Forgot your password?
typodupeerror
Privacy Your Rights Online

Germany Searches Credit Cards For Child Porn Payments 283

Posted by kdawson
from the variable-pricing-coming-soon dept.
narramissic writes "According to an ITworld article, police in the German state of Sachsen-Anhalt have teamed with credit card companies to sift through the transactions of over 22 million customers looking for those who may have purchased child pornography online. To date they have identified 322 suspects." From the article: "German data privacy laws allow police to ask financial institutions to provide data about individuals but only if the investigators meet certain conditions, including a concrete suspicion of illegal behavior and narrowly defined search criteria, according to Johann Bizer, deputy director of the Independent Center for Privacy Protection... In the case under investigation, police were aware of a child pornography Web site outside of Germany that was attracting users inside the country. And they asked the credit-card companies to conduct a database search narrowed to three criteria: a specific amount of money, a specific time period and a specific receiver account."
This discussion has been archived. No new comments can be posted.

Germany Searches Credit Cards For Child Porn Payments

Comments Filter:
  • by Mateo_LeFou (859634) on Tuesday January 09, 2007 @03:48PM (#17526866) Homepage
    Do they mean "grep"?
    • by mingot (665080) on Tuesday January 09, 2007 @03:49PM (#17526904)
      Uh, doubt it. Perhaps "query".
    • by gstoddart (321705)
      Do they mean "grep"?

      No, they mean sift through. Probably using database queries and things more complicated than grep. Banks don't keep all of their information in flat text files to be grep'ed for content -- they use way cooler toys. :-P
      • by neuro.slug (628600) <neuro__@hoDEGAStmail.com minus painter> on Tuesday January 09, 2007 @03:55PM (#17527040)
        Of course they don't use flat text... they've moved on to using one big XML file.
        • Re: (Score:3, Funny)

          by serialdogma (883470)
          Wow, is there a new W3C standard for flagging XML-logged credit card transactions as child porn related?
        • by Feyr (449684)
          you laugh, but one system we're testing for bank cards management is a big mix of proprietary binary DBs (read, binary files), ill-defined oracle tablespace, and huge ass XML files. the config files for the various utilies are sometimes XML, sometimes in-house flat files (just like unix), there's 3 different services that do basicly the same task, and "exchange" data using either binary files or xml (depending on what they're doing at the moment). to top it off, some of the utilities are written in java, a
    • by NineNine (235196) on Tuesday January 09, 2007 @03:54PM (#17526988)
      Another person who thinks that databases are the same as flat files... Really, that just makes me want to stab you in the eyeball with a rusty spoon. "Grep" is to an RDBMS as orange juice is to an M-1 Abrahams tank. Completely and utterly unrelated.
      • Re: (Score:2, Informative)

        by AlexCV (261412)
        Funnily enough, the AT&T Daytona RDBMS is basically implemented at gzipped (or similar) compressed text files searched with grep. Of course there's some differences with normal grep: queries are compiled to regexp and then compiled to an optimized C program representing the optimal grep-like tool for the specific query. It is then parallelized on an HP superdome.

        Also, most RDBMS implement linear search which is grep like. The use of the LIKE statement is even closer to grep and let's not forget that man
      • by mxs (42717)
        SELECT * FROM bad_analogies WHERE content LIKE '%grep%'

        You were saying ?
      • by darkstar949 (697933) on Tuesday January 09, 2007 @05:27PM (#17529216)
        To be fair, you can make orange juice with an M-1 Abrahams, although the technique is a bit of overkill.
      • Let's put you for, say, 2 hours into a tank, preferably in toasty warm weather, and then tell me again that you don't want to have that juice!
      • lol a funny aside, I work with a python dude here that thinks that databases suck and processing csv files is much better because he can do things sooooooo much faster by loading everything into memory.

        His last set of code was trying to do about 10 million summaries of about 20 million records over and over...

        I had to remind him that databases generally aren't stored in memory and if CSV parsing was so awesome in Python then no one in their right mind would deploy a database at all...
  • WHY?! (Score:5, Insightful)

    by Virak (897071) on Tuesday January 09, 2007 @03:49PM (#17526902) Homepage
    Why the hell do people pay for *any* porn, and especially why would you pay for porn that's *already illegal*?!

