CyberLaw Blog

Archive for the ‘Policing’ Category

Garda bid to block sites raises concerns – The Irish Times – Fri, Mar 18, 2011

JOHN COLLINS

INTERNET SERVICE providers and civil liberties groups have raised concerns about efforts by An Garda Síochána to introduce a blocking system aimed at preventing Irish internet users accessing sites containing child pornography.

The National Bureau of Criminal Investigation has written to ISPs asking them to nominate a contact who could help implement such a system.

In the letter, Det Supt John McCann says members of An Garda Síochána will ‘investigate and identify those domains and sub-domains being used to distribute ‘child pornography’’ as defined under Irish law. When internet users try to access these sites the ISP is requested to display a special ‘Stop! page’, explaining the material requested is illegal under Irish law.

A copy of the letter seen by The Irish Times says the authorities will not seek information identifying ISP customers but they will seek information about other sites visited by these customers in an effort to identify other domains that may warrant being blocked.

The letter was sent last December 28th.

ISPs are concerned that this is a unilateral action by Garda with no legislative basis. At least one ISP has told the Garda that negotiation about the system should be done with a representative body such as telecoms group Alternative Operators in the Communications Market (Alto) or the Internet Service Providers Association of Ireland rather than dealing with individual service providers.

The introduction of blocking lists in other jurisdictions has proven highly controversial. In 2009, WikiLeaks published details of the list of sites blocked in Australia. While it included sites containing images of child abuse, the list also included poker sites, WikiLeaks entries and the web pages for a Queensland dentist and dog-boarding kennel.

Last month, the civil liberties committee of the European Parliament voted down European Commission proposals on web blocking and voted instead for measures to tackle the production of child pornography.

‘We don’t support bilateral agreements with the Garda in advance of an EU directive on the matter which may be not be as draconian as this system,’ said Ronan Lupton, chairman of Alto. ‘Such agreements may also detract from Ireland’s attractiveness for investments in the digital media sector.’

Solicitor and head of Digital Rights Ireland, TJ McIntyre, said studies had shown that this type of blocking was very easily evaded and failed to address the main concern, ‘which should be removing this material at source’.

‘This is an area where legislation is required, not a private agreement with no judicial oversight,’ said Mr McIntyre.

Some in the industry are concerned that if ISPs agree to block child pornography, they could subsequently be asked to block access to other types of material, such as that protected by copyright.

Despite legal efforts by the Irish Recorded Music Association (Irma), only Eircom implements a ‘three strikes’ system where subscribers found to be repeatedly sharing copyrighted music are cut off from the internet.

U.S. Government Shuts Down 84,000 Websites, ‘By Mistake’: “

As part of ‘Operation Save Our Children’ ICE’s Cyber Crimes Center has again seized several domain names, but not without making a huge error. Last Friday, thousands of site owners were surprised by a rather worrying banner that was placed on their domain.

‘Advertisement, distribution, transportation, receipt, and possession of child pornography constitute federal crimes that carry penalties for first time offenders of up to 30 years in federal prison, a $250,000 fine, forfeiture and restitution,’ was the worrying message they read on their websites.

As with previous seizures, ICE convinced a District Court judge to sign a seizure warrant, and then contacted the domain registries to point the domains in question to a server that hosts the warning message. However, somewhere in this process a mistake was made and as a result the domain of a large DNS service provider was seized.

The domain in question is mooo.com, which belongs to the DNS provider FreeDNS. It is the most popular shared domain at afraid.org and as a result of the authorities’ actions a massive 84,000 subdomains were wrongfully seized as well. All sites were redirected to the banner below.

The FreeDNS owner was taken by surprise and quickly released the following statement on their website. ‘Freedns.afraid.org has never allowed this type of abuse of its DNS service. We are working to get the issue sorted as quickly as possible.’

Eventually, on Sunday the domain seizure was reverted and the subdomains slowly started to point to the old sites again instead of the accusatory banner. However, since the DNS entries have to propagate, it took another 3 days before the images disappeared completely.

Most of the subdomains in question are personal sites and sites of small businesses. A search on Bing still shows how many innocent sites were claimed to promote child pornography. A rather damaging accusation, which scared and upset many of the site’s owners.

One of the customers quickly went out to assure visitors that his site was not involved in any of the alleged crimes.

