Oh Look, Some Police Do Know How To Use Craigslist As A Tool

from the yet-again dept

We keep hearing stories of law enforcement officials, such as Sheriff Thomas Dart of Cook County Illinois, trying to blame Craigslist for the actions of its users, rather than recognizing that Craigslist can be a great tool for actually monitoring and tracking down crime. Some are realizing this, and Eric Goldman point us to the latest example of this. Police in Palo Alto, California (right in the heart of Silicon Valley, so it's a good sign that they get this), used a Craigslist ad to help track down a bicycle thief. This is, obviously, a rather simple example, but it does make you wonder why more law enforcement agencies don't regularly do similar things. It has to be better than suing (or threatening to sue) Craigslist for the activities of its users.

8 Comments | Leave a Comment..

Advocacy Group Says Canadian ISPs Should Be Required To Hand Over Subscriber Data Without A Warrant

from the unintended-consequences,-anyone? dept

Rob Hyndman points us to the news that a Canadian "victims advocacy group" called Victims of Crime has put out a report on how the government should deal with "internet-facilitated child sexual abuse." You should recognize that the recommendations are ridiculous by the way they describe the problem: "internet-facilitated child sexual abuse." Notice that they're including the internet as a part of the problem, rather than just a tool that's being used. The report starts off by making a bad assumption: that the internet is responsible for an increase in child sexual abuse by stating: "internet-facilitated child sexual abuse is growing at an alarming rate. Between 1998 and 2003, the number of charges for production or distribution of child pornography increased by 900 percent...." Now, that could mean that there has been an increase... or it could mean that more resources have been put towards lawsuits or (perhaps) that the internet has enabled law enforcement to collect more evidence to bring charges. In other words, you could easily interpret that evidence to mean that the internet has been an amazing help in bringing justice to those involved in such evil acts.

But where the report gets really troubling is the suggestions on what the government should do:

• introducing legislation to make it mandatory for Internet service providers to give law enforcement basic customer name and address information upon request;
• requiring internet service providers to keep data and internet surfing records for longer periods to ensure that evidence is not destroyed; and
• making it a criminal offence to refuse to give law enforcement a password or encryption information during an investigation.

In other words, throw all privacy rights out the window, don't require any evidence of wrongdoing or a court warrant and massively increase the costs for ISPs. And do they not think such laws would be abused? If police can simply request detailed information with no oversight, how quickly will it be abused to seek out anonymous detractors? Law enforcement and politicians have tried to seek out anonymous commenters many times, but usually a court is there to try to protect the right to anonymity and privacy. Yes, it's no doubt that child sexual abuse is a horrific crime and we're all for law enforcement doing whatever they can to crack down on it. But throwing out all privacy rights or due process is likely to have many, many, many negative unintended consequences.

25 Comments | Leave a Comment..

And Then... A NY Court Says No To Police GPS Tracking

from the a-difference-of-opinion dept

On Monday, we wrote about the Wisconsin ruling that police didn't violate anyone's rights in putting a GPS device on the car of someone they were tracking. It didn't take long for a different court in a different case to disagree. A bunch of folks have sent in the news that a court in NY had tossed out a similar case, claiming that the GPS evidence was illegally obtained. The ruling lays out many of the reasons why such technologies aren't the same as simply observing what someone does in public:

"What the technology yields and records with breathtaking quality and quantity is a highly detailed profile, not simply of where we go, but by easy inference, of our associations -- political, religious, amicable and amorous, to name only a few -- and of the pattern of our professional and avocational pursuits."

I expect that we'll be seeing many more such cases in the next few years until this is settled either by the law or the Supreme Court.

14 Comments | Leave a Comment..

Australian Law Enforcement Wants The Right To Hack Computers

from the the-modern-wiretap dept

As technology changes, so does the demands of law enforcement officials to figure out better ways to spy on your use of that technology. For example, efforts to wiretap Skype conversations has been a popular subject among law enforcement around the world. Down in Australia, the police are now looking for the right to hack your computer. At the very least, it would require a warrant, but a judge could authorize the police to hack into your computer and monitor it for up to 7 days at a time and not tell the owners for up to three years (depending on the circumstances -- and it would require several approved extensions for it to last that long). Not surprisingly, this is rather controversial, and security companies in particular have made it clear they want no part of this (i.e., they won't create backdoors) and fully expect their products to block such hacking attempts. How long until new legislation is proposed that forces security vendors to change their minds about that as well?

29 Comments | Leave a Comment..

Cops Taking To Private Social Networks; Is There Enough Oversight?

from the rules-for-your-own-good dept

After spending a long time decrying social networks and media-sharing sites for helping to encourage crime, lots of police around the world are realizing that the sites can actually help them fight crime. Some have started posting details of crimes and suspects on popular sites, but some cops are going even further, and taking to private, crime-focused social networks to share information with other cops and investigators. It sounds like they've discovered some of the benefits that increased and easy information-sharing can generate, but there are a couple of areas for concern. First, it isn't just police on these sites, they also include private companies like banks and retailers and security companies. Second, all of this info-sharing is unregulated -- no subpoenas or warrants, or any sort of oversight or rules for transparency. It would seem there's a lot of scope for abuse or for innocent people to be misidentified and mistreated, particularly by private companies on the systems. The rules governing police investigations and the protections they aim to give people exist for good reason; while police and other groups should be able to use technology to better do their jobs, they shouldn't be able to use technology to circumvent regulations. Balancing these two aims will be a critical battleground for legislators, investigators and civil-rights groups moving forward.

