Peer-to-Peer Sharing and Child Pornography Crimes

Matthew White admits he was surfing the Internet looking for a “Girls Gone Wild” video – a perfectly legal act – when he happened upon a file using the peer-to-peer network  The file was child pornography.  White did not intend to download it, and immediately deleted the file.  He went on with his life.

A year later the Federal Bureau of Investigation came knocking, and asked to see White’s computer.  Using sophisticated software (EnCase), FBI computer forensic examiners (the Computer Analysis Response Team) were able to undelete the offending file.  The FBI admitted that White had no access to the file he had long deleted, but since the file still resided on his harddrive, it was evidence that at one time he had possessed child pornography.

While some people caught in child pornography stings are true predators who seek to do harm to children, most other people prosecuted by the state or federal government fall into one of two categories. Either they are:

  1. people with psychological issues who have gravitated to child pornography, need treatment, but aren’t a threat to children, or
  2. they are innocent people who happen upon child pornography entirely by accident while searching for adult pornography.

Are you being investigated or have you been charged with distribution of child pornography or sexual exploitation of a minor? Call Damon Chetson, a Board Certified Specialist in State and Federal Criminal Law for immediate assistance.

Peer-to-Peer Sharing Networks

Peer-to-Peer sharing networks run on a basic protocol called Bittorrent.  These sharing systems may go by a number of different names, including LimeWire, Gnutella, or Bearshare.  Originally these networks focused on the distribution of music, but in the late 1990s and early 2000s, these networks came under legal fire from the RIAA and music distributors like Sony who essentially forced them to shut down that part of their services.

While copyright violations continue to take place on these networks, a significant part of the content on peer-to-peer networks involves pornography.  The Electronic Frontier Foundation, the leading civil liberties organization on the Internet, says that millions of people use P2P networks.

The networks have several problems:

First, they are almost entirely unregulated meaning that anyone with a computer and a broadband internet connection can offer files that may be both legal and illegal.

Second, the files themselves may be illegal, but the names of the files themselves may give the downloader no indication of what’s in the file.

Third, the files by default are automatically re-shared on the network.

Fourth, the networks are well-known to police, and the FBI has been known to set up honey-pot sharing nodes and servers that allow people download illegal files hosted on FBI servers that are later tracked through the internet, resulting in arrest and prosecution.

The Dark Web

The Dark Web is a second source of problems.  These computers are accessed using specialized software, such as The Onion Router (TOR Browser). The TOR project actually is very useful, allowing dissidents and people living under oppressive regimes to share political sensitive information.

But the dark underbelly of the Dark Web is its use by criminals, including organized criminal organizations, to sell products – such as designer drugs, fentanyl, GBH – to traffic in illegally obtained financial information such as large scale credit card fraud, and to distribute child pornography.

While it is harder for police to track activity on the TOR network and the Dark Web, it is not impossible because much of the traffic runs through key data interconnections that are monitored by government agents.

Chat Rooms, Newsgroups & IRC

Still other routes for the exchange of illicit material include chat rooms, newsgroups or posting boards, and chat networks such as the Internet Relay Chat (IRC).  These are some of the oldest distribution systems which have been around since almost the beginning of the internet.  The advent of broadband internet service means that large quantities of material can now be shared in very short order.

Steps to Protect Yourself

Whether one thinks pornography is harmful or not, it is legal.  But in searching for pornography, someone browsing the internet needs to be very careful to steer clear of any website or network that gives even the hint of trafficking in child pornography.  Avoiding search terms that suggest a search for child pornography.  Do not download unknown files.  Be careful about re-sharing files that you’ve downloaded on peer-to-peer networks.  Do not have anything on your computer at all that is illegal, including child pornography.

Second, be aware that any file that is saved or downloaded to a computer is not deleted simply by throwing it in the “trash icon.”  That trash bin on the computer doesn’t actually delete the underlying file.  It simply frees up space for that file to be overwritten in the future.  But if the file is never overwritten, it can be recovered by a forensic expert months or years later.

