operators as a condition: ‘If we're going to have so many CCTV cameras in this country, then we need to be reassured that they’re being operated professionally.’[58]

Internet Eyes has also received the attention of the civil liberties group Big Brother Watch. This group also expresses concerns over privacy, describing Internet Eyes as ‘a rather, well, creepy project which allows voyeurs sitting in their living room to watch CCTV networks and report people suspected of committing crimes for cash rewards.’[59] They also raise concerns that national data protection laws will not bind users outside of the UK. In effect, these watchers are ‘outside of the law.’[60] The negative public press has compelled some businesses to cancel their subscription. Jinx Hundal, who owns several Budgens food retailers, stopped using it in three stores in Norwich, stating ‘I have spoken to customers [...] there have been concerns raised, with customers saying they were uneasy about being viewed by members of the public.’[61] While Internet Eyes is meant to deter shoplifting, it also had a chilling effect on customers’ sense of privacy.

Internet Eyes marks a further offloading of surveillance tasks — such as identifying criminal events and reporting these events to shop-owners — onto a broad public. Protocols regulate how information is circulated among the crowd, but they also incentivise targeted scrutiny through a reward system. Suspects, shopkeepers, users, and Internet Eyes itself are located in a networked model of surveillance that combines distributed efforts and a central mandate. To be clear, Internet Eyes is one example that is embattled both in terms of public criticism and in its struggle to be a viable business model. Yet it is indicative of tendencies that may manifest elsewhere. Consider Facewatch, a company that launched a mobile application for users to identify suspected thieves.[62] These developments also demonstrate that crowdsourced surveillance on social media, and digital media more generally, can be solicited and coordinated by businesses and other institutions.

6 Conclusion

Social media platforms are not only repurposed for conventional policing online, but also for user-led and institutionally-crowdsourced policing. Ground-up and top-down forms of policing do not exist independently. Rather, they interact with and influence one another. In some instances bottom up policing can counter conventional police work, or interfere with it. Yet in other circumstances it reinforces police work, whether or not this is the intention. The above examples of crowdsourced policing suggest that although digital media can potentially empower users, so to does it enable a ground-up manifestation of state power in the form of law and order politics, including profiling and discrimination. Despite celebratory accounts that suggest otherwise,[63] user-led activity is not necessarily socially beneficial. Rather, it is often a reproduction of discriminatory and other harmful police practices. At the same time, while all of the above may be a kind of general counter-power by the mere fact that users themselves are performing a kind of policing, actual police activity on social media suggests that conventional social control prevails. Users and members of the public may be willing participants in police work, but they are also unwilling participants when their personal information is repurposed as evidence.

Both individual users and institutions have embraced social media, as well as the policing of these platforms. Yet this enthusiasm is mixed with uncertainty about what can be expected from these services. Social life is represented in great detail on these spaces, but the practices that surround this presence are being negotiated. With emerging techniques and access, police can effectively bypass privacy barriers and other attempts to maintain secrecy. Social media policing is indicative of a new paradigm of visibility. Social media users produce staggering quantities of information on social media platforms that contribute to a convergence of formerly distinct social spheres. Decentralised technologies like social media and ubiquitous mobile devices, coupled with centralised databases and mandates, bring an exponential increase in visibility.[64] All are made more visible, but these developments also augment the possibility for profiling, as well as anticipatory policing. Another risk is that the techniques above become standard and reproduced in other branches of social media sociality. Not only does social media visibility creep into policing, but social media policing may also creep into the rest of social media sociality. This risk is especially viable when users come to criminalise their content and connections, and begin policing their social networks.

These developments force a reconsideration of policing. But they also force a reconsideration of the social features of social media. They help identify an evasive quality of social media: their access to social life. The Internet was previously framed in terms of anonymity and a distinction from face-to-face sociality. Yet its continued growth, coupled with mobile and geo-locational technologies, means that it is embedded in social life. Police are embedded in the public, but their use of social media does not resemble community policing. Evidence obtained through social networks is privileged over ties with community. Subsequent research requires multiple sites of focus. To be sure, investigative agencies ought to be under greater scrutiny. Agencies that are able to know so much about social life should in turn remain visible to scholarly research and civil society. In addition, research should focus on how these technologies and practices reshape relations between suspects and their peers. As investigations on social media become a standard practice, criminal suspects will undoubtedly rethink their online presence.

The growing popularity of social media services, coupled with technical and legal modifications of platforms, as well as the introduction of new social spheres to these platforms amounts to a perpetual ‘beginning’ in this area. Police users in particular report that their activity on sites like Facebook are both formative and tentative. Scholars and public figures should maintain a focus on the growth of social media policing, in order to maintain public awareness of how social media data renders social life visible to police and other investigators.

