Handling of evidence delays rulings on case for Litchfield man accused of shooting his wife
Published: Wednesday, June 15, 2011
By CHRIS RUELI
LITCHFIELD — In spite of a lengthy argument that ensued Tuesday regarding a motion for disclosure in Litchfield resident John Lavoie’s first-degree assault case, no decision was rendered.
Lavoie, 54, engaged police in a 10-hour standoff after allegedly shooting his wife in November 2009.
Lavoie was previously in custody for nearly two months after he barricaded himself inside his East Litchfield home on Nov. 24, 2009, following an alleged assault on his wife. Police said Lavoie used a loaded shotgun to shoot his wife in the leg. She was able to escape and drive herself to the hospital, but only after she successfully wrestled the shotgun away from Lavoie and escaped, documents detailed.
On Tuesday, attorney Rachel M. Baird, Lavoie’s defense counsel, requested exact duplicates of the computer hard drives that were seized by state police in order for the defense to create their own report during the hearing in Litchfield Superior Court.
Baird called Monique Ferraro, a digital forensics expert at Technology Forensics in Waterbury, to testify regarding the copies of the hard drive that have already been turned over by state police. Ferraro testified she needed the hash values from the computer, something equivalent to DNA or fingerprint identification, in order to determine if she received exact copies of the hard drives. (Click here for Register Citizen article.)
Wednesday, June 15, 2011
Wednesday, June 8, 2011
Research Needed on Peer to Peer
I want to do some research on child pornography, but cannot because only law enforcement can possess it. Recently enacted federal and state statutes have made it so that if anyone other than law enforcement wants to access child pornography they have to do so at a government facility. This post does not address the nine hundred, ninety-nine thousand, nine hundred ninety-nine other reasons why these laws are really bad ideas and do not serve the cause of justice. Here, I’ll only address the issue of the need for research on child pornography and how these laws have limited it.
The situation is actually quite appalling. I have done no less than ten cases lately that follow this pattern. . . . an Internet Crimes Against Children Task Force undercover officer (or a federal agent) utilizes software modified to search for child pornography files on LimeWire and/or one of its cousins (using the hash value from a known value database). Once a hit is obtained, the undercover accesses the shared folder and searches it. Confirming that there is at least one image depicting sexually explicit activity of a minor, the undercover applies for a search warrant for the residence having a nexus to the IP address. The police seize a bunch of stuff, search the computers and find child pornography in the LimeWire directory. Because there are images in the shared folder, the defendant is charged with both possession and at least attempted distribution. At the state level, they’re charging the defendant with possession and attempted promoting (in Connecticut). Possession ranges, depending on how many images, from a class D to a class C felony. Promoting is a class B felony. At the federal level, the distribution charge can carry up to a life sentence and has a mandatory minimum. Now here’s what most concerns me that, in my opinion, should be addressed. . .
Almost every one of these defendants says that the child pornography came down with regular porn or music. I’ve discussed this with law enforcement folks and prosecutors and they blow it off, dismissing my concerns not only as without merit, but as if it were impossible that it were anything other than what they allege. However, I cannot find any empirical research to support either the law enforcement position or the defendants’ assertions. I’d like to find out the truth, though.
There is a dearth of research as to what types of files a user brings down when s/he searches peer to peer software and downloads adult porn, music or other files. Although search warrant and arrest warrant affidavit after affidavit cavalierly assert that the officer “knows” that child pornography was sought and downloaded knowingly by the suspect, is that really true? How do we know for sure?
Here is an example: A suspect unquestionably entered a search for pornography, and a search term was “young.” Ok, so, if that brought 100,000 images of child pornography, the person who received the child pornography would not be eligible to assert an affirmative defense (in a lot of jurisdictions that even have one) because the affirmative defense is limited to three images or so. Say the person searching for the pornography is an eighteen year old and doesn’t want to look at naked pictures of old ladies. I’m not throwing the example out there to be difficult. I’m just asking questions because I’ve seen this exact situation play out more than once. And, I’ve seen defendants spend a healthy portion of their adult lives in prison for it. I’m not taking a position either way. I’m just asking questions, that’s all. It’s an academic endeavor.
Although I’ve worked literally hundreds of child exploitation cases and I trust almost no one, never mind someone charged with a sex offense, I believe it is quite possible for child pornography in fairly large amounts to be downloaded unwittingly along with music and/or pornography from peer to peer software. It is technologically possible, and the search terms used are not sufficiently narrow in many cases to hone in on the child predators.