Third, be sure that any device you want to donate, or give away, or take to a computer store or BestBuy’s Geek Squad has absolutely no illegal content. Someone fixing your computer can easily find any content on your hard drive.  A future user may stumble upon content you thought you had deleted.

A safe way to donate a computer on which you have confidential information is to remove the hard drive, and then donate the computer either with a brand new hard drive installed or give it away without a harddrive at all.

Legal Issues

Appellate courts across the country have ruled that a warrant is not required for the authorities to view and download files traded on P2P networks. Since LimeWire, Bearshare, and Bittorrent are a file-sharing systems that allow the public at large to access files in shared folders, a defendant has no expectation of privacy unless the defendant took steps to block such access and the Government hacked into the harddrive. Because a warrant is only required if a search violates a reasonable expectation of privacy, the court found that no warrant was required.

A conviction for possession of child pornography can carry up to a 20 year prison sentence.  Distribution or manufacture of child pornography can carry even stiffer federal sentences.

In North Carolina, Sexual Exploitation of a Minor (in the First, Second, or Third Degrees) are all registrable sex offenses carrying felony consequences, and jail time. Anyone believing they have mistakenly or accidentally downloaded illegal material should contact a lawyer immediately for advice on their rights, obligations and how to proceed.

What You Should Do

Contact a lawyer as soon as possible.

Do not say anything about your activities, your computer use, or any other conduct without first talking to a lawyer.

Do not consent to a search of your property, home, or computer systems.  Require that the Government or state law enforcement officials obtain a valid search warrant.

Hire a Board Certified Specialist in State and Federal Criminal Law.

Is Brian Leiter guilty of cyber-stalking?

Paul Campos, a professor at the University of Colorado, raised the issue of whether Brian Leiter has been cyber-stalking critics on Lawyers, Guns & Money earlier this week.

A little back story: Brian Leiter is a professor at the University of Chicago. He is wont to hurl insults, for instance by calling critics or people who simply rub him the wrong way “morally deranged” and “crazies”. Also, he throws around the term Repugs for Republicans because what better way for a professor of law and philosophy at one of the country’s leading academic institutions to criticize an opposing ideology than to use such language. He’s a friendly guy, the kind of guy who should be tasked with the awesome responsibility of shaping young legal minds. Really, Brian Leiter is kind of jerk.

While Leiter believes some reforms are due, he is, in general, a defender of the legal academic enterprise. Indeed, part of his career is based on discerning the differences that make this or that law school better ranked than the next. He’s like USNWR, with less influence and fewer readers. Leiter’s obnoxious online persona has raised the ire of countless recent graduates who are underemployed or unemployed and faced with huge amounts of non-dischargeable debt.

Some of them have even written Leiter. Leiter doesn’t like to be criticized. So therefore, he has taken it upon himself to report at least some critics to their superiors. That’s how he rolls. While he calls other people bullies, he’s the one writing the bosses of people who send him emails with pointed questions.

In an amazing display of privilege and self-importance, Leiter outed someone who sent him sharp criticism (but used no foul or abusive language) and then reported the emailer to his firm’s partners.

Leiter enjoys tenure, so he’s free to say almost whatever he wishes about other people or institutions without fear of serious repercussions, such as losing his job. The rest of us can say things critical of Brian Leiter and his friends, but we’re going to be accused – laughably – of being bullies, of defaming and of insulting people. It’s all too rich.

Let’s be clear: Since none of these acts have apparently occurred in North Carolina, Brian Leiter couldn’t be prosecuted here. But let’s assume for a moment that jurisdiction is not an issue. Would Brian Leiter’s conduct, as alleged by Paul Campos, constitute cyber-stalking in North Carolina?

N.C.G.S. Sec. 14-196.3 Cyberstalking.

(a) The following definitions apply in this section:

(1) Electronic communication. – Any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature, transmitted in whole or in part by a wire, radio, computer, electromagnetic, photoelectric, or photo?optical system.

(2) Electronic mail. – The transmission of information or communication by the use of the Internet, a computer, a facsimile machine, a pager, a cellular telephone, a video recorder, or other electronic means sent to a person identified by a unique address or address number and received by that person.