‘You can rest assured that I have not and would never be found to be trafficking in such distasteful and horrific content. A little sleuthing shows that the whole of the mooo.com TLD is impacted. At first, the legitimacy of the alerts seems to be questionable–after all, what reputable agency would display their warning in a fancily formatted image referenced by the underlying HTML? I wouldn’t expect to see that.’

Even at the time of writing people can still replicate the effect by adding ‘74.81.170.110 mooo.com’ to their hosts file as the authorities have not dropped the domain pointer yet.

Although it is not clear where this massive error was made, and who’s responsible for it, the Department of Homeland security is conveniently sweeping it under the rug. In a press release that went out a few hours ago the authorities were clearly proud of themselves for taking down 10 domain names.

However, DHS conveniently failed to mention that 84,000 websites were wrongfully taken down in the process, shaming thousands of people in the process.

‘Each year, far too many children fall prey to sexual predators and all too often, these heinous acts are recorded in photos and on video and released on the Internet,’ Secretary of Homeland Security Janet Napolitano commented.

‘DHS is committed to working with our law enforcement partners to shut down websites that promote child pornography to protect these children from further victimization,’ she added.

A noble initiative, but one that went wrong, badly. The above failure again shows that the seizure process is a flawed one, as has been shown several times before in earlier copyright infringement sweeps. If the Government would only allow for due process to take place, this and other mistakes wouldn’t have been made.

TorrentFreak

“

Police to get greater web censorship powers: “

Nominet prepares to yank more domains

Police will effectively get more powers to censor websites under proposals being developed by Nominet, the company that controls the .uk domain registry.…

“

(Via The Register – Public Sector.)

Media Release: Global investigation cracks child exploitation network – Australian Federal Police: “Media Release: Global investigation cracks child exploitation network

Release Date: August 27, 2010

International law enforcement agencies have combined to dismantle an alleged organised child exploitation network that had been operating via the social networking site Facebook.

A total of eleven people have been arrested as part of a coordinated operation across Australia, the United Kingdom and Canada.

Law enforcement has made six arrests in relation to child abuse image offences in the United Kingdom, including the alleged head of the network. Three arrests have been made in Australia and two in Canada. Investigations are ongoing with the operation currently spanning four continents.

The Australian Federal Police (AFP) began the investigation in March this year and has operated in partnership with the Royal Canadian Mounted Police (RCMP), the Child Exploitation Online Protection Centre (CEOP) in the United Kingdom and the US Federal Bureau of Investigation (FBI).

The investigation began when a covert AFP Internet Policing Team member established an online identity on Facebook and was approached by one of the network members. Upon further investigation into the network, referrals were made to overseas counterparts leading to the arrests across the globe.

AFP National Manager High Tech Crime Operations Neil Gaughan heralded the successful operation as a clear demonstration of co-operation between international law enforcement agencies.

‘Criminal activity of this type is often described as a borderless crime because there’s no geographical restriction on where offenders may try to target their victims,’ Assistant Commissioner Gaughan said.

‘Policing in this social networking environment is a challenge, but the cooperation during this operation demonstrates that international law enforcement is united in a global fight against online child exploitation material.

‘The investigation should serve as a warning to both social networking providers and users.

‘In this case, Facebook deactivated the online accounts of the initial suspects but there were indications that, within hours, the groups were reforming again under new accounts.

‘It is important that content service providers including Facebook constantly scan for child exploitation material, and then inform law enforcement of their findings.’

CEOP Chief Executive Jim Gamble said, ‘This network was made up of people who share an interest in viewing extremely disturbing images of children suffering horrific abuse.’

‘All the officers working on this investigation – both in the UK and in Australia, America, Canada and elsewhere – shared a steely determination to safeguard children wherever they were and to bring those involved to justice,’ Mr Gamble said.

‘Offenders are not limited by their geography and neither are we. We have worked side by side with the Australian Federal Police, the FBI, the RCMP and colleagues in a number of other countries to ensure that no stone is left unturned and no child is left unprotected.

‘Project Ocean should send a clear message to others who think that online environments offer them anonymity in their offending. Everything you do leaves a digital footprint and, working together, we will stop at nothing to protect children suffering abuse.’

FBI Assistant Director Gordon M. Snow, Cyber Division, said: ‘The sexual exploitation of children is a heinous offense, and the FBI is committed to identifying and thwarting online predators, no matter where they live.’

‘We work side-by-side with our law enforcement partners around the world to identify and pursue those who produce, possess and distribute sexually explicit images and videos of children.’