[*] Daniel Trottier is a postdoctoral fellow at the Communication and Media Research Institute, University of Westminster, where he participates in two European Union projects on security and social media. He previously held postdoctoral fellowships in the Department of Informatics and Media at Uppsala University and the Department of Sociology at the University of Alberta, and obtained his PhD in Sociology at Queen’s University, Canada. He is the author of the book ‘Social Media as Surveillance,’ published by Ashgate, as well as numerous articles on the sociology of digital and social media.

[1] Alice Marwick and Danah Boyd, ‘I tweet honestly, I tweet passionately: Twitter users, context collapse, and the imagined audience’ (2010) 13(1) New Media & Society 125.

[2] Daniel Trottier, Social Media as Surveillance: Rethinking Visibility in a Converging World (Ashgate, 2012).

[3] Daniel Trottier and David Lyon, ‘Key Features of a Social Media Surveillance’ in Christian Fuchs, Kees Boersma, Anders Albrechtslund and Marisol Sandoval (eds), The Internet and Surveillance: The Challenge of Web 2.0 and Social Media (Routledge, 2011) 89; Christian Fuchs and Daniel Trottier, ‘The Internet as Surveilled Workplayplace and Factory’ in Serge Gutwirth, Ronald Leenes, Paul De Hert and Yves Poullet (eds), European Data Protection: Coming of Age (Springer, 2013) 33.

[4] Fuchs and Trottier, above n 3.

[5] David Lyon, Surveillance Society: Monitoring Everyday Life (Open University Press, 2001).

[6] Mark Andrejevic, ‘Privacy, Exploitation, and the Digital Enclosure’ (2009) 1(4) Amsterdam Law Forum 47.

[7] Trottier, above n 2.

[8] Mark Andrejevic, ‘The Work of Watching One Another: Lateral Surveillance, Risk, and Governance’ (2005) 2(4) Surveillance and Society 479.

[9] Roger Silverstone and Leslie Haddon, ‘Design and the Domestication of Information and Communication Technologies: Technical Change and Everyday Life’ in Roger Silverstone and Robin Mansell (eds) Communication by Design: The Politics of Information and Communication Technologies (Oxford University Press, 1996) 44.

[10] Mark Poster, ‘Consumption and digital commodities in the everyday’ (2004) 18(2) Cultural Studies 409.

[11] Kevin Haggerty and Richard Ericson, ‘The Surveillant Assemblage’ (2000) 51(4) British Journal of Sociology 605.

[12] David Lyon, Surveillance Studies: An Overview (Polity Press, 2007).

[13] Luis Millan, ‘Insurers and Social Media: Insurers’ use of social networks impinges on privacy rights’ (25 March 2011) The Lawyers Weekly,

< & volume=30 & number=43 & article=2> .

[14] Ben Popken, ‘Facebook is Number One Tool for Divorce Lawyers’ (18 May 2011) The Consumerist <> .

[15] James Glanz and John Markoff, ‘Egypt Leaders Found “Off” Switch for Internet’ New York Times (online), 15 February 2011

<> .

[16] Hannibal Travis, ‘YouTube from Afghanistan to Zimbabwe: Tyrannize Locally, Censor Globally’ (2011) 11-10 Florida International University Legal Studies Research Paper <> .

[17] James Surowiecki, The wisdom of crowds (Anchor Books, 2004); Jeff Howe, Crowdsourcing: Why the Power of the Crowd is Driving the Future of Business (Three Rivers Press, 2008).

[18] Lee Salter, ‘Structure and Forms of Use: A Contribution to Understanding the “Effects” of the Internet on Deliberative Democracy’ (2004) 7(2) Information, Communication & Society 185; Göran Bolin, ‘The Labour of Media Use’ (2012) 15(6) Information, Communication & Society 796.

[19] Justin Davenport, ‘Online CCTV system goes nationwide after slashing thefts in city’ The Evening Standard (online), 23 September 2011

<> .

[20] Jane McGonigal, Engagement Economy: The Future of Massively Scaled Collaboration and Participation (2008) Institute for the Future <> .

[21] Cf Haggerty and Ericson, above n 11.

[22] Alexander Galloway and Eugene Thacker, The Exploit: A Theory of Networks (University of Minnesota Press, 2007).

[23] Ibid.

[24] Haggerty and Ericson, above n 11, 605.

[25] Clive Norris and Gary Armstrong, The Maximum Surveillance Society: The Rise of CCTV (Berg Publishers, 1999).

[26] Oscar Gandy, The Panoptic Sort: A Political Economy of Personal Information (Westview, 1993).