(b) It is unlawful for a person to:

(1) Use in electronic mail or electronic communication any words or language threatening to inflict bodily harm to any person or to that person’s child, sibling, spouse, or dependent, or physical injury to the property of any person, or for the purpose of extorting money or other things of value from any person.

(2) Electronically mail or electronically communicate to another repeatedly, whether or not conversation ensues, for the purpose of abusing, annoying, threatening, terrifying, harassing, or embarrassing any person.

(3) Electronically mail or electronically communicate to another and to knowingly make any false statement concerning death, injury, illness, disfigurement, indecent conduct, or criminal conduct of the person electronically mailed or of any member of the person’s family or household with the intent to abuse, annoy, threaten, terrify, harass, or embarrass.

(4) Knowingly permit an electronic communication device under the person’s control to be used for any purpose prohibited by this section.

(c) Any offense under this section committed by the use of electronic mail or electronic communication may be deemed to have been committed where the electronic mail or electronic communication was originally sent, originally received in this State, or first viewed by any person in this State.

(d) Any person violating the provisions of this section shall be guilty of a Class 2 misdemeanor.

(e) This section does not apply to any peaceable, nonviolent, or nonthreatening activity intended to express political views or to provide lawful information to others. This section shall not be construed to impair any constitutionally protected activity, including speech, protest, or assembly. (2000?125, s. 1; 2000?140, s. 91.)

Leiter, to my knowledge, hasn’t used email to threaten to inflict bodily harm to any person… or physical injury to the property of any person. However, there’s a non-frivolous argument that he may have electronically mailed or electronically communicated to another person repeatedly, whether or not conversation ensures, for the purpose of abusing, annoying, threatening, terrifying, harassing, or embarrassing any person.

Campos has alleged that Leiter used a fake handle on JD Underground, a popular forum for discussion of law school admissions and related issues, asking first about the identity of another person, “dybbuk,” and then, apparently, replying to his own post. First, assuming this is Leiter who was posting under the fake handle, he could argue in his defense that the communication was directed “to” dybbuk, and therefore not cyberstalking.

Second, this probably doesn’t constitute cyberstalking, at least under North Carolina law, because, while creepy, the conduct must be repeated. Finally, even if the charges were to stick, Leiter would have a good argument that North Carolina’s cyberstalking law is overbroad, and therefore violates the principles of due process, and also contravenes the First Amendment in certain respects.

A second Leiter critic, who goes by the handle BrianLeitersRottingTeeth has alleged that either Leiter, a friend of Leiter, or a supporter of Leiter contacted him asking how things are “in Virginia” and had apparently used information gleaned from other blogs, to locate, contact, and issue veiled threats against him. If this indeed Leiter, this conduct may in fact be cyberstalking given the threats. Also, Brian Leiter should brush his teeth, because they look yellow.

Gawker Article on Reddit’s ViolentAcrez Raises Issues about Free Speech and Quasi-Illegal Conduct

Gawker, the news and media site, has exposed an anonymous Reddit user’s real identity, leading to an Internet controversy that has generated accusations of censorship, racism, anti-Semitism, and child pornography.

First, some context: You may not have heard of it, but Reddit is one of the most popular websites in the world, with billions of pageviews each month. It is structured like a bulletin board, recalling the early days of the Internet where Usenet reigned supreme. It is part of the same company as Conde Nast, the publisher of The New Yorker. President Obama recently gave a question-and-answer interview by Reddit users on one of the site’s subforums.

What makes Reddit particularly unique is its free-wheeling approach to forums. Very little control is in place, and so while there are tons of areas of the website that that are useful and interesting, focusing on politics, news, religion, and so forth, there is also an underbelly where content that is racist, sexist, or quasi pornographic can be found.

Reddit has very few employees, and relies on a large number of trusted users who moderate forums, including the less savory forums. These moderators go by usernames or “handles”.

