FBI Posts Fake Hyperlinks To Trap Downloaders of Illegal Porn

mytrip brings us a story from news.com about an FBI operation in which agents posted hyperlinks which advertised child pornography, recorded the IP addresses of people who clicked the links, and then tracked them down and raided their homes. The article contains a fairly detailed description of how the operation progressed, and it raises questions about the legality and reliability of getting people to click "unlawful" hyperlinks. Quoting: "With the logs revealing those allegedly incriminating IP addresses in hand, the FBI sent administrative subpoenas to the relevant Internet service provider to learn the identity of the person whose name was on the account--and then obtained search warrants for dawn raids. The search warrants authorized FBI agents to seize and remove any "computer-related" equipment, utility bills, telephone bills, any "addressed correspondence" sent through the U.S. mail, video gear, camera equipment, checkbooks, bank statements, and credit card statements. While it might seem that merely clicking on a link wouldn't be enough to justify a search warrant, courts have ruled otherwise. On March 6, U.S. District Judge Roger Hunt in Nevada agreed with a magistrate judge that the hyperlink-sting operation constituted sufficient probable cause to justify giving the FBI its search warrant."

I would have read the article before replying

But I was afraid to click the link!

Rest Assured

Spoofing as a link to a slashdot article would be about the least successful campaign of this type the FBI could conduct. Of all the billions and trillions of links out there, the link to an article on slashdot is going to get the fewest.

Re:I would have read the article before replying

You should be scared- you can have all your thousands of dollars of computer equipment and hard drives seized indefinitely just because you clicked on a link. I'm wayyyyyyyyy more terrified of the FBI than of terrorists, and I'm no criminal.

Re:I would have read the article before replying

JB is not CP. Seeing as how half of 4channers are 15, jailbait-clickers are just interested in girls their age. Anyway, the FBI should be trying to take down the monsters who hurt these children instead of spending millions on prosecuting people who just copy files around the internet.

Stating the obvious problem

So now if you develop a search engine, you get your computer confiscated?

Re:Stating the obvious problem

What if your browser uses link prefetching? Will they then have enough justification to take my computers and smart phone away which would leave me without the ability to work?

Re:Stating the obvious problem

They can tell if it's prefetched, if you're using a recent firefox. Firefox sends the http header

X-moz: prefetch

for prefetch requests. You can disable prefetching altogether by going to about:config and toggling

network.prefetch-next

Re:Stating the obvious problem

You should disable prefetching; a little-known fact is that cookies are exchanged when links are prefetched.. if you're on unsecured wifi (like my internet during the months I'm at school) all someone has to do is present you with a link to amazon or to wikipedia or to slashdot, and you don't even have to click it for the auto-login cookie to be exchanged. Those of you with credit card info saved on amazon, beware. ~~~~

Re:Stating the obvious problem

And lets hope that server never sees the light of day again, not only is helping people find child porn, it's in possesion. Think of the children.

On a serious note. Am I the only one that scared by these prospects? I don't mind the whole "think of the children", as I'm not a bad/evil/pedophile .. but put in the position, I might have clicked the link. Not because I'm into that stuff, but a combination of curisoity, bordem and just wondering if that stuff exists might have driven me to click it. And according to TFA the mere act of clicking the link constitues "violating federal law, which criminalizes "attempts" to download child pornography with up to 10 years in prison.".

I probably should have posted this anonymously, but I'm sick of the idea that possesion of some pictures is one of the worst crimes in the world. Sure child abuse is terrible (And I'd have no hesitation against the death penality in severe cases). But having a picture of it? C'mon.

Re:Stating the obvious problem

Well, considering this a year ago http://yro.slashdot.org/article.pl?sid=07/02/10/1752233 [slashdot.org] you don't even have to be an adult to be considered a pedophile on the internet

Re:Stating the obvious problem

Crawlers is "clicking" the links, and is indeed a part of developing a search engine.

How long until...

Compromised web sites contain stealthed links to these honeypots?

Re:How long until...

It's gonn be the next goatse, if you thought making people look at a stretched out asshole was funny, think how much funnier getting thier houses raided by the FBI will be!

Nice.

So if I see some link advertising child porn, and I click it to see if it's fake or something which actually needs to be reported to authorities, now I'm potentially opening myself up to having my computer confiscated and my life turned upside down?

Guess I'd better let the kids fend for themselves then!

Entrapment?

Ok, I'm not one to throw around the term willy nilly, but this seems like it fits the very definition of entrapment.

Re:Entrapment?

I think they don't use the fact you clicked on the hyperlink to incriminate you, but it's a probable cause for a warrant because you're likely to possess other child porn. It would be interesting, what would they do if they don't find any possession of child porn? Take off their hat and apologize for the inconvenience?

Re:Entrapment?

apologize? The FBI? You're kidding right?

There is absolutely NO repercussions to a judge who authorizes a search warrant on shoddy evidence. Law enforcement can literally *lie* to get the warrant and, even if you can prove they were lying, there isn't a venue to file your complaint. Even if they cause damage to your property, you can't sue... they had a valid warrant. About the only people you *can* file your complaint with is the FBI.. who will action it, around the 4th of never.

Re:Entrapment?