    People make my head hurt.
    • I have paid for porn (Score:5, Interesting)

      by Anonymous Coward on Tuesday January 09, 2007 @04:11PM (#17527352)
      I cant comment on why people pay for child porn as that is not my cup of tea but as for paying for porn in general, I have done so.

      Why, well first is convenience. I am busy and would rather be able to go to one website, enter in my search (usually redhead, teen and anal) and get the movies they have right there without having to sift through the results to see what is good. I feel my time is worth more then the money it costs to pay for the porn.

      The second is guaranteed quality. I never wonder if I am getting garbage resolution, a misnamed video, or some other piece of crap. That is why I pay, the company takes care of all that.

      The final reason is guaranteed download speed. I want my porn fast, regardless of how many other people are willing to share it.

      Also it is not illegal, I am supporting the "artists" by paying for it, and lets face it, these people are getting fucked all the time (pun intended).

      So there you do, those are the reason I have paid for porn.
      • honesty (Score:2, Insightful)

        by Anonymous Coward
        I am not quite sure I appreciate your honesty.

        Please, this is Slashdot.

      • Re: (Score:3, Informative)

        by fmobus (831767)
        Y'know, there are already free (as in free beer) pr0n search engines [askjolene.com].
        • Y'know, there are already free (as in free beer) pr0n search engines.

          Oh no! why did you tell me that? Now I'm not going to get any work done this week.

      • by NF6X (725054) on Tuesday January 09, 2007 @05:52PM (#17529836) Homepage

        Why, well first is convenience. I am busy and would rather be able to go to one website, enter in my search (usually redhead, teen and anal) and get the movies they have right there without having to sift through the results to see what is good.

        I really wish there was a "-1 Too Informative" mod. :-)

      • I dunno if quality is different when you pay for it when what you pay for is illegal in the first place. I mean, what do you want to do, drag them to court? It's like dragging your dealer to court for selling you tea instead of weed.
      • Re: (Score:3, Funny)

        by Cervantes (612861)
        As a fellow redhead/teen/anal enthusiast, I would like to take this opportunity to thank you for subsidizing the redhead/teen/anal porn market with your hard-earned money, so cheap bastards like me can continue to choose our time over our money, and download it for free.
    • by gstoddart (321705)

      Why the hell do people pay for *any* porn, and especially why would you pay for porn that's *already illegal*?!

      The same reason people pay for anything: perceived value of having it. Free porn is getting tougher to find on the net. I have no idea how difficult it is to find kiddie porn, nor do I want to know, cause that's just nasty. But, if you're looking for it, you're probably willing to pay for it.

      And, I'm sure most of the places selling such things promise discrete billing, much like *any* adult the

  • Darwin (Score:5, Insightful)

    by NineNine (235196) on Tuesday January 09, 2007 @03:51PM (#17526940)
    Well, I gotta say that somebody using a credit card to buy kiddie porn is a fine example of natural selection. Honestly, I had no idea that there were people that stupid out there. I mean really, if you're going to do something that is universally both illegal and reviled, why in the hell would you use a credit card?!?! Hell, I don't even use a credit card to buy incense at my local head shop!
    • Re:Darwin (Score:5, Interesting)

      by Hrodvitnir (101283) on Tuesday January 09, 2007 @04:11PM (#17527336)
      Who says they use their own credit card?
    • Re: (Score:3, Insightful)

      by fafalone (633739)
      Child porn sites are typically hidden from the general public, so you need to be a little more experienced with the net to find them. So the people who do find them are smart enough to use stolen ccs to pay for it, I'd bet 90% of the time.
    • Re: (Score:3, Insightful)

      I mean really, if you're going to do something that is universally both illegal and reviled, why in the hell would you use a credit card?!?!

      An even better question is why if you were someone offerring something illegal and reviled would you accept payment from something as traceable as a credit card transaction?

      The conspiracy theorist in me suspects all may not be as it seems here, but the realist in me understands that both buyers and sellers are mercifully stupid.

      • An even better question is why if you were someone offerring something illegal and reviled would you accept payment from something as traceable as a credit card transaction?

        AFAIK they didn't catch the people receiving the money and only have the address of a mailbox somewhere in south asia (not sure, had my brain on powersave when watching the news apparently). The producers/sellers probably don't give a shit about their customers and apparently aren't as easily caught.

        Also, stupidity might be a factor.

  • Done correctly (Score:5, Insightful)

    by MobyDisk (75490) on Tuesday January 09, 2007 @04:02PM (#17527168) Homepage
    I bet this is big news to Americans: a government that can responsibly deter crime without infringing on the rights of the citizens. How did those darn Germans do it? Some sort of miraculous new technology? Maybe they've invented a porno-detector? Let's take a look!

    only if the investigators meet certain conditions, including a concrete suspicion of illegal behavior and narrowly defined search criteria
    Sounds like a warrant.

    The database search was conducted by the credit-card companies, not the German police, which have no direct access to the financial records of people registered in Germany...They must have a concrete suspicion and provide very exact and limited search criteria.
    Sounds like responsible conduct.

    Bizer warned that credit-card data monitoring could lead to mistrust, especially if customers aren't properly informed.
    Sounds like an understanding of government, law, and proper oversight.

    Amazing!

    • by duerra (684053) *
      Sounds like responsible conduct.

      Sounds to me like a fishing expedition.

      Hope those Germans haven't been purchasing music on AllOfMp3....
    • The terrorists win.
    • Re:Done correctly (Score:5, Insightful)

      by camperdave (969942) on Tuesday January 09, 2007 @04:26PM (#17527698) Journal
      How did those darn Germans do it?

      Hmm... The population of Germany is roughly 82 million, and they are going to "sift through the transactions of over 22 million customers". It seems to me that those darn Germans are going to do it by considering half the adult population as suspects.
      • Re:Done correctly (Score:4, Insightful)

        by Kjella (173770) on Tuesday January 09, 2007 @06:28PM (#17530608) Homepage
        Oh, for the love of...., would you get off it. They're searching for a specific amount, to a specific account in a specific time.

        SELECT * FROM transactions WHERE account_to = '4234534543254' AND amount = '19.95$' AND transaction_date BETWEEN '2005-12-31' AND '2006-06-31'

        It's not slam-dunk evidence, because they might have operated legal sites which also got paid to the same account, cards get stolen and so on. But if your card has been paying the same fee to the same account as a kiddie porn site during the same time, that's plenty grounds for reasonable suspicion. This isn't a fishing expedition any more than if they asked the DMV who owns a blue Audi A4 1995-model, and they ran the query against the whole DB. If they don't hit, they get squat. Sometimes the anti-law enforcement brigade on slashdot really get their panties in a bunch over nothing.
      • by Jesus_666 (702802)
        You, sir, are either a troll or utterly uninformed.
        Let's see...

        - We have 22 million CC customers.
        - The police presented the CC companies with a warrant saying that the CC companies should check their databases for people who have bought from a specific site, since, as TFA explicitly stated the police isn't allowed to access the databases.
        - The CC companies scanned their databases and returned to the police those accounts that were used to buy from that specific site.

        Come on. I'm somewhat protective w
    • by pla (258480)
      Sounds like responsible conduct

      ...Right up until you consider that only an idiot would have bought something like that with his own credit card...

      I strongly suspect this will end up with 322 people remembering they lost their card a few months back - And I'd feel inclined to believe most of them, though no doubt the courts will put them through the ringer over this.
      • by arth1 (260657)

        I strongly suspect this will end up with 322 people remembering they lost their card a few months back - And I'd feel inclined to believe most of them, though no doubt the courts will put them through the ringer over this.

        And in the mean time, they will have their computer equipment confiscated (which will no doubt turn up some "illegal" material for some of the 322), and they will have an arrest record, and quite possibly lose their livelihood and family. No matter if cleared of the charges, they will be

    • used to be, but not anymore. this fucking terrorist hysteria has eroded the rights of fellow germans pretty much and the current lawmakers don't care about the constitution and even if an unconstitutional law has been removed by the german supreme court the lawmakers try to introduce the same one again and again, hoping that noone bothers this time.
    • by stubear (130454)
      You mean the same Germany that is stomping all over free speech by banning violent video games?
    • by DM9290 (797337)
      "I bet this is big news to Americans: a government that can responsibly deter crime without infringing on the rights of the citizens. How did those darn Germans do it? Some sort of miraculous new technology? Maybe they've invented a porno-detector? Let's take a look!

      only if the investigators meet certain conditions, including a concrete suspicion of illegal behavior and narrowly defined search criteria

      --Sounds like a warrant."