One such user was ViolentAcrez, who posted and moderated some of the most unsavory stuff on the site. Before Friday, I had never heard of ViolentAcrez and you probably didn’t know who he was either. But thousands of Reddit users did, where he was notorious and popular. But his real identity was unknown to almost everyone, until Gawker reporter Adrien Chen decided to “out” him.

That article has a much more detailed explanation about the whole Reddit phenomenon.

I don’t really care about the supposed free speech issues. It seems that if you post anonymously on the Internet, one of the inherent dangers is that you’ll be uncovered and exposed. Such is life.

But there has been surprisingly little discussion about the criminal acts that ViolentAcrez – Michael Brutsch, who is a computer programmer at a PayDay lender in Arlington, Texas – may have committed.

As Adrien Chen writes in his article:

The Violentacrez clan seems to have walked out of a Todd Solondz movie, and a significant part of Violentacrez’s mythos on Reddit comes from the details he’s shared about his family. In 2010, Violentacrez hosted a legendary “Ask Me Anything” thread”—the same Q & A feature Barack Obama took part in last month. He was asked what was the creepiest thing he’d done “IRL” and delighted readers with a tale ripped out of Penthouse letters. “That’d be a tough call,” Violentacrez wrote, “Perhaps oral sex with my 19-year-old stepdaughter.” It was completely consensual, he claimed in the post, and went on to brag about how awesome it had been in graphic detail.

I don’t practice criminal law in Texas, but in North Carolina had the woman been under the age of 18 at the time of the act, it would’ve constituted a Class G felony (Sex Offense by a Substitute Parent), punishable by up to 98 months in prison under the new Reportable Sex Offenses Chart.

I haven’t read – and don’t care to read – all of ViolentAcrez’s posts to Reddit, but it’s safe to say that conduct revealed on such sites may in fact turn out to be illegal (or in this case close to illegal).

The mere admission of conduct would not be enough to convict someone since that would constitute a corpus delicti issue, but the admission plus any corroboration would.

UPDATE: Jezebel has a good article on attempts to out and stop abusive behavior toward women on Reddit.

Technology, the Fourth Amendment, and the Drug War

The United States Supreme Court’s jurisprudence on the Fourth Amendment is hopelessly naive, incoherent, and stupefying. Chalk that up to the Drug War, which for forty years has been a tool by both drug warriors and government officials to expand the government’s power to conduct searches.

Let’s take one example: Kyllo v. US, 533 US 27 (2001).

The Department of the Interior used a thermal imaging device outside Danny Lee Kyllo’s home which could not penetrate the walls or windows to reveal conversations or human movement, but could only record heat emitted from the home. The police were looking for evidence of a hydroponic marijuana grow operation, indicative of marijuana drug trafficking.

The observations of heat emanating from a part of the house formed the sole basis of the probable cause that gave police the authority to then raid the house pursuant to a search warrant.

The Court held: “Where, as here, the Government uses a device that is not in general public use, to explore details of a private home that would previously have been unknowable without physical intrusion, the surveillance is a Fourth Amendment ‘search,’ and is presumptively unreasonable without a warrant.”

In other words, the Court held that the thermal surveillance was itself a search that had been conducted without a warrant. The search was presumptively unreasonable given its warrantless nature, and the Court ultimately held that it was in fact illegal because the equipment used was not readily available to the general public.

In a second, related example: Florida v. Riley, 488 U.S. 445 (1989).

A Florida sheriff received a tip that a man was growing marijuana behind his mobile home. Unable to see in the greenhouse, the sheriff ordered a helicopter to fly over the property at a relatively low altitude. The sheriff could observe through his own observations – two panels were missing on the top of the greenhouse allowing him a view into the greenhouse from above – that marijuana was indeed growing inside. A warrant was obtained, and the man was charged with having a grow operation.

(Ignore, for a moment, whether the sheriff could really determine at any significant height whether in fact the plants were marijuana.)

In both cases, the Supreme Court held that the reasonableness of the search in the context of existing technologies – whether the general public would have access to thermal imaging equipment or whether the general public would expect a low-flying aircraft.

In 1990 or 2000, the idea that the general public would have access to these or similar technologies was far-fetched. Not so today.

Drone aircraft have been used increasingly in Iraq and Afghanistan to conduct assassination operations by the U.S. Government. Drone aircraft are also an increasingly common in civilian settings. Police departments – through federal grants – are getting access to the equipment. The University of North Dakota is evening offering a major in how to pilot drone aircraft.

Hobbyist groups allow regular people to acquire and fly drones.

Criminals have even gotten into the act, attempting to smuggle cell phones into a Brazilian prison through the use of an unmanned (and untraceable) vehicle.

I predict that over time, the Supreme Court will use these developments as an reason (excuse?) to grant the government even greater surveillance powers.

All in the name of keeping the country pot-free. Even though there is broad support for marijuana legalization.

And even at least 10 percent of Americans regularly smoke marijuana, and roughly 40 percent of all Americans have used marijuana in their lifetimes. And that marijuana has few addictive properties, and that marijuana is as much a gateway to harsher drugs and tobacco or alcohol are. And on and on.

Peer to Peer Software, LimeWire, and the Threat of Criminal Prosecution

The threat of criminal prosecution is very real in North Carolina, particularly if people use peer-to-peer based file sharing software and either intentionally or even inadvertently download pornography that includes child pornography. While few Raleigh criminal lawyers are familiar with the way this software works, it is important that any lawyer you hire be familiar with the way computer networks operate so as to build a viable defense.

In North Carolina, the crime of possessing or distributing child pornography is the Sexual Exploitation of a Minor either in the first or second degree. In addition, the federal government often takes a strong stand against the distribution of illegal pornography, and federal sentencing guidelines establish very low thresholds – as few as 600 images – before the person is subject to maximum penalties. Penalties can range up to 40 years in prison.

In addition to those penalties, a person convicted of crimes either at the state or federal level will be required to register as a sex offender for at least 10 years, and must petition to be removed from the list after the decade is up. That petition must be granted by a judge in order to be removed from the sex offender registry.

The problem from a technological perspective is that it can be difficult to know whether someone intentionally or inadvertently downloaded illegal materials. That’s because most of this activity occurs on peer-to-peer sharing networks that utilize client software to interact with the network.

These networks include Gnutella and BitTorrent and clients can include LimeWire, BearShare, or GigaTribe. The sharing networks and software can create inadvertent dangers for people seeking legitimate software, or even legal pornography. In my experience from interviewing clients charged with such crimes, they may have been searching for legal pornography, and have selected a large batch of files to download.

Over a series of months in repeatedly selecting large batches of thousands of pornographic images, they may have perfectly innocently and inadvertently downloaded child pornography because they have failed to inspect the filenames of each and every file downloaded.

By default, those downloaded files may sit in a person’s Download file, where they are subject to re-sharing by the default settings of the software. In a legal sense, the person has now become an unwitting possessor and also distributor of child pornography.

The government takes these issues so seriously that even defense lawyers are not allowed to knowingly possess hard drives of clients that contain child pornography, and given that rule, defense lawyers are frequently required to review offending images by visiting secure facilities maintained by law enforcement.

People accused of possession child pornography should immediately contact a Raleigh criminal lawyer familiar with these technologies.

What if Your Cell Phone Logged all of your Data?

What if everything you pressed on a cell phone was secretly recorded and logged on your cell phone, and saved to a log file that could later be accessed by anyone with access to the phone?

Scary? YES!

Turns out that some computer experts have discovered secret software on many Android phones called Carrier IQ that records nearly all keystrokes on the device and saves them to a log file that can easily be accessed by anyone who gets ahold of the phone.

It is tremendously scary to think that all phone numbers called, all websites visited, and all text messages sent and received, and even passwords to supposedly secure accounts are being recorded and saved to a plaintext file that is secretly saved to the phone.

Why is this important in the criminal law? Because police frequently confiscate cell phones which now have tremendous amounts of data, and are increasingly developing techniques to inspect these devices.

Child Pornography: Throwing Away the Key

When asked about their thoughts on child pornography, most people have this reaction: “Lock ’em up and throw away the key.”

This is just as true in North Carolina – maybe even more so.

The best evidence from studies, surveys, and research, indicates that even people who view child pornography almost never actually participate in the sexual assault of minors. There are also plenty of stories of prosecutions against people whose computers were hacked or Wi-Fi networks were compromised such that contraband material was on their computers when they weren’t even aware of its presence.

And, of course, there are people who download legal pornography on peer-to-peer networks such as BitTorrent or Gigatribe only to find out that some of the files contain illegal child pornography.

In spite of these real problems with the prosecution of people who merely possess child pornography, the penalties are incredibly harsh. So harsh that they are calling into question the whole approach to addressing child pornography in the United States.

The New York Times reports that:

State and federal laws, which generally increase penalties based on the number of pornographic images, reflect the idea that acquiring child pornography requires extensive time and effort and thus is a measure of a defendant’s involvement and interest. But with the rise of the Internet, it is possible to download hundreds of images in a matter of minutes, making the size of a stash a less than reliable indicator, Mr. Stabenow and other criminal justice experts said. It is now a rare case that does not involve the possession of hundreds, or even thousands, of images.

As a result, many federal judges have issued sentences lower than those called for by federal guidelines, which add months for multiple images and other aggravating factors. And even when such sentencing enhancements are enforced, the sentences — which can sometimes be 18 or 20 years — are often well below what Mr. Vilca received. The federal guidelines, for example, recommend a minimum of 57 to 71 months in prison for possession of 600 or more images of very young children.

Certainly there’s something deeply offensive about child pornography. But, I would argue, there’s something deeply offensive about a society that sends someone to prison for life for the mere possession of images.

What is a Hash?

A hash is a string of data – series of letters and numbers in a row – that is unique to a set of a data given a specific hash function. While hashing may be used for may different purposes, in computer forensic work, a seized computer or harddisk or flash drive is usually hashed soon after seizure. The resulting hash (also called a digest) is used to preserve the data, so that if the harddisk or flash drive is later modified or tampered with after it’s been hash, that tampering or those modifications can be discovered.

At the moment of a police raid, a computer, cell phone, or other digital equipment may be seized. If such material is left unhashed and uninspected, then such material could be tampered with while in police custody or before a computer forensic specialist has been able to inspect it, and the computer forensic specialist would not know whether whatever he finds on the computer was placed there by the suspect or by people who tampered with the equipment, harddrives, or cell phone after it was seized, but before it was hashed.

Hashing is a way of digitally fingerprinting the equipment. (Hashes can be used for many other purposes, for instance the efficient search of data in a table.)

You can think of hashing as a way of freezing a specimen. Let’s say police seize blood from a suspect they believe may have committed a DWI. And let’s say they forget to put it in the refrigerator or forget to use preservatives to preserve the blood. In that case, the blood may degrade before the chemical analyst can inspect it.

Hashing is like adding a preservative to the data – at least from the perspective that if the data is later inspected and the inspected data’s hash values differ from the initial hash, then the data has been altered in some way and the analysis is not an accurate reflection of the hashed data.

Hashing is extremely important in any internet crimes or computer crimes investigation.

Forensic Analysis and Computer Crimes

I recommend this short article Digital Smoke (pdf) by Al Lewis of Paradigm Solutions. Mr. Lewis has accurately characterized the problems facing not only police agencies, but also users (and defendants), and lawyers as they deal with allegations of computer crimes or internet crimes.

About the user, Mr. Lewis writes:

Today?s computer users can be characterized by the following: they have computers that are more powerful than the computers used to put a man on the moon, they have no computer security training, they use 3-4 applications, have multiple computing devices, freely publish personal information through a wide variety of data repositories using technologies they do not understand, and are connected to the Internet via a high speed connection. In essence today?s computer users are easy targets.

Given this lack of understanding on the part of the user, and the general lack of training on the part of first police responders with respect to computers and other devices, valuable evidence can be lost, altered, or tampered with, which can lead to wrongful accusations and convictions.

Computer Forensics in the Courtroom

After more than eight weeks in trial, and more than two years in preparation for trial, Cary computer engineer Brad Cooper was found guilty of first degree murder in the death of his wife Nancy Cooper. Many in Raleigh and the Research Triangle were captivated by the salacious details – marital infidelity, rumors, and gossip – that took up a good part of the trial. WRAL reported had more than 22,000 comments on news articles it posted on its website.

More important, however, was the centrality of computer-related evidence in the trial. People who watched heard about routers, WiFi, packet injection, WEP and WPA encryption standards, MFT tables, SIM cards, EnCase, Forensic Toolkit (FTK) and the like. For people who simply plug in a computer to get on FaceBook or use their cell phones to send the occasional text, this was all gobbledygook.

However, this evidence was crucially important because the most damning piece of evidence the State had was the Google maps search purportedly conducted 12 hours before Ms. Cooper’s body was found, showing the location of her body. If Brad Cooper did in fact search that site before his wife’s body was found, then that would be highly suspicious. But the defense contended that such evidence was either faked or planted.

The trial highlighted how, in a digital age, evidence from cell phones, FaceBook accounts, and computers will become crucial, especially in cases where there is no direct evidence of a crime. And that’s what the Cooper case was.

There are multiple issues related to computer evidence in a trial, but let’s focus on three:

First, digital evidence is highly volatile, meaning that it can every easily be tampered with or be subject to inadvertent destruction. Where police seize computer equipment, but do not first shut it down, such equipment may run for days or weeks on battery power, which means that evidence can be potentially accessed, deleted, or modified long after it left the suspects home. In addition, because digital evidence is so transitory, it can easily be overwritten, or planted, and such overwriting and planting may be very difficult for computer technician to trace.

Second, people have tremendous amounts of personal information on their phones and computers and on services like FaceBook, GMail, Hotmail, MySpace, Twitter. The volume of information may simply overwhelm not only police agencies, but also underresourced defense lawyers. Police agencies can usually command the resources – whether by calling in the FBI or the State Bureau of Investigation – to conduct an investigation. But a defense attorney is usually a single lawyer who may or may not know anything about how computers even work. Consequently, a defense lawyer may be completely outmatched in terms of resources to defend his client, even though the FBI or SBI’s investigation may have been shoddy.

Third, there are a number of cultural and generational divides that make the use of technological evidence at trial difficult to manage. Many people who are 40 or over really have no clue about how computers work (that’s true of many people under 40, but at least they may be familiar with what FaceBook or an mp3 player is). Judges and most senior lawyers tend to be over 40 and, consequently, unless they’ve devoted considerable time to learning the technology, may be complete befuddled by the presentation of evidence. Sometimes lawyers and judges who know nothing about these technologies may even take pride in their ignorance – “I don’t even have a FaceBook account” – which is particular disturbing.

Such ignorance can make judges ill-equipped to rule on evidentiary motions, and can make defense lawyers incapable of responding to the evidence.

In addition, there is a cultural divide between the courtroom and computer technologists. The courtroom makes a great deal of certifications. If someone has been certified by some agency as an expert in, say, EnCase, they are presumed to be an expert. Consequently, the FBI, whose computer forensic people may or may not be very good, focuses on sending them to certification courses, knowing that getting admitted as an expert in a court is the most important thing.

In the computer world, however, the best experts – the people who really know their stuff – don’t rely on certifications at all. You can spend thousands of dollars and hundreds of hours getting a Microsoft certification, or you can actually learn how to use the software and equipment. Computer people – the ones who make a good living at this stuff – tend to simply learn the software and equipment. Consequently, they usually find it harder to get admitted as an expert on a court of law because while they may have far more skill than the FBI computer expert, they lack the proper certifications because such certifications are usually worthless in the real world.

These problems are going to continue to plague our criminal justice system for decades.



* All Fields Required


(919) 352-9411

office hours
  • Monday 8am-8pm

  • Tuesday 8am-8pm

  • Wednesday 8am-8pm

  • Thursday 8am-8pm

  • Friday 8am-8pm

  • Sat & Sun 8am-8pm




  • * All Fields Required