Tackling Online Harms: a multi-agency response
- Lucy Johnson Perret
- Jun 10
- 6 min read
This year, the International Policing and Public Protection Research Institute conference, held in May at Heathrow, picked up on the theme of ‘Tackling online harms: Research into practice’, and bought together a range of experts from industry, academia, policing, justice and third sector.
The conference explored a broad range of themes, focusing on the number of online harms offences being committed every day within the UK, with attendees acknowledging ‘we can’t arrest our way out of this’. The internet affords a level of anonymity and lack of accountability that enables individuals to carry out offences whilst continuing to hide behind a screen and avoid consequences. Understanding this behaviour and identifying how to implement strategies to prevent and intervene has to go beyond the remit of policing alone.
Cannelle Dalal has recently joined Principle One on completing her PhD within the IPPPRI, part of Anglia Ruskin University. Her thesis, which was presented at the conference, explores the behaviours of online child sexual offenders, supporting the development of deterrence strategies and preventing future occurrences of child sexual abuse material offences on the dark web. Using a crime script analysis approach, Cannelle’s analysis investigates the complexities of offenders' behavioural patterns by examining forum threads and posts within dark web forums. By understanding these critical stages and key decision points, it becomes possible to implement strategies aimed at preventing the commission of child sexual abuse material offences, safeguarding children from the impacts of online sexual abuse.
These offences are evolving, meaning they no longer fit into the neat boxes we like to put them in. Child sexual abuse motives blur into those of financial crime and extremist beliefs, making it challenging to identify who is responsible for tackling this problem – Child Protection, Social Services, Counter Terrorism Policing, or even Financial Authorities. Online offences lack the formalised geographical boundaries associated with crime in the physical world, spanning countries and continents, exacerbating investigative challenges of ownership, accountability and visibility of information. With online harms being conducted internationally and at an immense scale, our response needs urgent review and improvement.
Multi-agency collaboration is needed to improve our ability to tackle such a complex crime landscape and ensure opportunities for prevention or intervention are not missed. This approach must bring together statutory safeguarding agencies, such as policing, healthcare, social care and probation to share information and decide best routes of action. Academia and third-sector experts can also contribute and shape future approaches. No single party is responsible for tackling all aspects of offending, but each offers a unique perspective – schools, housing agencies, prisons and more can all offer chances for prevention, intervention and rehabilitation – but only when they have the right information at the right time.
Multi-agency working is nothing new and has been demonstrated to be successful in a variety of environments, including policing, health and social care [1]. Childlight, who presented on the Into the Light index at the conference, have promoted the idea that we should be viewing the issue of CSEA as a public health problem [2], with multi-agency collaboration at the heart of any response.
Despite the importance of multi-agency working being recognised at all levels in policing and the wider criminal justice system, and being identified as a critical enabler for the government’s Safer Streets mission, there are still barriers in place to its effective implementation.[3]
So where are we still missing the mark? What can be done to make a difference, and quickly?
Effective multi-agency working must be underpinned by getting the right data to the right individuals to take action, and ensure effective capture of metrics to understand what works. However, data often remains siloed within individual agencies, with limited understanding of what’s possible or permitted around data sharing. This is exacerbated by a lack of agreed policies and protocols to empower agencies to work together, and uncertainty around other agencies responsibilities and decision makers in this space. These agencies have a universal responsibility and statutory duty to protect children under the Children Act 1989, which gives a common purpose that takes priority in all they do.
The passion of those working in this sector can never be doubted, and improvements are often driven at a grass roots level, relying on individual relationships across agencies and the implementation of manual processes - tactical fixes, rather than working towards more strategic solutions. A lack of availability on all sides due to increased caseloads can impact the ability to get the right people in the room to discuss ‘bigger picture’ solutions. This can lead to a proliferation of ‘cottage industry’ solutions which can offer benefit at a local level, but aren’t fit for purpose to tackle the global threat of online harms. However, given the scarcity of resources across the sector, reuse and recycling of local solutions should be encouraged and celebrated - and communicated more widely to enable a mentality of ‘start small’ before delivering at scale.
Guidance on information sharing and multi-agency collaboration is neither centralised nor consistent. Policing, NHS and the Department of Education all provide guidance around sharing information between agencies, and the challenge of understanding these guidelines is further exacerbated by the need to understand GDPR implications and the risk of sharing sensitive information and breaching regulations, including personal and reputational risk to staff. Staff on the frontline, whether in policing or within social care, are often far removed from data sharing agreements and may not have up to date training on what can be shared and how to do so.
Similarly, there is little consistency in how data is used to inform risk assessments, with different agencies having different risk thresholds for information sharing and further enquiries. For example, HM Inspectorate of Probation found that Probation practitioners encountered issues with consistent risk assessment, resulting in only 55% of inspector recommendations for child safeguarding enquiries being carried out. [4]
Interoperability across systems is key to providing a platform for effective collaboration. This doesn’t mean a ‘big bang’ approach, but a recognition that there is a need to work across a plethora of national and local systems, not all of which promote effective information sharing. In implementing the Police Industry Charter in 2024, it was acknowledged that progress has to be made incrementally across the existing ICT estate, building on what’s already in place, but designing on ‘interoperability first’ principles for the future. This can progress in parallel with continuing to develop wider access to central systems and the creation of interfaces and data sharing mechanisms to avoid data duplication and rekeying.
However, there is a further challenge around ensuring data sharing is intuitive, and the rules clear and concise. Clear information sharing agreements across agencies should draw on GDPR, the toolkits and guidance from the Information Commissioner’s Office around sharing data with law enforcement [5], and should consider social and healthcare aspects as well as law enforcement. Once there are clear principles in place, a consistent approach to risk assessment becomes more achievable, further improving collaboration. A national standardised information sharing protocol for situations where children are at risk, would streamline the approach and ensure consistency in risk assessment.
There are lessons to be learned from multi-agency working in the real world as well. The Joint Emergency Services Interoperability Programme (JESIP) was established to put in place clear protocols around how different agencies should work together in the event of a critical incident.[6] Although this has been driven by the need to respond in real time to what may be a still changing threat landscape, the clarity it establishes for the different roles that each agency should play and what is needed for each to do their part could offer lessons for tacking online harms. JESIP defines interoperability as “the extent to which organisations can work together coherently as a matter of routine” [7], a definition that goes beyond interoperability of systems and acknowledges the need for business change and new ways of working, with greater clarity of roles and responsibilities throughout.
Technical solutions, whilst impactful, will not change attitudes towards shared responsibility, risk assessment and data security. Any solution to improve multi-agency working must consider the people working in the space and continue to shift hearts and minds from a ‘them and us’ to a ‘we’. Wider approaches to multi-agency collaboration focus on people change as opposed to technical. Multi Agency Safeguarding Hubs (MASH) co-locate resources across agencies, improving communication and collaboration, whilst Agency Liaison Officers can gather a collective view and focus on targeted interventions in response, enabling a continuous cycle of improvements in practice.
IPPPRI25 showed what can be achieved when safeguarding agencies, academia, industry and third sector come together to tackle online harms at scale and this approach has to remain at the forefront to ensure the optimum approach to safeguarding, crime prevention and intervention.
[1] Policing, Health and Social Care: working together to protect and prevent harm to vulnerable people