      Without judicial oversight this is not a warrant.

      Moreover a warrant requires the j
  • Scheisse! (Score:5, Funny)

    by Anonymous Coward on Tuesday January 09, 2007 @04:04PM (#17527214)
    POLIZE) Sir, ve haff found zis gepayment vot is obviously for die kidipornen. Ve vill haff to ask you to commen mit us to die polizestation.

    MANN) Nein, nein, das ist nicht ein kidipornen! Dis ist die regular wholesome scheisse videos mit conzenting aldulten gefichen mit die turdenpoopen.

    POLIZE) Ach! Ve are mischtaken. Zo zorry for gewasten du timen, proud zitizen. Gutenhaben, unt enjoy die turdenpoopen!
  • Fine by me. (Score:5, Insightful)

    by NNKK (218503) <nknight@runawaynet.com> on Tuesday January 09, 2007 @04:05PM (#17527248) Homepage
    If the site were in-country with in-country bank accounts, the authorities would just search those records directly. This gets them the exact same information. No more, no less. The parameters are narrowly-defined, reasonable, and the activity in question clearly illegal. The risk to innocents is at least as low as going at it from the other direction (looking at the records on the receiving end).
  • by flaming error (1041742) on Tuesday January 09, 2007 @04:12PM (#17527360) Journal
    Let's do it again. Now please grep for donations to the ACLU...
  • My card was stolen (Score:2, Insightful)

    by Anonymous Coward
    I wonder how many cards will now be reported stolen
  • Define "Broad" (Score:3, Insightful)

    by 15Bit (940730) on Tuesday January 09, 2007 @04:12PM (#17527384)
    The article clearly states that "The police are not allowed to ask credit-card companies or banks to run a very broad database search". However, the search criteria "a specific amount of money, a specific time period and a specific receiver account" reads to me as "we know the subscription fee, bank account number and the date the website went up. Could you tell us about all the germans who paid that subscription amount to that bank account please". That sounds like a pretty broad search criteria to me.

    A specific search would be "We have sound suspicions that a bloke called Wolfgang has been accessing this list of kiddie porn websites. Could you provide us with a list of transactions Wolfgang has made to them please."

    • Re: (Score:3, Insightful)

      by bcattwoo (737354)

      A specific search would be "We have sound suspicions that a bloke called Wolfgang has been accessing this list of kiddie porn websites. Could you provide us with a list of transactions Wolfgang has made to them please."

      That's not a search at all though. That is just asking for Wolfgang's credit card statement, which could presumably just be done with a regular warrant given the sound suspicions. I don't understand how searching for records of people paying the subscription amount to a known kiddie porn purveyor during the time he was known to be in business could be construed as overly broad.

    • Actually, I think this search qualifies as "specific", because every single customer data set that was handed over to the authorities by the banks is highly suspicious of having commited a crime (consciously bying child pornography is a felony under German law). Of course, there's still the chance of fraudulent card use, but this can and will be checked during the court hearings that will follow.

      You see, to ask a question like yours,

      "We have sound suspicions that a bloke called Wolfgang has been accessi

    • by Kjella (173770)
      Um, in what dimension is asking for people that *have* paid less specific than asking for people that *might* have paid? (Or their cards paid, anyway)
  • So, to date, they have 322 suspects out of 22 million scans...that's a hit rate of .00146 percent. That's a lot of people who had their personal data plowed through for a nearly zero yield.
    • I wonder who many of them in the 322 suspects had their credit card number stolen/copied?
    • by geoffspear (692508) on Tuesday January 09, 2007 @04:27PM (#17527704) Homepage
      Right, those non-suspects records were "ploughed through" in the same sense that if the police requested one record with a specific transaction ID from the creit card company's database, all of the records were "ploughed through" when the query to retrieve that record was run. You're either a troll, have no idea how a database works, or don't know how to read.
      • by jizziknight (976750) on Tuesday January 09, 2007 @04:40PM (#17528036)
        Agreed. Now, If they were manually sorting through the records rather than running a db query, that'd be a different story. The fact of the matter is they're getting only what they searched for and nothing else. The only people having their records "ploughed through" are those who are suspects. So assuming no false positives (which shouldn't happen with a well written query), and no records are missed (which also shouldn't happen with a well written query), they're getting a 100% success rate. The hit rate of .00146% as put forth by the GP would only be correct assuming all 22 million of those people were guilty and they were only finding .00146%. Or at least that's the way I see it.
        • by ahodgson (74077)
          The only people having their records "ploughed through" are those who are suspects.