Carlo Longino is an expert at the Insight Community. To get insight and analysis from Carlo Longino and other experts on challenges your company faces, click here.

8 Comments | Leave a Comment..

Sweden Considering Law To Allow Police To Go After File Sharers

from the moving-in-the-wrong-direction dept

One of the most enjoyable parts of attending MidemNet was talking with various people in the industry who have learned how to embrace new business models and adapt to the changing market place. I ended up hanging out a lot with Martin Thornkvist, of the Swedish record label Songs I Wish I Had Written (some of that time spent wandering slightly lost through French villages post-midnight, after we discovered that there was no transportation back to the town where both of us were staying, but only a train that would drop us a few towns over, where the promised taxi cabs were found to not exist). We talked a lot about what's going on in Sweden, where there seems to be an unfortunate dichotomy. There are those who have learned to embrace the new market place and look for the opportunities, such as Martin's label, and a variety of other labels there. And, of course, there are folks like The Pirate Bay and the political Pirate Party, which actually has received some level of recognition in Sweden.

But there is also the other side. And they still appear to be in power. Apparently, Sweden's Justice Minister is reviewing a report that will recommend giving police the ability to go after file sharers. This still makes little sense to me. Copyright should be, for the most part, a civil issue. It usually makes little to no sense to ever get police or law enforcement involved -- especially when we're seeing plenty of folks in the recording industry -- such as Martin and other Swedish indie labels -- not only learn to live with things like file sharing, but to embrace it and actively encourage it. Of course, I have to admit that, while highly amusing, the Swedish Pirate Party's response to such a plan is a bit over the top:

"These laws are written by digital illiterates who behave like blindfolded, drunken elephants trumpeting about in an egg packaging facility. They have no idea how much damage they're causing, because they lack today's literacy: an understanding of how the Internet is reshaping the power structures at their core."

Of course, when you combine plans to have law enforcement go after file sharers with recently approved legislation to effectively tap all forms of communication in the country, things get pretty worrisome pretty fast.

12 Comments | Leave a Comment..

Why Do The Police Call In The RIAA To Investigate Potential Crimes?

from the that-doesn't-seem-right dept

We've long known that the boundary between US law enforcement and the enforcement wings of certain lobbyist organizations like the RIAA is way too blurry, but TorrentFreak is raising some important questions about why the police will call in RIAA investigators on certain cases, such as one where a speeding stop in Illinois resulted in a cop calling in the RIAA after spindles of writeable DVDs and CDs was found in the car. While the RIAA and law enforcement have a history of working closely together (and many people go back and forth between the two), the RIAA is still a highly biased party here, and shouldn't be involved in investigations where it has a personal stake. While some politicians are trying to turn US law enforcement into the private police of the entertainment industry, that doesn't mean that police should just consider RIAA investigators their peers. So can anyone explain why RIAA investigators should be allowed to be involved in such cases and why no one's called US law enforcement on things like this before?

42 Comments | Leave a Comment..

GPS Device Data Increasingly Being Used By Police To Determine Where You Were

from the privacy-schmivacy dept

Late last years, the news broke that law enforcement officials had figured out a neat little loophole to obtain location data on you without having to seek a warrant on you using the probable cause standard. Instead, they're seeking warrants not on the individual, but on the companies that may have data on your location, which only requires a magistrate judge's approval, and no showing of probable cause. So, how is this playing out? Well, reader JB points us to the news of a sudden growth in lawsuits where police are using data from GPS units to help convict people based on their location at the time of the crime. Since the police can get that data directly from the company without needing to show probable cause, it's much easier for them to get the data to convict people or push them into plea bargaining. So, while those turn-by-turn directions may be useful, recognize that they may also be used by the police against you in court.

37 Comments | Leave a Comment..

How Does The FBI's Spyware Get Around Security Software?

from the cloak-and-dagger-or-point-and-click dept

A teenager in Washington state got sentenced to 90 days in juvenile detention this week, after he plead guilty to making some bomb threats via e-mail to a high school. It turns out that the FBI nabbed him with a piece of spyware called the Computer and Internet Protocol Address Verifier, or CIPAV. The FBI used the spyware after it had obtained server logs from Google and MySpace, which gave them an IP address that led to an infected computer in Italy. This isn't too surprising, really, but what makes it a little more intriguing is that it's not clear how the FBI slipped the program onto the kid's computer, nor how it evaded detection by anti-virus software. The most likely possibility is that they took advantage of some unpatched vulnerability on the kid's PC, with a browser or plug-in hole exploited by a MySpace web message. The question of evading security software looms larger, though, with CNet's Declan McCullagh wondering if the government persuaded security software vendors to whitelist CIPAV. He said that some vendors said they'd comply with court orders to ignore government or police spyware, and that McAfee and Microsoft wouldn't say if that's what had, in fact, happened here. Meanwhile, Kevin Poulsen over at Wired says that a more likely (and less controversial) explanation is that without ever seeing CIPAV, security software vendors can't make a signature for it, so their systems can detect it.

40 Comments | Leave a Comment..