Of course, there ARE child predators who download child pornography using peer to peer programs and they do use specific terms to do so. Those search terms are not repeated here, although they are fairly widely available online. (This is not a “how-to” guide for searching for child pornography.) However, there is a rather big difference between a term used to gain child pornography and one used for a generic group that embraces a much larger set of images that include protected speech (for instance, compare the search term, “asparagus” which is a child pornography search term to “young” which is a generic term embracing both potential child pornography as well as images that depict pornography but are protected by the First Amendment.
We need the ability to conduct research to determine whether or not the defendants are telling the truth. For crying out loud, doesn’t it behoove us to at least look into the matter if we’re going to send people away for 25 years or even life? This brings us to the problem of limiting access to child pornography. The problem with doing any research into the area of child pornography possession or distribution is that it’s unlawful. Even thinking about doing anything empirical with the material sends shudders down my back and I imagine a SWAT team breaking down my door and being forced to eat some carpet. The only people who can lawfully possess child pornography are law enforcement. That means the defense can’t have it to make any meaningful examination of it in furtherance of one’s defense AND it means that no empirical study can be conducted. That also means that there is no way to determine, for sure, whether or not what law enforcement asserts about intent of the defendants when downloading from peer to peer networks is correct or not.
The prosecution has it not only both ways, they have it all ways. That doesn’t seem fair, and I doubt that was the real intent of the legislation. More likely, the legislators had a more benevolent intent and sought to protect the public. Instead, it’s possible the public is suffering harm because its members are being unfairly or incorrectly charged and convicted of crimes they had no knowledge they committed.
The peer to peer issue is only one area in which child pornography research is needed. We need to know much more about offenders and their proclivities, the size of their collections and the connection to whether or not they actually physically prey on children. These things need to be documented by real academics doing real research, not just law enforcement officers who make statements based on what their “brother officers” believe to be true, or believe they have probable cause to believe is true.
Child pornography and the field of child exploitation is an emotional issue for many, if not most of us. Police officers, therapists, lawyers and judges frequently display visceral reactions to the material. I’ve witnessed it. Is it possible to be objective about something so profoundly emotionally evocative?
Police officers testify as both investigators and as experts when it comes to Internet facilitated child exploitation and that should not be the case. Well, at the very least, there should be some clarity as to what official hat they are wearing when they testify. They should either be the investigating officer or the expert. If acting as the investigating officer, then testify as to the investigation. If the expert, there is a duty to be objective and to testify as to what is known to be factual- not just what the officer ‘feels’ to be true or has heard from other officers.
There are myriad reasons for the dual investigator/digital expert role. The Internet Crimes Against Children Task Force funding program administered by the Office of Juvenile Justice and Juvenile Delinquency Programs has fostered it and the federal law enforcement agencies have fueled the practice. Police officers have been trained to both investigate online child exploitation and conduct digital forensic examinations. Because they play a dual role of investigator and forensic expert, great deference to their assertions has been given. This is true at just about every level of the system, and in all systems- municipal, county, state, federal. There is yet to be, after more than ten years of the ICAC program, a legitimate separation of the forensic science examination from the investigative component with regard to online child exploitation cases.
Nothing good can come of this arrangement over the long term. While born of necessity when the program first began, a separation of the scientific and investigative components is long overdue. Because so much deference is given to the police officer/digital evidence expert, the officer can get away with saying just about anything. So, when a police officer asserts that there was knowledge on the part of the defendant when files were downloaded to a computer, the statement is rarely, if ever, questioned. Take the officer’s testimony and add to it the virtual impossibility of anyone other than the prosecution conducting research to confirm or refute the officer’s assertions, and there you have it- the prosecution has it all ways. . . there is no way for the defendant to ever get out from under a charge with that sort of force militating against him or her.
Am I suggesting that we let anybody download child pornography to conduct “research” (a la Pete Townsend whose defense to a child pornography charge was that he was conducting research)? No. I’m suggesting that we need to develop methods to allow for research on child pornography that allow for empirical study.
Furthermore, we need to fund the study from sources that do not inherently bias the outcome. When the only source of funding for studying online child exploitation is the Department of Justice, motivational bias seems to be axiomatic. (Motivational bias in action: Let’s see. . . we design the study to ensure that we please the funding source. We find what the funding source wants us to find so that we can get continuation funding. If our results are at odds with what the funding source wants, then we figure out how to downplay the results and justify studying the issue again so that we can try to get the results the funding sources wants. . . )
Without academic examination of the phenomena, we will not only learn nothing about it, we will be railroaded by whatever the government says about it. After all, if the government is the only entity that can ever lawfully have it, then the government is the only entity that can tell us anything about it. And, really, do we really trust the government all that much?
Friday, May 27, 2011
Wireless Alone Is Not Probable Cause. . .
Did you hear the one about the Immigration and Customs Enforcement (ICE) agents who woke a Buffalo, New York man and his wife shortly after 6 a.m. when the agents broke down the couple’s back door? Seconds later, the agents were screaming at the man and threw him down the stairs. U.S. Attorney William Hocul and an ICE agent later apologized to the homeowner involved.