          All 22 million of them.
      • Let me give you a simple test of logic. You presented three options:

        1) You're a troll

        2) You don't know how a database works

        3) You don't know how to read

        Using only your innate powers of deduction, which of these three options can you eliminate right now?

        My point being that, who's the troll here? The guy who asked about the effectiveness of going through 22 million records only to obtain 322 viable hits? or the guy who decided to take personal shots at the original post?

        Well, obviously a database search
    • So, to date, they have 322 suspects out of 22 million scans...that's a hit rate of .00146 percent.

      Well, you're assuming they're done. Maybe they had just finished searching suspect #323 when this article went to print.

    • by Lars T. (470328)
      This may come as a shock to you, but you ar a suspect in every single crime commited - for about a millisecond. Maybe even longer.
  • by Kaz Kylheku (1484) on Tuesday January 09, 2007 @04:18PM (#17527518) Homepage
    One reason might be that it's stolen?

    Someone steals your number, buys kiddie porn, and now you're the suspect.
    • by Incadenza (560402) on Tuesday January 09, 2007 @04:54PM (#17528442)
      Someone steals your number, buys kiddie porn, and now you're the suspect.
      A friend of mine had his computer confiscated for three months because somebody tried to sign up to a Yahoo! mailing list (where kiddie porn had been discussed) using his stolen or guessed or just randomly typed e-mail address. They are not the brightest of the block, these German cybercrimefighters.
  • the ones with any sense will be using stolen identities... so how would you explain things if your credit card number comes up in this search then???
  • To the contrary (Score:5, Insightful)

    by BenEnglishAtHome (449670) * on Tuesday January 09, 2007 @04:55PM (#17528474)
    I have problems with this. I'll give the German police some slack and assume they are reasonable enough to only look for people who purchased materials that any reasonable person would look at and say "That's obviously vile child abuse." We cannot, however, trust the police everywhere to be as reasonable.

    In the U.S., people are being prosecuted right now for making and selling child porn even though the prosecution agrees that no nudity or sexual activity is depicted. In the U.S., at least one 16 year old girl has been charged with child abuse and child porn production for taking a cell phone picture of herself nude and sending it to a boyfriend. (Yes, the child she was charged with abusing was herself. Think on that a while, but don't blame me if your head explodes.) In the U.S., we have people sitting in jail convicted of possessing child porn for, among other things, having cartoons of young-looking characters having sex. (I'm at work, so filtering prevents me from searching for links; you can google them as easily as I can, though. For the first case, look for "Pierson" who's being prosecuted in Alabama.)

    Yes, everyone is probably right that in the instant case this is a reasonable way to proceed. But I'm still not comfortable with it. I don't trust LEOs to not be idiots, to not be grinding political axes. Dangerous stuff, this. If it's backed up with searches that find people in possession, great. But be warned - due to identity theft or whatever reason, there will be some false positives. The people who are the victims of those false positives are just a short distance away from having their lives utterly ruined without adequate justification.

    There must be better ways of investigating this sort of thing.

  • First, 14 credit card service companies helped gather the data; they handed out a list of persons with similar transactions on their CCs: the criteria that were matched were Visa or Mastercard used, 79,99 US$ transaction and a company from the Philippines as recipient.

    Second, the authorities in Germany state that everything was done legally and that it's not a case of 'dragnet investigation', since neither prosecution nor police had access to all the data but instead the search was conducted by the CC comp

  • by B5_geek (638928) on Tuesday January 09, 2007 @07:00PM (#17531156)
    So that would mean that the investigation has a success rate of 0.001463636%

    Disclaimer: IMO anybody who hurts a child should be exterminated.

    What % of children die from disease or other 'preventable' causes in Germany?
    Would efforts be better spent helping them?

Vax Vobiscum

Working...