Routine Activity Theory
Routine activity theory (Cohen & Felson, 1979), which is the most influential theory of victimization (Miró, 2014), argues that for crime to occur, three necessary conditions must spatio-temporarily converge: (1) the presence of motivated offenders, (2) the presence of a suitable target, and (3) the absence of a capable guardian. Routine activity theory proposes that victimization stems from the “recurrent and prevalent activities” that individuals are involved in, which in turn influence the likelihood that the three necessary factors are present (Cohen & Felson, 1979). Therefore, routines influence an individual’s risk of being victimized.
While RAT cannot be directly applied to the online world (see Yar, 2005; Yar, 2013; Tillyer & Eck, 2009), the cyberlifestyle-routine activities perspective (see Reyns, Henson, & Fisher, 2011; Eck & Clarke, 2003) overcomes the primary issue limiting the theory’s applicability. Most notably, while offline victimization requires a convergence in time and space of offenders and victims, cybervictims and offenders can come into virtual contact through their networked devices, and this contact can happen asynchronously (Leukfeldt & Yar, 2016; Reyns et al., 2011; Vakhitova, Reynald, & Townsley, 2015). With this modification in mind, online routine activities can increase the likelihood of victimization by bringing potential targets into virtual contact with offenders in environments lacking guardians (see Eck & Clarke, 2003; Reyns et al., 2011). Researchers have now applied RAT to a variety of types of cybervictimization, ranging from fraud and identity theft to harassment and other forms of cyberviolence (e.g., Bossler & Holt, 2009; Bossler, Holt, & May, 2012; Costello, Hawdon, Ratliff, & Grantham, 2016; Hawdon, Bernatzky, & Costello, 2019; Hawdon, Oksanen, & Räsänen, 2015; Hawdon, Oksanen, & Räsänen, 2017; Holt & Bossler, 2008; Holt & Bossler, 2013; Marcum, Higgins, & Ricketts, 2010; Navarro & Jasinski, 2012; Navarro & Jasinski, 2013; Pratt, Holtfreter, & Reisig, 2010; Reyns, 2013; Reyns & Henson, 2015; van Wilsem, 2011).
Studies using RAT to predict cybervictimization generally find that engaging in risky online behaviors such as downloading games and music from unknown websites, using file-sharing programs, instant messaging, opening unknown email attachments, and clicking on pop-up messages increases cyberharassment (Hinduja & Patchin, 2009; Marcum, 2009; Marcum et al., 2010; Navarro & Jasinski, 2012). Similarly, general computer use, anonymously confiding in others online, playing video games, spending time in chatrooms, online shopping, and the use of social networking sites, and adding strangers as friends to the social networking accounts have been reported to increase the likelihood of being a victim of cyberviolence (e.g. Bossler & Holt, 2009; Bossler et al., 2012; Costello et al., 2016; Hawdon, Oksanen, & Räsänen, 2014; Holt & Bossler, 2008; Leukfeldt & Yar, 2016; Navarro & Jasinski, 2012; Reyns et al., 2011; Reyns, Henson, & Fisher, 2016; van Wilsem, 2011). The use of target-hardening devices such as antivirus programs, firewalls, and filtering and blocking software can potentially reduce cybervictimization, although the effect may only apply to economic victimization (e.g., Leukfeldt, 2014; Marcum, 2008; Marcum et al., 2010).
COVID-19 and Changes in Cyber-Routines
As mentioned above, the stay-at-home orders enacted to combat the spread of COVID-19 have radically altered the daily routines or millions of Americans. With decreased mobility due to shelter-in-place orders, people are increasingly teleworking. According to one study, 88% of organizations have encouraged or required their employees to work from home because of the pandemic (Gartner, 2020). In addition to more people relying on technology to telework, the use of social media sites such as TikTok, Twitter, Facebook, and Instagram are also spiking (Yitzhak, 2020). As we spend more time online, our cyber-routines change, and we would anticipate these changes would alter cybervictimization rates. But how specifically would the COVID-19 pandemic likely alter our proximity to motivated offenders, suitability as a potential target, and online guardianship? Let us speculate on each of these.
COVID-19 and Virtual Proximity to Motivated Offenders
First, the unemployment rate has surged above 20% and is expected to reach levels not seen since the Great Depression, millions have lost their jobs, had their hours reduced, or have been furloughed, and the nation’s small business owners are struggling to remain in business (Bartash, 2020; Lambert, 2020; Wolfer, 2020). As a revised version of RAT argues (see Bryant & Miller, 1997) areas with large secondary labor markets have high crime rates in part because workers in the secondary sector frequently experience unemployment, which may compel them to find alternative means of support. Thus, the radical shift in the employment structure of the nation to which these dire economic numbers attest has likely led to heightened economic need and increased motivations to steal. Combined with the increase in the number of people going online, we would anticipate an increase in the virtual presence of motivated offenders in cyberspace. The increased presence of motivated offenders in cyberspace during the pandemic, assuming it is indeed the case, should increase overall rates of cybervictimization. While this proposition is likely to be true, motivated offenders are a necessary but not sufficient condition for victimization. Indeed, Cohen and Felson (1979) assumed such offenders were omnipresent, and this truism is probably even more enhanced in cyberspace because its asynchronous nature allows offenders to be “virtually present” even when they are not personally online. Thus, while more motivated offenders being online is likely to elevate rates of cybervictimization, the overall patterns are likely more affected by changes in target suitability and guardianship that result from the pandemic.
COVID-19 and Target Suitability
Independent of the number of offenders prowling virtual space, the online routines of potential victims also shapes their likelihood of being victimized by determining a target’s suitability. Suitable targets include any person or object that can fulfill the needs or wants of a motivated offender (Cohen & Felson, 1979), and target suitability is a function of VIVA: the target’s value, inertia, visibility, and access (Felson & Clarke, 1998). Value is the worth a person or object has in the eyes of a potential offender, inertia is the target’s ability to avoid the offender, access is the opportunity for an offender to commit the illegal act, and visibility is the extent to which offenders can see a possible victim. These factors are interrelated and also related to the extent of contact targets have with motivated offenders. It is likely that the pandemic would influence target suitability in several ways.
As noted above, the pandemic has resulted in people spending more time online. All things being equal, spending more time online would increase the potential victim’s visibility to likely offenders. Indeed, research indicates that the proportion of users who access the internet only from home is positively related to cybertheft victimization (Song, Lynch, & Cochran, 2016). However, simply spending more time online may not necessarily result in a greatly enhanced probability of being victimized because overall time spent online is likely less important than the specific online activities in which one engages. For example, spending 8 hours online teleworking is probably not likely to bring one into a virtual space where motivated offenders lurk. In contrast, spending even 1 hour surfing the dark web very well might increase one’s exposure to motivated offenders. Thus, online activities that lead one to visit “dangerous virtual spaces” will increase a potential target’s visibility and the offender’s access more so than those activities that occur in more secure online spaces (see Costello, Barret-Fox, Bernatzky, Hawdon, & Mendes, 2018; Räsänen et al., 2016).
How the COVID-19 pandemic and resulting stay-at-home orders will likely affect target suitability is undoubtedly complex. For example, as previously mentioned, the limited available evidence suggests that some activities known to be related to victimization because they may lead users into dangerous virtual spaces have undoubtedly increased (Yitzhak, 2020). These “dangerous” online routines would include surfing the dark web, playing online video games, online shopping, and visiting social media sites as all of these activities have been reported to increase cybervictimization (Bossler & Holt, 2009; Bossler et al., 2012; Costello et al., 2016; Hawdon et al., 2014; Leukfeldt & Yar, 2016; Navarro & Jasinski, 2012; Reyns et al., 2011; van Wilsem, 2011). All of these activities would increase the target’s visibility and the offender’s access, and we would anticipate that increases in these behaviors would result in higher rates of cybervictimization. However, time spent performing other online routines, such as working online or reading the news, may have also increased due to the pandemic, but these activities are unlikely to affect cybervictimization since they would not bring one into “dangerous” virtual spaces.
Another factor that can influence target suitability by decreasing an offender’s access and possibly increase the target’s ability to avoid an attack (i.e. decrease the target’s inertia) is the use of target-hardening devices. Some evidence suggests that the use of antivirus programs, firewalls, and filtering and blocking software can reduce the likelihood of becoming a victim of an economic cybervictimization; however, there is little evidence such devices can protect one from violent cybercrimes (see Holt & Bossler, 2008; Leukfeldt, 2014; Marcum et al., 2010). How the pandemic would influence the use of target-hardening devices is difficult to predict. While one would hope people would be more vigilant in terms of updating their anti-virus software and making sure their firewalls are set, the pandemic has probably not influenced the overall use of computer technology for those with high levels of computer skills since these people were probably frequent users prior to the pandemic. Instead, the pandemic has probably led to more inexperienced and unsophisticated computer users spending more time online. If this is the case, we would predict that overall rates of economic cybervictimization should increase. We note here that we would not expect violent cybercrimes to increase since these are reportedly unaffected by target-hardening devices.
COVID-19 and Guardianship
Finally, another factor that patterns victimization is guardianship. Guardianship is “the presence of a human element which acts—whether intentionally or not—to deter the would-be offender from committing a crime against an available target” (Hollis, Felson, & Welsh, 2013: 76). The findings with respect to guardianship and cybercrime are inconsistent (e.g., Bossler & Holt, 2009; Leukfeldt & Yar, 2016; Reyns, 2015), in part due to conceptual uncertainty across both study design and types of victimization (Vakhitova & Reynald, 2014). Yet, as argued by Costello, Hawdon, and Ratliff (2017), the virtual world is a truly socially disorganized community. In cyberspace, actors are truly transient as they come and go regularly, and they do so anonymously. Moreover, many online spaces have no way for anyone even trying to monitor the activity to intervene, and most offenders likely know this. Even sites that closely monitor activity and have policies to censor or delete material struggle to keep pace with the amount of activity that must be monitored. Moreover, online norms that would stimulate intervention on one’s behalf tend to be weak and underdeveloped (see Costello et al., 2017). Thus, overall guardianship is always low online and the pandemic is unlikely to have changed that. As such, we would not anticipate rates of cybervictimization to have changed due to any influence the pandemic would have had on cyber guardianship.
Taking all of these factors together, we would anticipate an increase in cybervictimization amid the COVID-19 pandemic due to more motivated offenders, a change in some “dangerous” online routines, and perhaps less target-hardening. However, given that many online routines that have likely increased would not necessarily result in increased victimization and the fact that guardianship is likely unchanged by the pandemic (because it is always lacking online), any observed increase is expected to be modest.
The above discussion gives rise to the following hypotheses that will be tested using samples collected pre (November 2019) and post (April 2020) pandemic. First, as stated above, given the anticipated changes in online routines, we hypothesize (H1) rates of cybervictimization will be modestly higher among post-COVID-19 respondents than they are among pre-COVID-19 respondents. Next, as explained above, we anticipate the increase in victimization because people were forced to shift their daily activities online and radically enlarge their digital footprint. Thus, we hypothesize that (H2) the extent to which respondents engage in online activities will be higher in the post-COVID-19 sample than in the pre-COVID-19 sample. We now turn to our analysis.