According to the Associated Press, an ICE agent had identified the homeowner’s Internet protocol address (IP address) as one using a peer-to-peer file sharing service to download alleged child pornography some two weeks before. The agent connected to the peer-to-peer account using the IP address and browsed the user’s shared files, a typical practice in that sort of investigation. However, in this case the homeowner who was also the identified subscriber of the IP address was actually not the user who had downloaded any child pornography. He was only the subscriber of the IP address. The user who downloaded the alleged child pornography had done so using the homeowner’s unsecured wireless network connection.
Ok, law enforcement makes mistakes from time to time. They knock down the wrong door. They make reparations. They debrief and try to be more careful when they can and life moves on. Probable cause is not proof beyond a reasonable doubt, nor is it proof beyond all doubt. We get that. But that’s not what happened in this case. It is not what happens in any case in which unsecured wireless networks are used to facilitate criminal activity. Not anywhere. Not in Connecticut . Not in any of the cases I’ve consulted on or have knowledge of or that I have reviewed.
In fact, when it comes to wireless networks, the police in Connecticut can be quite cavalier at times. Police will sometimes conduct additional investigation to determine whether the IP address subscriber was likely the same person who downloaded illegal content. More often, however, they do not. Police do not usually investigate whether an IP address is connected to a wireless network, and then attempt to determine whether or not there is more than one computer involved or another computer user. Police, prosecutors, and very often judges, deem it sufficient probable cause that allegedly illegal content was downloaded and that the IP address used to do so is identified in the warrant application.
The AP article quoted Georgetown Law Professor Orin Kerr, who warned consumers to secure any unsecured wireless connections. If we do not, we may be inviting law enforcement officers to roust us out of bed. and find ourselves face down on our living room floor looking at the dust bunnies under our couch with guns trained upon the back of our heads and Vibram soled boots on our backs.
There are two problems with this scenario. First, it shouldn’t be sufficient for police to simply connect an IP address to an address and alleged criminal activity to establish probable cause to issue a search warrant for the home. In our increasingly wired society, unsecured wireless utilization is a fact of life in these United States, but hard data is lacking. As a matter of our civil liberties, why should we even entertain the proposition that a failure to secure our wireless network invites the possibility of being the target of a criminal investigation and subject to a search? This type of seizure involves the search and extended seizure of our property by law enforcement of all of our personal and confidential digital information until we are proven innocent. Good grief, is this the way the Constitutional guarantee against unreasonable search and seizure works in the new millennium?
The second problem with operating on the assumption that the onus is on citizens to secure their wireless networks, rather than assuming that law enforcement will conduct adequate and thorough investigations, is that the police are often not challenged on their assertions and conclusions . Much of the defense bar and many members of the bench have not sufficiently educated themselves as to the technology involved. Our law has developed over the course of centuries, much of it in the analog era, and this new digital technology and shared network architecture poses special challenges to our freedoms. It can be dangerous to blithely follow the admonitions of law enforcement officers who have a smattering of legal knowledge and even less technical proficiency in the networks involved.
The prosecutors who pass along these search warrants along and the judges who sign them may be persuaded by the use of techno-babble and boilerplate jargon. This language may be incorrect or overly broad or even inapplicable to the case at hand. The crimes alleged can overshadow the thoroughness of the investigation, or the possible ‘inadvertent’ errors in the technical mumbo jumbo. Tell that to the innocent homeowner who was thrown down his own stairs at 6 a.m..
As a profession, we have a duty to do better. We’re not stupid, for chrissakes. We have mastered more intimidating foes. For example, how many of us have figured out the child support guidelines that were something of a mystery when first issued? Surely that’s more of a brain teaser than mastering the concepts underlying the Internet and wireless networking.
Because of this ignorance, some people are being wrongly accused. Law enforcement can go too far, but there is no one within the prosecutors’ ranks and few within the defense bar to push back, or to even question what is happening in these cases. Under the theory of "trash in, trash out," some of the case law being developed also reflects this inadequacy. As an urgent matter, the police, prosecutors and defenders need to become more educated about how wireless communications technology actually works and apply basic legal principles to these cases. The reach of technology to the law is broader still. It reaches civil litigation and permeates every aspect of the law and our disposition of justice. To best serve our clients, all of us must master the concepts or we will certainly fail to zealously represent them.
According to the Associated Press, an ICE agent had identified the homeowner’s Internet protocol address (IP address) as one using a peer-to-peer file sharing service to download alleged child pornography some two weeks before. The agent connected to the peer-to-peer account using the IP address and browsed the user’s shared files, a typical practice in that sort of investigation. However, in this case the homeowner who was also the identified subscriber of the IP address was actually not the user who had downloaded any child pornography. He was only the subscriber of the IP address. The user who downloaded the alleged child pornography had done so using the homeowner’s unsecured wireless network connection.