No. Entrapment is where the State gets you to do something illegal and then charges you for doing that thing. The goal here AIUI was just to get evidence so that search warrants could be obtained to investigate other possible offences.

Now, that's not to say there are issues here, particularly about:

• using deception to get people to effectively admit that they're likely to do something bad and whether that infringes the right to silence or right against self-incrimination (in some jurisdictions it might);
• whether the onus required to get a search warrant was actually satisfied (just because you click one link doesn't necessarily mean that it's likely you've clicked similar links in the past),

but I don't think it's entrapment.

This doesn't bode well for the intrawebs

While this particular investigation may not raise many eyebrows, this could be a very bad precedent for future investigations. Once courts and juries routinely accept that clicking on links believed to be child porn=being a child pornographer=molesting children, anything goes. Literally anyone could be tricked into being directed to such a link. You'd have blanket permission for the Feds to get a search warrant for anyone they want, and no one would dare question it, for even questioning child pornography laws instantly draws suspicion.

A search warrant based on clicking links is very troubling. Before obtaining the warrant there was no evidence whatsoever that the suspect had ever even viewed child pornography, and of course the link the Feds provided didn't actually link to any.

The war on child pornography is expanding every year. More police are hired to investigate it, more funds are allocated for it, and penalties are made ever-harsher. In Arizona it's up to 10 years for each picture someone possesses. Other states consider burning pictures to a CD to be "manufacturing". People are being sentenced to 10, 20, even 200 (http://news.bbc.co.uk/2/6399471.stm) years in prison for possessing pictures.

At some point you have to wonder whether the damage this zealousness causes (throwing college students in jail for decades for possessing some pictures) is worth the benefits. The argument that child porn possessors are creating a market for the material grows ever more tenuous, as fewer investigations seem to be centered around people who pay or provide other compensation for child pornography, but rather are focused on downloaders and traders. Unfortunately, it seems there will be no rational discussion about these investigation techniques or the laws themselves anytime soon, since it seems that there is an army of millions who froth at the mouth anytime they hear the words "child pornography" and cannot or will not draw distinctions between viewing pictures and videos and actually committing sexual abuse.

Doesn't meet Constitutional tests

There are LOTS of problems here, but in particular (no pun intended), this does not meet the "particularity" test. Courts have also repeatedly held that an IP address does not "particularly describe" a person OR a place, or even a thing. In order to be Constitutional, warrants have to "particularly describe" the person or thing to be seized.

I could have any number of computers on my Comcast connection. I could have open wi-fi and be serving Internet to my neighbors... it would show up as my IP.

This whole thing is a crock of shit.

Re:Priorities

With the "not enough money" part involved, I always wondered what it would take to steal ID's, but only put about $5,000 in debt on each ID, just enough to stay under the radar per ID stolen. With enough ID's stolen here and there, that gets to be real money...a dollar here and a dollar there adds up to a bit over time. The FBI really should look at the smaller cases and I'd bet they'd find some big fish...

Re:Abuse?

If someone started masking these kinds of links as legit links and sent them out in e-mails and such you could wind up with a lot of innocent people being raided by the FBI. And then how do you prove you didn't mean to click on the link?

What about hidden frames that open these kinds of links?

What about use of javascript, flash, java, or other embedded technology to make http requests in the background?

It just seems way too easy to get innocent people caught up in this sort of trap.

Does anyone still even give a shit about the innocent as long as some bad guys are caught? In the wars on drugs, terrorism, kiddie porn, and all other hot buzz quests, I was under the impression that innocent people caught up in their dragnets have been viewed as "acceptable collateral damage" for quite some time now.

Re:I could conduct stings for the fbi

I'll get a folder and write "CHILD PORN. HOT TOT ACTION" on it then I'll walk around trying to hand it to people while saying "This is child porn." Anyone that takes it from me will be instantly arrested and charged. I bet I could trap plenty of random people.

Except that if you weren't actually employed by the FBI, you could be arrested yourself. The "pandering" provision of the PROTECT Act makes it illegal to claim you have child pornography, even if you don't.

The problem is

People get really stupid when it comes to crimes involving children. They stop using their brains and get extremely emotional. Thus, law enforcement can get away with things they couldn't otherwise. When it comes to sex and children, all logic is out the door. The best example, which unfortunately I can't find a link to right now, is two minors, boyfriend and girlfriend, (they were in the 16-17 range) sent each other naked pictures of themselves via the Internet. This got found out and they were charged with possession, production and distribution of child pornography and sentenced to prison. This was then upheld on appeal. Yes, that's right, kids sentenced to jail and will be labeled as sex offenders for life for taking naked pictures of their own bodies.

Thus even if this is entrapment, it won't matter, because of the crime it involves. Logic and due process just get pushed aside for emotion and a witch hunt mentality.

Re:Entrapment.

IANAL But I would but wouldn't entrapment be more like they made a page trying to convince you that Child Porn was Legal, Moral, and/or Not a big deal, then give you a link. In general pressuring you do the activity. Just putting a link and say it is for Child Porn, isn't entrapment because the person is actively looking for child porn, and clicks the link knowing what they are getting. Not someone who wouldn't do so except after the convincing.