[27] Clay Shirky, Here Comes Everybody: The Power of Organizing Without Organizations (The Penguin Press, 2008).

[28] Daniel Nazer, ‘Australia Moves to Massively Expand Internet Surveillance’ (28 August 2012) The Center for Internet and Society

<> .

[29] Ryan Gallagher, ‘FBI Pursuing Real-Time Gmail Spying Powers as “Top Priority” for 2013’ (26 March 2013),

<> .

[30] Daniel Trottier, ‘Mutual Transparency or Mundane Transgressions? Institutional Creeping on Facebook’ (2011) 9(1/2) Surveillance & Society 17.

[31] Sir David Omand, Jamie Bartlett and Carl Miller, ‘Introducing Social Media Intelligence (OSINT)’ (2012) 27(6) Intelligence and National Security 801.

[32] Philip A Branch, Lawful Interception of the Internet (CAIA Technical Report 030606A, 2013) 1.

[33] Ralf Bendrath and Milton Mueller, ‘The end of the net as we know it? Deep packet inspection and internet governance’ (2011) 13(7) New Media & Society 1142, 1144.

[34] LoveMyTool, Wireshark Quick Tip: Finding Facebook Users (25 October 2010) <> .

[35] For an example of determining sexual orientation based on social networks, see Carter Jernigan and Behram F T Mistree, ‘Gaydar: Facebook friendships expose sexual orientation’ (2009) 10(5) First Monday

<> .

[36] Glenn Greenwald and Ewen MacAskill, ‘NSA Prism program taps in to user data of Apple, Google and others’ The Guardian (online), 7 June 2013

<> .

[37] This section draws on findings from earlier research which can be found at: Daniel Trottier, ‘Policing Social Media’ (2012) 49(4) Canadian Review of Sociology.

[38] Vancouver Riot Pics: Post Your Photos, About (2011)


[39] I know someone who got robbed in Barcelona. I know someone who got robbed in Barcelona <>.

[40] The Vancouver Police Department, Crown Counsel Approves First Wave of Riot Charges (30 November 2011) <> .

[41] The Canadian Press, ‘Water polo player suspended for role in Vancouver riot’ CBC Sports (27 September 2011)

<> .

[42] CBC News, ‘N.S. cyberbullying legislation allows victims to sue: Law enables victims to apply for protection orders or identify alleged cyberbullies’ (7 August 2013), <> .

[43] John Rieti, ‘Vancouver riot photos spark identity probe: Police launch process of gathering thousands of images to nab vandals, thieves, arsonists’ (17 June 2011),

<> .

[44] John Furlong and Douglas J Keefe, Q C, ‘The Night the City Became a Stadium: Independent Review of the 2011 Vancouver Stanley Cup Playoff’ (Government of British Columbia, 2011).

[45] CBC News, ‘Vancouver police shift blame for riot: 117 arrested but only 2 charged’ (20 June 2011), < >.


[46] Lucia Zedner, ‘Pre-crime and post-criminology?’ (2007) 11(2) Theoretical Criminology 261.

[47] CBC News, ‘B.C. authorities discuss Vancouver riot charges: Family moves out to avoid vigilante threats’ (20 June 2011),

<> .

[48] This section draws on findings from earlier research which can be found at: Daniel Trottier, ‘Crowdsourcing CCTV surveillance on the Internet’ (2013) online first, Information, Communication & Society.

[49] BlueServo, BlueServo <> .

[50] Mark Fishman and Gray Cavender (eds), Entertaining Crime: Television Reality Programs, (Aldine De Gruyter, 1998).

[51] Internet Eyes, Internet Eyes (18 January 2013) <> .

[52] Ibid.

[53] Internet Eyes, How to view live CCTV and prevent crime (18 January 2013)

<> .

[54] Internet Eyes, Internet Eyes (18 January 2013)


[55] Ibid.

[56] D W, ‘Internet Eyes: Community Surveillance – Shift,, 6 February 2012, <,,15676531,00.html> .

[57] Tom Brewster, ‘CCTV service Internet Eyes forced into privacy changes’ (14 June 2011) IT Pro <> .

[58] Peter Price, ‘Who is watching you on CCTV?’ (27 November 2010) BBC News, <> .

[59] Big Brother Watch, New privacy concerns about Internet Eyes

<> .

[60] Ibid.

[61] Tracey Gray, ‘Norfolk shopkeeper backs out of using Internet Eyes system’, Eastern Daily Press (online), 15 March 2011,

<> .

[62] Facewatch <> .

[63] Shirky, above n 27.

[64] Haggerty and Ericson, above n 11.

AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback