Digital Futures

Lessons from Lockdown

Foreword

Covid-19 has fast-tracked the digital acceleration of our lives. From school to work, socialising to entertainment, for many, the digital world has provided a medium of solace and connection as we come to terms with the possibility of a more socially distanced world.

For businesses, universities and governments, the online sphere has also been a vital vehicle through which effective functioning can continue. Faced with the adversity of the pandemic, countless organisations have been forced to repurpose, pivot and adapt in order to survive. And, even as stay-at-home orders are being lifted in many areas of the world, some institutions are proving reluctant to un-digitise and revert back to the face-to-face norms of before.

In many ways, digitalisation has greatly transformed our lives for the better. With investment into practises such as remote working, telehealth and online learning at an all time high, Covid-19 has dramatically shifted the discourse surrounding technology. Indeed, whilst the dawn of the Fourth Industrial Revolution may have been on the horizon for some time, coronavirus has proved to be its unexpected catalyst.

However, migrating to the virtual is not devoid of challenges. Whilst the digital world has evolved to become a lifeline for many throughout the pandemic, navigating this relatively alien territory remains yet to be chartered.

As part of our Post-Covid series, this collection of articles from academics across The University of Manchester explores these challenges and opportunities across a range of topics, including mental health, cyber security and furlough. Each article makes a series of recommendations as to how policymakers can yield this radical digitalisation to reimagine and remould our future for the better.

Profiting from pandemics: COVID-19, changing routines and cyber crimes

Dr David Buil-Gil, Professor Nicholas Lord, Professor Emma Barrett, Professor Daniel Dresner and Brian Higgins

The COVID-19 crisis is driving changes in the routines of institutions and individuals, as businesses, educational institutions and other organisations recommend or require employees to engage in social distancing in a collective attempt to minimise the spread of the virus. As well as having global socioeconomic effects, these changes in routine create opportunities for crimes. Dr David Buil-GilProfessor Nicholas LordProfessor Emma Barrett, Professor Daniel Dresner and Brian Higgins  examine what these new crime opportunities might be, and how we might mitigate the impact of digital security issues.

The move towards home working is affecting a large proportion of the population, and we can expect residential burglaries to decrease and domestic violence to increase in the coming weeks.

The number of cyber security incidents is likely to increase in the coming months, given the growing number of employees working from home.

Organisations asking employees to work from home should make sure they alert employees to the risks they may face when conducting their activities from home.

Individuals and small businesses need to be aware of attempts to entice them into parting with their cash.

The UK Government needs to identify and disavow attempts to target businesses and individuals – especially as some have done so by masquerading as UK Government departments or agencies.

Home working, routine activities and cyber-victimisation

The move towards home working is affecting a large proportion of the population. Those directly affected by the virus are encouraged to self-isolate, and many companies are asking employees to work from home. This has obvious impacts on citizens’ offline and online routine activities. For instance, many people will now be using their personal computers to access business information and web conferencing will be taking the place of in-person meetings. The number of people out on the streets will decrease dramatically and online shopping will likely grow as a way to purchase products and services. Businesses will most likely remain empty while homes will be occupied most of the time. All these changes are already affecting opportunities for crime.

The volume of residential burglaries will probably decrease in the following weeks, given that many will remain at home throughout the day and serve as guardians of their households. Pickpocketing is also likely to decrease around tourist attractions with fewer people to target. Nevertheless, the COVID-19 crisis may have the opposite effect on burglaries at businesses, since shops and companies may be targeted by criminals given the extended time that these remain empty, and domestic abuse rates are likely to grow.

The fact that many employees will begin using their personal computers and laptops to conduct business-related activities from home is also likely to increase digital vulnerabilities and cyber-victimisation. Many personal computers suffer from poor software protection, whereas office-based business-owned computers tend to be better protected against computer viruses. For instance, our preliminary analyses of the UK Government’s Cyber Security Breaches Survey suggest that companies that allow employees to use their personal computers to conduct business activity increase the likelihood of suffering cyberattacks by more than 20 percent. So we can expect the rate of cyber security breaches to increase in the coming months. But there are other cyber crime-related issues that are also likely to arise.

Online frauds and phishing

The internet allows for an increased visibility and accessibility to crime targets due to the absence of online guardians and the frequency and variety of everyday activities that users conduct online. If the COVID-19 crisis multiplies the number of users of e-commerce systems, either because persons with symptoms are self-isolating or because citizens spend more time at home to prevent contagion, it is also likely that new opportunities for online fraud will arise.

One may expect that the more online shopping there is, the more opportunities for cyber-criminals to target victims online. Moreover, the growing concerns about the spread of the virus create new opportunities for the selling of fraudulent coronavirus-related products. UK Action Fraud (the UK’s reporting centre for financial cyber crime) has so far identified more than 20 scams directly related to the pandemic, with victims’ losses greater than £800,000. The most prevalent example is the selling of disposable dust or surgical masks instead of recommended protective equipment, or the selling of masks that are never delivered. Other examples are the selling of bogus coconut and kale ‘cures’. Amazon has already removed more than one million fraudulent products. Moreover, cryptomarkets, which are typically used to pay for drugs, computer viruses and credit card details, are now being used to sell surgical masks and even coronavirus-infected blood.

Cybercriminals abuse public concerns about coronavirus in phishing campaigns, with bogus emails (see Figure 1) deployed to harvest login details from victims. Offenders also exploit the altruism of those who want to help: Kaspersky has reported fraudulent emails asking users to donate Bitcoin to support the finding of a vaccine. There are also reports of online ‘coronavirus maps’ designed to disseminate malware and steal passwords.

And criminals will entice victims with almost-credible promises in forged government notices, such as the one below in Figure 2.

Figure 1. Fraudulent email

Screenshot of an email, the subject title is 'Confidential Cure Solution on Corona Virus' The body of the email read "Corona virus prevention vaccine and cure medication has been securely developed by our medical scientists who's names are meant to remain silent for security reasons. We know that the world has been struggling to contain this deadly virus developed and sprayed by wicked scientist to reduce the population of the world so the government will have control over you. The government of China knows the exact cause of this deadly virus. the government of America and other world government also knew about it but they end up blaming animal rodents for the outbreaks. This corona virus is a weapon created to discredit rivals government health systems or the other way to control the citizens of the world but due to some people like us and our medical teams hate the injustice going in this world . Our secret medical scientist team has developed the cure and prevention to counter this evil act of the world to save lives of innocent people around the world. For those interested to secure their lives kindly reply and get more information about shipping or delivery to you and private distribution.' Underneath this is a large blue graphic that reads 'Dr Carlos Gerrado sent you a free health guideline', underneath this is large yellow button with a link that reads 'Click for Corona-Virus Cure Review'

Source: Proofpoint

Figure 2. Forged Government notice

Screenshot from email, it has a black banner at the top that reads 'GOV.UK' in capitals. A white background with black texts reads 'The government has taken urgent steps to list coronavirus as a notifiable disease in law As a precaution measure against COVID-19 in cooperation with National Insurance and National Health Services the government established new tax refund programme for dealing with the coronavirus outbreak in its action plan. [In Italics] You are eligible to get a tax refund (rebate) of 128.34 GBP [Link text] Access your funds now The funds can be used to protect yourself against COVID-19 - (https://www.nhs.uk/conditions/coronavirus-covid-19/ precautionary measure against corona ) At 6. 15pm on 5 March 2020, a statutory instrument was made into law that adds COVID-19 to the list of notifiable diseases and SARS-COV-2 to the list of notifiable causative agents. [Bold] From Government Gateway [Bold] This is an automatic email - please don't reply

Source: Yorkshire and Humber Regional Cyber Crime Unit

What can organisations do?

The most effective strategy to prevent cyber crime is to develop training and awareness programmes specific to internet exposure risks. So, organisations asking employees to work from home should make sure they alert employees to the risks they may face when conducting their activities from home. Point them towards reputable sources of guidance. For instance, Action Fraud, the Financial Conduct Authority and National Cyber Security Centre (NCSC) have published tips to prevent fraud and phishing scams during the coronavirus crisis.

Ideally, organisations should also provide equipment and software for employees to work from home, but in these extreme circumstances, many employees will need to use their own devices. NCSC has published guidance for organisations on developing a ‘Bring Your Own Device’ policy, much of which will be relevant to people working from home.

What can individuals and small businesses do?

Individuals and small business owners should put in place short-term measures such as taking snapshot backups and assuring access to the work of colleagues who may need to take time off sick. Doing this without messy password-sharing is essential.

In addition, they need to be aware of attempts to entice them into parting with their cash. When buying goods, they should use reputable suppliers to avoid supply frauds. It is essential to be cautious when dealing with emails asking for money or to authorise a financial transaction. In such circumstances, a quick phone call to a reputable number to check the request is genuine might save you losing money to criminals.

What can the Government do?

The UK Government needs to move quickly to identify and disavow attempts to target business and individuals. The cooperation with e-commerce providers will be key to prevent fraudulent products from being advertised, and UK Government agencies should establish dialogue with insurance companies to ensure that these can manage the impact of COVID-19 on their operations while protecting consumers’ rights.

It is key that agencies such as Action Fraud, the Financial Conduct Authority and NCSC keep updating their guidance on this. To reduce offline risks, businesses will no doubt be reviewing the security measures at premises that will be left empty.

In order to mitigate the impact of social isolation on women and children experiencing domestic abuse, many charities offer opportunities for support via online methods, but they need resources to continue, and local governments and police must also play their part. At a time when council and emergency service resources are stretched to their limits, responding to intimate partner violence could easily be forgotten. The government must ensure that it is not.

Originally published 19 March 2020

Privacy pitfalls in combatting coronavirus digitally: Lessons from South Korea

Dr Michael Prentice

As the UK embarks on rolling out new digital and mobile capacities in the fight against COVID-19, other countries may serve as bellwethers for potential issues.  Dr Michael Prentice, Research Fellow in Digital Trust and Security, discusses privacy issues that arose in South Korea’s technology-driven response to the COVID-19 outbreak and how this could inform the UK Government’s response.

South Korea is generally held up as an example of a strong technology-driven response to stemming the COVID-19 outbreak. The country’s efforts at tracking the spread of the coronavirus through contact tracing were praised. Beginning at the peak of the outbreak in February, South Korean citizens received hour-by-hour detailed information on when and where potential infected persons were located via text messages, Facebook, domestic blogs, and Twitter. Citizen-based participatory efforts at visualizing the spread of movement via maps and apps allowed citizens to check whether they had crossed paths of suspected infected patients. This capacity has relied on a strong infrastructure for IT and surveillance and social acceptance for public monitoring.

Invasions of privacy?

However, as reported by the BBC and The Guardian, this information-robust response has spurred concerns about privacy risks. South Korean media (in Korean) have been rife with concerns that for many, the potential invasions of privacy are more “terrifying” than contracting the disease itself. A district office in Seoul had to issue a public apology for leaking personal information of a potential patient, and a health centre in the city of Pohang is under investigation for releasing a patient’s name and address. These offices are likely to face fines for mishandling private health data.

Like the EU’s General Data Protection Regulation (GDPR) instituted in 2018, South Korea’s Personal Information Privacy Act (PIPA), instituted in 2011, strictly protects ‘personally identifying information’ (PII) as key points of protection for organisations that collect or handle individual data. Individual leaks of identifying information, such as name, address, workplace and religion, pose risks to individuals, especially those in bio-vulnerable circumstances.

Judgements on (in)appropriate behaviour

One of the lessons the South Korean case raises is the broader circulation and utility of non-personally identifying information, such as ‘movement’ or ‘contact tracing’ data. That kind of data does not reveal specific PII, but even anonymised, de-identified information from highly transparent sources can pose social risks.

One risk is the revelation of what we might think of as socially identifying information, such as recognisable social types, places, or actions. As the Chosun newspaper in Korea reported, a person who was reported to have visited a hotel and a plastic surgeon’s office was ridiculed online for inappropriate behaviour. And as the Washington Post noted, one million citizens in the city of Daejeon received text messages about a visit by an infected person to a karaoke bar at midnight, which led many to assume the person was having an affair.

Another evident risk is being dubbed “secondary damage” from revelations of overly descriptive geographic patterns. Yonhap news reported that an apartment building in the city of Incheon had an outbreak owing to a small cluster of members of the Shincheonji church (the group through which the largest outbreak in Korea occurred) who resided there. The apartment building was labelled “Shincheonji apartment” online, stigmatising those who lived there but who were not church members. Apartment names, small neighbourhoods, and franchise businesses can face this kind of secondary or associational damage.

Reducing secretism

The emphasis on rapid, widespread, and accessible data on movement of patients from the South Korean government is not a cultural disposition; rather it comes from the response to the Middle East Respiratory Syndrome (MERS) outbreak in 2015. At the time, the government was criticised for not publicising hospitals where patients were being treated. A 2016 White Paper (in Korean) from the Ministry of Health and Welfare advocated for the swift release of movement information to combat accusations of bureaucratic secretism.

However, the actual level of technological coordination involved in tracking COVID-19 – said to involve credit cards, mobile GPS, transportation cards, and CCTV – has been overstated. Coordination was actually hampered by privacy regulations and inter-organisational logistical issues. Many of the actual ‘movement reports’ were assembled from oral reports, not big tech; they also included intimate details that are not personally identifiable, but not necessary to report either. Such reports may make the government accountable to the public, but they may not be the most useful for sharing information in widespread crises.

The National Human Rights Commission of Korea (NHRCK) has recently issued a warning about the excessive nature of information about private lives being released, leading to harms such as criticism, mockery, and revulsion. This may increase feelings of paranoia as the stigma associated with the virus may linger longer on places and people than the virus itself. South Korea has issued new guidelines as a result.

What UK policymakers should be aware of

The South Korean case indicates that the public can become over-interested in even anonymous information. This can lead to increased paranoia, stigma by association, or panic around certain social groups, and alert fatigue. While the UK and other countries may attempt to model the success of public health strategies used by South Korea, Singapore, or Israel, those countries’ policies are also shifting as the pandemic has evolved. Korea, for instance, is moving away from contact tracing, to more generalised quarantine guidelines for the public. A new announcement to coordinate better amongst 27 public and private organisations to deliver rapid contact tracing information will be used primarily for health authorities’ analysis and response, not for public information.

NHSX is currently assessing a new contact tracing app. UK policymakers should be aware of the potential pitfalls and over-promises from South Korea and strike a balance between what is necessary for public health and what information is not just personally identifiable, but socially identifiable. The UK already has experienced instances of anti-Asian sentiment in the early stages of reporting, and social fears or geographic stigmatisation could be confirmed or exacerbated through the specificities of information design. Even well-designed apps can provide a false sense of safety if only a limited segment of the population downloads it. (Korea for instance has only had a 35% success rate in having overseas travellers download a self-isolation monitoring application.)

South Korea’s privacy regulations include a special article that waives certain penalties and restrictions on the temporary handling of private data during a public health crisis. Yet they have not breached other privacy norms, such as making quarantine/tracing applications mandatory. They have even promised to delete any collected information after it is not needed. Therefore, while UK organisations should follow existing GDPR requirements as well as updates from the European Data Protection Board and the ICO, they should exercise caution in broaching privacy norms and expectations, even in a time of crisis.

Originally published 3 April 2020

How modelling can become a debate-support tool, not just a decision-support tool

Professor Graham Haughton, Dr Nuno Pinto and Professor Iain White

As many politicians around the world inform the public of their responses to the coronavirus outbreak, they frequently refer to the science on which their decisions are based. Professor Graham HaughtonDr Nuno Pinto and Professor Iain White explore the changing nature of how modelling tools are forming political and public debate.

Predictive risk models used to inform policy necessarily balance complexity with simplicity, grappling with data limitations and scientific uncertainty before being often reduced to simple messages to communicate findings to the public. In the current COVID-19 crisis, politicians around the world claim to be basing their decisions on ‘the science’, very much in the singular, effectively making claims on the authority inherent in science to help support what are inevitably political decisions. The outcry over the ‘herd immunisation’ theory that was initially discussed in relation to the UK response quickly revealed the political nature of science, as not only did other countries interpret their ‘science’ differently, but scientists quickly broke cover to challenge the assumptions involved. Very quickly other aspects of the modelling work relied on by the UK authorities generated scientific debate that carried over into the public arena, as the ‘black box’ of mathematical modelling was opened up and subject to critical debate about both the model and scientific practices. The singular ‘science’ of the early pandemic rapidly turned into a valuable global public discussion of alternative models, assumptions, and futures, and about the need for more transparency and greater openness in sharing data.

How modelling tools can support debate

The underlying context here is that models are often viewed as expert-led ‘decision-support tools’, designed by objective scientists to inform politicians, much more so in times of emergency. However, their use in COVID-19 quickly evolved, such that they took on a valuable additional role as public ‘debate-support tools,’ improving scientific literacy and enabling people to better understand future contagion risks. This latter approach takes modelling beyond providing evidence to support expert decisions, to instead fostering public debate around alternative policy options and alternative models, and the value judgements underpinning them, never more clear than when New Zealand’s Prime Minister declared that she had never considered ‘herd immunity’ and that the country’s population would find it unacceptable, with Donald Trump similarly rejecting the idea. The value of using models to create new spaces for public dialogue is that they can help reveal flaws in logic, judgement, design and potential implementation, highlighting areas of disagreement whilst building consensus around the most desirable options, in the process stimulating political as well as scientific debate.

Incorporating spatial variation

In short, what we have seen in COVID-19 is how mathematical models quickly morphed from decision-support to debate-support, and from the province of elite experts to being discussed in households around the world. We want to argue that we can go much further however; by combining a wider range of data and giving spatial expression to this we can help shift from the emergency response phase to better planning for future events. In particular, there are important opportunities for how we collect, analyse and represent data in the future.

At the moment, most of the modelling work presented to the public has drawn on mathematical modelling and by now familiar versions of graphs revealing actual and expected exponential growth curves, including variants of ‘flattening the curve’ of the epidemic peaks to levels health systems can cope with. These have proven very effective as simple visual representations of the limited data available and the need for clear public messaging. However, despite the complex modelling behind them, these diagrams still simplify reality. For instance, treating nations as a single space means that we still do not understand the reasons for how, where and when particular hotspots emerge within nations, as the disease spreads unevenly in a process that is likely to require increasingly locally tailored policy interventions. Particularly once the current round of national restrictions starts to be rolled-back and more widespread testing undertaken we might reasonably expect to see much more localised responses to future outbreaks and for this we need local data to be released quickly to the wider modelling community, particularly spatial modellers.

As the pandemic progresses and large-scale population testing of exposure is rolled-out, we can and must do more, and it is here that spatial modelling and mapping can help. Thanks to advances in geographical information systems (GIS) and open source software and data, intelligible models and maps can be quickly produced, refined and updated; used well they can be powerful tools for both analysis and public communication, but used poorly they can cause resentment or a backlash, as has sometimes happened with hazard maps for coastal retreat or flooding.

The importance of including local knowledge

Releasing finer-grained data around the spread of COVID-19 could allow modellers to develop a better understanding of factors that might contribute to controlling the spread of the disease without falling into too much aggregation or, worse, lack of transparency. For instance, detailed location data from smart phones have helped Singapore and South Korea to maintain a very low initial growth in cases, not without loss of privacy. But it will also help if we can build into our models a wider range of data sources. In Germany, Heinsberg, one of the hardest hit areas, has been adopted for a study collecting a very wide range of data to improve understanding of how the virus spreads across space and different social groups. There is a further step needed, however, of ensuring that the results of the modelling are presented effectively to local populations and experts so that they can help ground-truth the results, checking them against their local knowledge and lived experiences. This is one of the lessons we learn from flood risk mapping: computer modelling has vastly improved our understanding of large-scale catchment dynamics, but sometimes causes public anxiety when poorly communicated or perceived to be at odds with local knowledge.

The value of spatial modelling is it can help us understand more about why some areas, whether cities or neighbourhoods, have lower or higher levels of mortality than others. However, to avoid falling into the trap of earlier modelling exercises during the COVID-19 pandemic, lessons need to be learned about how to present the results openly in ways that foster debate amongst fellow scientists, the pubic and politicians.

Originally published 21 April 2020

The ‘new normal’ for talking therapies after COVID-19: user-led, remote, informal and universal

Dr Warren Mansel

During the COVID-19 pandemic, mental health services are providing support remotely.  Dr Warren Mansell, Reader in Clinical Psychology, discusses the positive ways that services have adapted and how they can be sustained in the future.

Prior to the crisis, and despite over a decade of government initiatives, demand has outstripped supply. Now during the crisis, particularly during lockdown, there has been a recognition of the increased mental health needs for issues such as domestic violence and abuse, traumatic grief, and addiction.

On top of the increased demand, the crisis has revealed that mental health services rely on procedures that make normal services impossible to deliver at the necessary scale and urgency during lockdown. These include:

·      Screening patients to check that their problems are severe enough to warrant any support;

·      Diagnosing patients to triage them for one of dozens of therapies known to have an evidence base for their specific condition – such as post-traumatic stress disorder, obsessive compulsive disorder, and social anxiety;

·    Appointments being set for people by services, often weeks ahead, and limiting the appointment to a specific number (e.g. six sessions in primary care);

·      Written materials such as questionnaires, thought diaries and activity schedules that patients are expected to complete before, during and after therapy, and storing clinical notes of what patients reveal during therapy and keeping these confidential.

Adapting to a new normal

However, the crisis has also provided the kernel of a solution. Many mental health services are adapting to remote working. There is a new normal emerging for many therapists during the crisis. This could be the model going forward.

Firstly, therapists (eg clinical psychologists, cognitive behavioural therapists, counselling psychologists) in mental health services should provide an array of slots for their clients to book to video call or telephone with them – potentially at home. The informality of this arrangement is potentially a benefit rather than an issue.

Services should provide a talking therapy (counselling, psychotherapy or cognitive behavioural therapy) that is directed by the client’s own immediate priorities, and the therapy should draw upon therapeutic principles for dealing with distress that are universal to everyone – to include people without a diagnosable mental health disorder.

A talking therapy of this kind – focusing just on enhancing the process of recovery within the client – would not require the huge degree of screening, diagnosis, extensive note-taking and confidentiality requirements that are commonplace at present – and that have proved so burdensome to manage during the COVID-19 crisis.

The effect would be to greatly increase the capacity for psychological therapy so that the existing unmet need can be met. Also, because people would book sessions when they needed them, this would ensure that the service is used efficiently, with greater support for those in greater need. By removing the requirement for much of the paperwork, the whole system would be more efficient. Such a vision may seem idealistic. Yet our research group has been accumulating evidence for such an approach for the last decade.

Universal approaches

The changes in mood, thinking and behaviour used to assess the severity of a psychiatric disorder are extremes of experiences in the wider population. For example, the majority of university students report some of the symptoms of bipolar disorder; and many people in religious movements value hearing voices (known as auditory hallucinations). Conversely, the sources of distress in people with severe mental health problems are often nothing to do with their psychiatric symptoms. All of this evidence suggests that people don’t need to have a ‘disorder’ to deserve and benefit from talking therapies. Without the stigma and often extensive referral procedure, therapies are much more accessible. It also opens the door for professions – health professionals, emergency staff, armed forces, teachers, prison officers – to get help to deal with their challenging work and be supported before their problems get more serious.

The changes in mood, thinking and behaviour that are targeted in talking therapies are largely the same, whatever the diagnostic label that a person is given; they are ‘transdiagnostic’. A series of studies we carried out consistently found the same ‘core process’ across a wide range of different mental health diagnoses. We are testing whether this core process is the restricted awareness of chronic goal conflict. Evidence of this kind indicates that there is little scientific case for requiring a lengthy diagnosis to establish different therapies for different disorders.

Control and self-direction

When people can choose their own appointments, they are more likely to attend, they choose a modest number of sessions (averaging three to four) to suit their own needs, and together this greatly increases the efficiency of the therapy. Moreover, in mental health services, and even in counselling in high schools, we have found that people prefer to book their own appointments and choose the topic for the session themselves. People thrive when given control.

In our in-depth interviews with people who have achieved long-term recovery from long-term mental health problems, they consistently tell us that they are ‘the directors of their own recovery’. We have evidence that the active ingredient of change during talking therapy may be a process that improves when a person can express their problems openly and freely. The therapist can enhance this through their questioning rather than requiring homework, psychoeducation or sharing of information. This process may even be carried out by trained novices, or enabled by an automated system that encourages the exploration of a problem. It may even work through instructions to write about one’s difficulties – expressive writing or journaling.

There is an opportunity now, to keep the new normal, and to make headway in supporting all those in need of psychological help, by providing user-led, remote, informal and universal talking therapies.

Originally published 18 May 2020

Furlough, fraud and the Coronavirus Job Retention Scheme

Pete Duncan and Professor Nicholas Lord

The Government-implemented Coronavirus Job Retention Scheme (CJRS) supports companies in their attempts to ride out the COVID-19 pandemic, permitting them to place employees on a temporary leave of absence known as ‘furlough’, and claim state aid to pay furloughed staff either 80% of their usual wages or up to £2,500 per month, whichever amount is lower. Whilst furloughed, employees are not permitted to conduct work for their employer. Pete Duncan and Professor Nicholas Lord discuss how dishonest CJRS claims might be made and how the Government can improve and make best use of the limited data they have to better protect public funds from fraudulent manipulation.

Whilst it comes at great cost to the taxpayer, the Job Retention Scheme provides (some) companies and workers with much-needed financial protection. It provides a lifeline to businesses whilst they tread water, ready to spring into action when the time is right. A number of drawbacks and ambiguities have been raised, but one downside that has been minimally discussed is the opportunity the Scheme creates for defrauding the state.

Figure 3. As the Job Retention Scheme increases in cost for the Government, stopping potential fraud is of paramount importance

Furlough frauds

Fraud can be broadly defined as dishonesty or deception for illegal gain, and usually takes the form of a false representation, an abuse of position, or a failure to disclose information, as covered in the Fraud Act 2006.

For instance, an employer claiming CJRS aid for furloughed staff, but encouraging or coercing those employees to continue working when they should not (perhaps through manipulation or the threat of job losses), would constitute fraud by false representation. In this way, deviant employers transcend ‘business as usual’ into a realm where business continues as normal but usual staffing costs are drastically reduced. This would be especially easy to organise in small companies with few co-offenders and little customer interaction.

Similarly, an employer claiming aid via the Scheme but withholding some (or all) of the received funds from their employees would constitute an abuse of their specific position of power, as they would be promoting their business interests at the expense of the employees they are obliged to safeguard. This might be more difficult to organise as victimised employees would be more likely to report the fraud.

These frauds can clearly harm Government and tax payers (as public funds are illegally obtained), as well as individual employees in need of financial support. There are also likely to be harms to wider business and social interests, as ultimately these monies will be repaid through taxes and trust in business may be eroded.

 (In)credible oversight?

We expect that most employers will not pursue fraudulent claims, either on the basis of social responsibility, or through more instrumental mechanisms to prevent furloughed employees from working (eg by cutting off access to employees’ email accounts). However, it is without doubt that in some organisational contexts and with the absence of credible oversight, motivated offenders will take the fraudulent opportunities the Scheme has created. The Government has implemented some interventions to safeguard the public purse from this exploitation, but there are a number of issues that need to be considered.

As of 29 May, the anonymous CJRS fraud reporting system had received nearly 1900 reports of suspected manipulation. Whilst some reports could be duplicates entered by multiple individuals with knowledge of a single fraud, the true extent of CJRS manipulation is likely much higher due to the numerous barriers affecting an individual’s likelihood to report, even when they have been directly victimised.

For instance, even if anonymity was assured (which seems hard to guarantee, especially in smaller organisations), sanctions for companies found to be making fraudulent claims to the CJRS could end up harming those anonymously blowing the whistle. With predicted rises in unemployment on the horizon, potential whistle-blowers might decide not to report for fear that Government sanctions might put their employer out of business (especially if that business was struggling before the pandemic). For reasons such as this, in its current guise the CJRS reporting system cannot itself be considered credible oversight to safeguard against furlough fraud.

The Government has also attempted to control furlough fraud by indicating claims might be audited by HMRC, but it is unclear how this process will work. The sheer volume of demand the Scheme has attracted means auditing all claims would likely be an improbable and costly endeavour.

Improving investigations of fraud

Furthermore, the majority of fraud investigations will be conducted retrospectively as HMRC have suspended some tax investigations due to capacity issues created by implementation of the CJRS. This is inherently problematic as attempting to recoup funds lost through fraudulent claims is costly, uncertain, and politically undesirable if large fines risk putting firms out of business (amendments to the Finance Bill 2020 give HMRC powers to fine persons deliberately making incorrect claims and to hold company officers liable).

HMRC’s retrospective response should integrate harm assessment with evidence and intelligence-led investigation. First, those reports indicating the greatest harms to employees and the public purse should be prioritised. Alongside this, rigorous analysis of data on known CJRS frauds to build an understanding of associated red flags will enable HMRC to efficiently and systematically identify other reports that are more likely to be fraudulent. For instance, are there common features or patterns evident in those cases? Are certain sectors or industries more susceptible to furlough fraud? Such an approach would, of course, only build an understanding of the frauds that are actually reported. Second, therefore, tip-offs from whistleblowers should be incentivised as these ‘insiders’ are likely to provide the most credible insights into company deviance. Third, leniency should be offered to early disclosers who report their frauds to HMRC.

The CJRS has recently been extended until October. This gives the Government more time to consider how it can better collect and make best use of data to develop a systematic and effective procedure for investigating furlough fraud once economic activity has returned to some degree of normality.

Originally published 22 June 2020

Supporting the mental health and wellbeing of young people during the school closures

Dr Terry Hanley

Following Government announcements relating to COVID-19, the majority of children and young people will be getting used to not going to school. Dr Terry Hanley discusses what this could mean for young people’s mental health and wellbeing.  

The worldwide COVID-19 pandemic is creating an enormous amount of anxiety. Most of this relates to physical health, but the World Health Organisation recently started raising the issue of mental health and wellbeing. This is wide ranging and considers the impact upon everyone, including the general public and care workers. Importantly, it goes beyond the physical and includes issues such as the stigma that people might encounter if they are viewed as being unwell and the concern that people have about contracting the virus (themselves or others). As a response it directs professionals to the mGAP Humanitarian Intervention Guide, a thorough statement on principled responses to need.

Figure 4. 83% of young people reported their mental health to be worse throughout lockdown

Where it is less clear, however, is in considering how professionals will remotely support individuals in need of support whilst people practice social distancing or self-isolate. Such issues have become increasingly important as workplaces encourage home working and education providers have now closed for a potentially long period of time. With young people and young adults increasingly finding themselves losing access to valuable psychological support services, offering an online alternative could be one means of filling this gap.

Face-to-face services compared to online support

For years, face-to-face support has been the primary means by which therapeutic support has been offered. Online therapy has however been evolving in the background for many years and, although there has been a steady reluctance to engage with mediated support by professionals, the desire to access such support by the general public has increased dramatically. For instance, one online counselling service for young people in the UK receives over 2,000 log-ins each day. Such a pattern is echoed by numerous mental health and wellbeing services.

Research has proven very positive for online provision. Effectiveness studies have shown similar results to face-to-face work and individuals accessing services report the relationship to be of a similar quality.

For some, there are even novel benefits, with individuals preferring to access services online and being more willing to talk about the issues they face online than face-to-face with a therapist. Organisations are even beginning to question where therapeutic relationships begin and end. For instance, whereas many people might view online therapy as taking what is offered face-to-face and offering it online, technologically savvy organisations are aiming to enrich the therapeutic work directly with professionals by providing other resources as well. They are creating what might be viewed as ‘positive virtual environments’ in which individuals can access multiple resources such as information sheets, forums to access peer support, email therapy, chat room therapy and access to computerised therapy programmes.

Considerations in providing online services

However, those offering therapeutic interventions need to be both confident at using such resources and competent in using them properly. For instance, therapists need to be mindful of the differences in the way therapy unfolds online. People might open up about serious issues much quicker than they do in face-to-face relationships or they might access support in a public place where people can hear or see what is being talked about (most young people don’t want their family knowing personal concerns).

Also, people might end a meeting very quickly and the person supporting them becomes concerned about their wellbeing; having appropriate risk management processes therefore becomes essential. And there are clear GDPR issues encountered if people start using personal computers to engage with their professional worlds. Professionals therefore need to be aware of these differences and support the people they work with to be aware of them too.

How can we support young people during school closures?

Firstly, we need to keep thinking about the mental health and wellbeing of young people and young adults during this difficult time. It is important for service providers to be pro-active in looking after younger generations’ wellbeing, particularly those who might be isolated from others.

Secondly, offering online therapeutic resources might be one way to offer continuity of support (eg Kooth.com). Services can provide online therapy offered by professionals, supportive information that is responsive to current needs, and encourage moderated forum interactions with peers.

Thirdly, financial support will be needed to support the pressure on existing online services and fund organisations in making a transition to mediated support. For instance, professionals will need additional training and supervision to offer these services and appropriate technology will need to be purchased to offer it.

The government has talked a lot about transforming mental health and wellbeing services in recent years. Much of this discussion has been about extending the remit of schools and has not referred to the way that technology might be used to support ‘digital natives’ (individuals who have grown up in a world that has always had the internet). Maybe the current circumstances, and the need to provide support services online, will be the catalyst that makes them take this leap.

Originally published 23 March 2020

With special thanks to our contributors:

Emma Barrett is Professor of Psychology, Security and Trust and The University of Manchester Strategic Lead for Digital Trust and Security. She is also Director of SPRITE+, the EPSRC NetworkPlus for Security, Privacy, Identity and Trust.

David Buil-Gil is a Research Fellow in cyber crime at the Department of Criminology of The University of Manchester. His research interests cover environmental criminology, crime mapping, emotions about crime, new methods for data collection and open data.

Daniel Dresner is Professor of Cyber Security at The University of Manchester. Danny is also a founder and director of the IASME Consortium which champions cyber security for small businesses and runs a cyber security programme for neurodiverse individuals, employing them in a community security operations centre offering security oversight for charities, SMEs, and vulnerable people.

Pete Duncan is an incoming PhD Criminology candidate at The University of Manchester. For his PhD, Pete has been awarded a full ESRC scholarship to research financial crimes – including fraud, tax evasion and money laundering – in professional football.

Terry Hanley is the Interim Director of Social Responsibility for the School of Environment, Education and Development (SEED) and the Programme Director of the Doctorate in Counselling Psychology within the Manchester Institute of Education. He is co-editor of ‘The SAGE Handbook of Counselling and Psychotherapy’ and regularly presents at national and international conferences on therapeutic issues relevant to children and young people. He currently volunteers as a Football Therapist with the charity ‘Freedom from Torture’ in Manchester.

Graham Haughton is Professor of Urban and Environmental Planning at The University of Manchester. Graham's research interests include sustainable urban development, urban regeneration, regional development, and water conflicts.

Brian Higgins is Project Manager for the Cyber Foundry programme at The University of Manchester and the UK security spokesman for Comparitech.com. He has previously served as an Officer of the Serious Organised Crime Agency from 2008 until 2013, completing his time in law enforcement in what is now the National Cyber Crime Unit.

Nicholas Lord is Professor of Criminology in the Centre for Criminology and Criminal Justice at The University of Manchester with research expertise in white-collar, financial and organised crimes, such as corruption and fraud, and their regulation and control.

Warren Mansell is Reader in Clinical Psychology at The University of Manchester. He researches, trains and practises universal psychological interventions for mental health problems and wellbeing. He also uses a theory known as perceptual control theory to develop and test new approaches to experimental psychology, mental health, dementia, human action control, and robotics.

Nuno Pinto is Lecturer in Urban Planning and Urban Design at The University of Manchester. His research interests focus on the use of quantitative methods in urban planning and their integration in decision-making processes.

Michael Prentice is a research fellow focusing on digital trust and security within the Digital Futures initiative. His research focuses on the impact of securitisation on office life and culture in the UK and Korea.

Iain White is Professor of Environmental Planning at the University of Waikato. He researches issues connected to the interface between science and decision-making.

@UoMPolicy

The opinions and views expressed in this publication are those of the respective authors and do not necessarily reflect the views of The University of Manchester.

August 2020

The University of Manchester

Oxford Road, Manchester

M13 9PL

www.manchester.ac.uk

TopBuilt with Shorthand