More than three-quarters of the people using the government-backed Australian Cybercrime Online Reporting Network (ACORN) cybersecurity reporting service have been dissatisfied with its lacklustre outcomes, according to an internal government review that was so negative that it was buried for nearly two years.The Australian Institute of Criminology was enlisted to review the progress of ACORN, a National Plan to Combat Cybercrime initiative that provides an online mechanism for Australians to report fraud, scams, and other cybercriminal activity.Their final review, which was completed in October 2016, was never released to the public (but has subsequently been published online) until QUT researcher Dr Cassandra Cross, a senior lecturer in the Faculty of Law\u2019s School of Justice obtained it through a freedom of information request that was initially knocked back.Some 65,000 reports were submitted to ACORN between its commencement in November 2014 and the June 2016 review, with 48 percent pertaining to online scams and fraud and 21 percent related to issues buying and selling online.The involvement of state police forces, the Australian Criminal Intelligence Commission, Australian Attorney-General\u2019s Department, Australian Competition and Consumer Commission, Australian Communications and Media Authority, and Office of the Children\u2019s eSafety Commissioner had given high-level weight to the ACORN initiative.However, Cross told the recent AISA National Cybersecurity Conference, consumers were frustrated that they were often caught on a \u201cmerry go round\u201d, as Cross put it, where they were passed from one agency to another.These procedures had complicated enforcement efforts and had, the report found, failed to change public understanding of the appropriate place to report cybercrime issues. Many of the ACORN reports were from people who first approached their local police, then were referred to the ACORN service.Shaping public awarenessThe service had failed to boost public awareness of the role of ACORN as a primary reporting tool, although those that used it were generally happy with the process of using it.However, a survey of nearly 1800 adults found that the service had failed in its efforts to deliver meaningful outcomes from those incidents that were reported.Fully 77 percent of the victims who reported incidents to ACORN said the outcome of those reports \u2013 only 3 cases out of 65,000 resulted in an arrest \u2013 did not meet their expectations. And just 15 percent said they were satisfied with the outcome of their report.\u201cThere are no surprises, really, in the evaluation for me in terms of some of the negative findings,\u201d said Cross, who recently documented her findings in an opinion piece for The Conversation.\u201cWhat is really important is that it\u2019s not just about blaming police. There is a much bigger picture here and I think a lot of the issues reflected in the evaluation are the result of factors beyond the police agencies.\u201dACORN was particularly disappointing for victims reporting cases of cyber bullying ,online harassment, sexting, stalking, and issues buying and selling online \u2013 all crimes whose reporters, as the report\u2019s authors noted, \u201chad higher expectations of offenders being apprehended.\u201dPolice were having trouble keeping up with the extra resources required to track and escalate ACORN incident reports, with some police forces noted to have gotten six weeks behind in processes that often involved \u201csignificant resources\u201d due to manually copying ACORN data into the agency\u2019s own information management systems.\u201cThere is a clear disparity in expectations between what victims want and what police can realistically provide,\u201d Cross said, noting that in previous criminological research \u201cvictims have very unrealistic expectations of what police resources are out there.\u201dVictims also underestimate the prevalence of cybercriminal offences, assuming that their cases are unique and deserving of much greater attention than police can actually provide.Balancing police prioritiesThe need for police forces to triage cybercriminal reports had also seen many less-critical issues put on the back burner as police prioritised cases such as offences against children and domestic violence.The number of police investigations into cybercriminal activity had increased dramatically across the period, with NSW Police reporting a \u201csignificant increase\u201d in investigation numbers. The WA Police Technology Crime Investigation team, for its part, said investigations into attacks on computer systems had doubled while the unit was investigating 9 times as many online scams and fraud cases.Yet this higher level of investigations was creating new concerns for resource-constrained police, with many agencies raising concerns that even low-level cybercrime investigations were consuming a disproportionate amount of resources.\u201cACORN has largely shifted the responsibility of referring reports between business areas and agencies,\u201d Cross said, \u201crather than actually reducing the time spent by enforcement.\u201dLess than one percent of investigations had resulted in offenders being identified or apprehended, while police reported a near doubling in the number of cases finalised because no offence had occurred.\u201cThese results may not be indicative of patterns in other jurisdictions,\u201d the review noted, \u201cbut they highlight the challenges associated with relying on information reported by members of the public.\u201dThere was also little evidence that the crime-prevention advice offered through ACORN had impacted repeat victimisation rates. Yet the survey did report improvements in the attitudes of surveyed users: for example, the proportion of users that said it wasn\u2019t worth the effort to report the most recent case of cyber bullying, sexting, online harassment and\/or stalking (CBSOHS) had dropped from 55 percent before ACORN was introduced, to 43 percent afterwards.Interestingly, however, many indicators showed an opposite trend: 30 percent of CBSOHS victims said they hadn\u2019t reported the incidents before ACORN\u2019s implementation because they believed nothing would be done \u2013 but this had grown to 39 percent after its implementation.Respondents were more positive about the likelihood of results relating to issues buying or selling online \u2013 with the proportion of people who didn\u2019t think anything would be done dropping from 46 percent before ACORN, to 34 percent after it.