RCMP Superintendent John Bilinski, Officer in Charge of the Canadian Police Centre for Missing and Exploited Children said: ‘The RCMP’s National Child Exploitation Coordination Centre is committed to working with its international policing partners. Project Ocean is a clear demonstration of how international co-operation can help ensure that child sexual offenders are brought to justice.’

‘One of our most effective strategies against Internet-facilitated child sexual abuse is cooperation. No single agency can deal with this crime in isolation. We continually work together with our partners to ensure the safety and security of children, regardless of where they live.’

Media enquiries
AFP National Media Team +61 (2) 6131 6333
CEOP Media +44 (0) 870 000 3434
RCMP Media +1 613 993-2999
FBI Media +1 202-324-3691

FACTS & STATS

Background:

The operation began in March 2010 when an AFP Internet Policing Team member established a covert online identity in Facebook.

The profile was approached by numerous Facebook users to become ‘friends’ and commenced engagement with these friends.

The engagement identified the network exchanging child exploiting material using Facebook to host the images. Members of the network were identified and referrals were made to the countries they were identified to live in.

Australia

* On 2 June 2010, a 33-year-old Victorian man was charged with two counts of using a carriage service to access child pornography material, contrary to section 474.19(1)(a)(i) of the Criminal Code Act 1995 (Cth); two counts of using a carriage service to make available child pornography material, contrary to section 474.19(1)(a)(iv), of the Criminal Code Act 1995 (Cth); and possessing child pornography, contrary to section 70(1) of the Crimes Act 1958 (Vic). The man will appear in Melbourne Magistrates Court on 6 October 2010.
* On 2 June 2010, a 18-year-old Victorian man was charged with two counts of using a carriage service to access child pornography material, contrary to section 474.19(1)(a)(i) of the Criminal Code Act 1995; two counts of using a carriage service to make available child pornography material, contrary to section 474.19(1)(a)(iv) of the Criminal Code Act 1995 (Cth) and possessing child pornography, contrary to section 70(1) of the Crimes Act 1958 (Vic). The man will appear in Geelong Magistrates Court on 24 September 2010.
* On 15 June 2010, a 27-year-old New South Wales man was charged with using a carriage service to transmit child pornography material, contrary to section 474.19 (1)(a)(iii) of the Criminal Code Act 1995. The man will appear in Wollongong Local Court on 14 October 2010.

United Kingdom

The CEOP have arrested and charged six males in the United Kingdom, one of which is the alleged head of the network.

* The 45-year-old Worthing man has been sentenced to four years in prison and served with a Sexual Offences Prevention Order, after pleading guilty overnight at Chichester Crown Court to making (six counts); possessing (one count); distributing (seven counts) and view to distributing (10 counts) child abuse images. He was also found guilty of breaching his requirements on the Sex Offenders Register. The man was arrested by Sussex Police who initiated a specific investigation to gather evidence of his offences. Further police activity lead detectives to identify five additional suspects in the UK and a further nine suspects overseas, with investigations still underway.
* Two UK children have been safeguarded and five further suspected offenders have been arrested in the UK.

Canada

Law enforcement agencies have arrested two males in Canada. One suspect has been charged with four counts relating to child exploitation in Canada.
Regarding the second man, the investigation is still ongoing.”

(Via .)

Over 1,200 UK shopping websites shut down: “More than 1,200 illegal internet shopping websites that have made millions of pounds for criminals have been shut down by Scotland Yard in the biggest operation of its kind in Britain.

(Via Tech and Web from Times Online.)

Crooks ‘too lazy’ for crypto: “

Met’s digital forensics boss thanks human nature

The widespread use of encryption by criminals – long feared by intelligence and law enforcement agencies – has yet to materialise, according to the man in charge of the country’s largest digital forensics unit.…

“

(Via The Register – Public Sector.)

Police arrest people just to create DNA records, claims ex-officer: “Police are arresting people purely for the purpose of ensuring that their DNA is sampled and recorded on the police’s national database, a report by Government advisory body the Human Genetics Commission (HGC) has said.”

(Via OUT-LAW News.)

IR – Iran moves to silence opposition with internet crime unit: “(Guardian)
Iran has moved to block the last remaining outlet of expression for the country’s political opposition with the launch of a special force to police the internet. A 12-member team reporting to the chief prosecutor will scour websites with a view to pressing charges against those judged to be ’spreading lies’ and ‘insults’ against the Islamic system. Members will include police and personnel from other, unspecified, parts of Iran’s security apparatus.

