Meeting of the Parliament 17 December 2025
I thank the Criminal Justice Committee for bringing the debate to the chamber. I am sure that I am not alone in worrying about the rise of cybercrime in Scotland. We can see from the Criminal Justice Committee’s report that cyber criminals were able to nearly double their output overnight in response to the pandemic, as their supply of in-person victims dried up.
In addition, certain crimes lend themselves much more readily to becoming cybercrimes; there is a statistical propensity for that with sexual crimes and with threats and extortion. New technologies such as deepfakes and generative AI have enabled a whole new kind of fraud and deception. Many of our constituents are worried that they or a loved one will fall victim to an AI-generated request for money, although that pales in comparison with the violation of deepfake pornographic imagery.
The Scottish Government must ensure that Police Scotland is adequately resourced and prepared, not for the crimes of the last century, but for the crimes of this century and beyond. That includes ensuring that the police have the powers to investigate and act if a new type of crime has been committed. The Parliament must be swift and flexible, and it must bring in appropriate legislation accordingly.
However, the ability to identify crime will not be enough. As often as not, the culprits are far outside the UK, and a stronger cyberdefence is paramount. Schools should be our first port of call in giving children the experience of identifying unfriendly links and invitations. That needs to be an active Government initiative, not simply a hope that teachers who are already hard stretched will be able to rise to the challenge.
Schools and community centres should also be hubs where parents and grandparents can learn what to do should their child—or even they—fall victim to cybercrime, because it will be a learning curve for us all. Maybe we should resurrect the old 1950s public information films, just to make people aware.
I, too, have been approached by many older residents who are out of their comfort zone with digital platforms. The Bank of Scotland’s decision to close the last branch in Larkhall highlighted that issue, with many feeling that in-person services were the last backstop between them and cyber criminals.
The Government should do all that it can to protect in-person banking services, in particular to prevent older constituents from falling victim to financial cybercrime. Some criminal ploys have existed for a long time—fleecing emails, for example, and malign links on social media, often in the guise of bots. However, AI has introduced a new level of capability to mislead vulnerable groups and businesses on an industrial scale.
I would hope that all my colleagues would be against those things, but I read a few weeks ago that the First Minister was in favour of the Iranian bots because they are pro-independence for some reason. That aside, at some point or another, everyone in this chamber will have been on the receiving end of abuse and insults because of some point of view that they might have held in the past. Basically, doing that on social media is a cybercrime and should never be considered acceptable.
Cybercriminality, in any shape or form, regardless of how it is manifested, is committed by calculated cold villains and no one is immune from it. The Scottish Government needs to be industrious and dynamic in its legislation to protect the public and businesses, and criminals need to be prosecuted with vigour. No doubt the worst is yet to come. As technology rapidly improves, those who are currently considered immune from AI deception may be the most vulnerable. It may be that entirely new types of cybercrime emerge that are far beyond what we can comprehend today.
We are at the start of a fantastic journey, on which we will see lots of great things. However, we should take heed, as we do not know where we will end up or what perils await in these uncharted waters.
16:27