“

(Via QuickLinks Update.)

Government rejects call to secure snoop data: “

Mandatory crypto ‘impractical’

Councils and police will continue to pass around sensitive data obtained using spying powers in the clear, after the government rejected calls to impose encryption.…

“

(Via The Register – Public Sector.)

COURT OF APPEAL JUDGMENT ON POLICE DATABASE: “

On 19 October 2009, the Court of Appeal, in Chief Constable of Humberside Police v Information Commissioner (2009) EWCA Civ 1079, allowed police appeals against a decision of the IC, upheld by the IT, that data on old minor convictions (of which there are probably about 1 million) must be deleted from the Police National Computer (‘the PNC’).  The Court of Appeal held that retaining information for police operational needs in the fight against crime and for other purposes was justified and did not infringe the data protection principles (‘the DPP’) under the DPA 1998, especially principles 3 (personal data shall not be excessive in relation to the purpose for which they are procured) and 5 (personal data shall not be kept for longer than is necessary).

Waller LJ, applying the approach from the Bichard Inquiry, following the Soham murders, said, at paragraph 43: ‘If the police say rationally and reasonably that convictions, however old or minor, have a value in the work they do that should, in effect, be the end of the matter.’

Carnwath LJ referred to the importance in a case of this kind having the involvement of a Judge with direct and hands-on experience of the criminal system. Hughes LJ, with direct hands-on experience of both the criminal and family systems, summarised the position as being that it is for the data controller to determine the purpose(s) for which the data is processed;  it is not open to the IC to impose his own determination of those purposes; the imposition of a concept of ‘core police purposes’ was misconceived; and in any event the proper purposes of the police in managing the PNC plainly include the retention of information for provision to others who have a legitimate need for it.

 Hughes LJ emphasized practical considerations and in particular the value, in the public interest, of the existence of a single comprehensive record of convictions and of its being held by police forces acting collectively.  Hughes LJ said, at paragraph 107: ‘Like both Waller and Carnwath LJJ, I take the clear view that if senior police officers with considerable operational experience are satisfied that even very old and comparatively minor convictions may sometimes be of assistance in police investigations, then unless that view is perversely or unreasonably held, it is not open to the Commissioner to substitute his own view of their potential use. But I should also add that the opinion expressed by the police witnesses in this case entirely accords with what is seen to be true from time to time in major criminal investigations. As was in evidence in these proceedings, Dame Janet Smith also reached a similar conclusion when considering the investigation into Dr Shipman. Such old convictions, if never subsequently repeated, may very well not be the kind of material which it is proper to put before a jury, … but that does not begin to mean that they have not been of use in the investigation. Quite apart from propensity (or lack of it) to offend in a particular manner, they are likely to be useful for other reasons, of which location and associates are but two simple examples. Moreover, the critical consideration is not the use of the conviction standing by itself, but its potential value in conjunction with other information pieced together by a skilled detective.’

Hughes LJ further observed that many others depend heavily, and reasonably, on the maintenance by the police of these records. Those others include (but are not limited to) the criminal courts, the family courts and those concerned with the protection of children and the vulnerable.  He said that the criminal courts have a plain need for reliable and comprehensive information. The Rehabilitation of Offenders Act 1974 is expressly made not to apply to criminal proceedings. There are at least two situations in which the need for such records arises daily. The first is in sentencing. The second relates to the credit of witnesses, especially those relied upon by the Crown. The Secretary of State for Justice expressed the view in this case that ‘providing anything less than full information to the courts would potentially undermine the criminal justice process’.  Hughes LJ agreed.

Hughes LJ also stated that the importance of multi-agency working to child welfare in general, and to child-centred family proceedings in particular, has been recognised for many years, has been the repeated subject of judicial and ministerial exhortation alike, and is difficult to overstate. It is, nowadays, the daily norm of cases in the family courts. The Rehabilitation of Offenders Act 1974 is expressly made not to apply to these proceedings either.  It may well be that at times such co-operation throws up difficult questions about the extent of disclosure which a police force ought to make to social services or other child welfare professionals, but that is not a reason for failing to have available a comprehensive record in order to make a fully-informed decision about it.

As regards the vetting of potential employees, Hughes J said that, given the statutory framework, it is plain that it is part of the necessary public purposes of the PNC that it maintain a complete record of convictions etc to enable the statutory scheme to work.

(Via Panopticon Blog.)