Ok, law enforcement makes mistakes from time to time. They knock down the wrong door. They make reparations. They debrief and try to be more careful when they can and life moves on. Probable cause is not proof beyond a reasonable doubt, nor is it proof beyond all doubt. We get that. But that’s not what happened in this case. It is not what happens in any case in which unsecured wireless networks are used to facilitate criminal activity. Not anywhere. Not in Connecticut . Not in any of the cases I’ve consulted on or have knowledge of or that I have reviewed.
In fact, when it comes to wireless networks, the police in Connecticut can be quite cavalier at times. Police will sometimes conduct additional investigation to determine whether the IP address subscriber was likely the same person who downloaded illegal content. More often, however, they do not. Police do not usually investigate whether an IP address is connected to a wireless network, and then attempt to determine whether or not there is more than one computer involved or another computer user. Police, prosecutors, and very often judges, deem it sufficient probable cause that allegedly illegal content was downloaded and that the IP address used to do so is identified in the warrant application.
The AP article quoted Georgetown Law Professor Orin Kerr, who warned consumers to secure any unsecured wireless connections. If we do not, we may be inviting law enforcement officers to roust us out of bed. and find ourselves face down on our living room floor looking at the dust bunnies under our couch with guns trained upon the back of our heads and Vibram soled boots on our backs.
There are two problems with this scenario. First, it shouldn’t be sufficient for police to simply connect an IP address to an address and alleged criminal activity to establish probable cause to issue a search warrant for the home. In our increasingly wired society, unsecured wireless utilization is a fact of life in these United States, but hard data is lacking. As a matter of our civil liberties, why should we even entertain the proposition that a failure to secure our wireless network invites the possibility of being the target of a criminal investigation and subject to a search? This type of seizure involves the search and extended seizure of our property by law enforcement of all of our personal and confidential digital information until we are proven innocent. Good grief, is this the way the Constitutional guarantee against unreasonable search and seizure works in the new millennium?
The second problem with operating on the assumption that the onus is on citizens to secure their wireless networks, rather than assuming that law enforcement will conduct adequate and thorough investigations, is that the police are often not challenged on their assertions and conclusions . Much of the defense bar and many members of the bench have not sufficiently educated themselves as to the technology involved. Our law has developed over the course of centuries, much of it in the analog era, and this new digital technology and shared network architecture poses special challenges to our freedoms. It can be dangerous to blithely follow the admonitions of law enforcement officers who have a smattering of legal knowledge and even less technical proficiency in the networks involved.
The prosecutors who pass along these search warrants along and the judges who sign them may be persuaded by the use of techno-babble and boilerplate jargon. This language may be incorrect or overly broad or even inapplicable to the case at hand. The crimes alleged can overshadow the thoroughness of the investigation, or the possible ‘inadvertent’ errors in the technical mumbo jumbo. Tell that to the innocent homeowner who was thrown down his own stairs at 6 a.m..
As a profession, we have a duty to do better. We’re not stupid, for chrissakes. We have mastered more intimidating foes. For example, how many of us have figured out the child support guidelines that were something of a mystery when first issued? Surely that’s more of a brain teaser than mastering the concepts underlying the Internet and wireless networking.
Because of this ignorance, some people are being wrongly accused. Law enforcement can go too far, but there is no one within the prosecutors’ ranks and few within the defense bar to push back, or to even question what is happening in these cases. Under the theory of "trash in, trash out," some of the case law being developed also reflects this inadequacy. As an urgent matter, the police, prosecutors and defenders need to become more educated about how wireless communications technology actually works and apply basic legal principles to these cases. The reach of technology to the law is broader still. It reaches civil litigation and permeates every aspect of the law and our disposition of justice. To best serve our clients, all of us must master the concepts or we will certainly fail to zealously represent them.
Monday, May 23, 2011
Finally a new blog...
Well here we are just back in from the CEIC show in Orlando, lots of good stuff there, met a lot of new friends make some new connections. One exciting item wasn't even on the show agenda but we heard the buzz was a new forensic GPS tool...more about that later.
We obviously have a new website and are very proud of it. Still in a bit of evolution but a big step up for us again, wanted to thank our talented team of web designers Steve and Sean as well.
Stay tuned, bookmark us, follow us on Twitter at http://twitter.com/#!/tek4n6
We obviously have a new website and are very proud of it. Still in a bit of evolution but a big step up for us again, wanted to thank our talented team of web designers Steve and Sean as well.
Stay tuned, bookmark us, follow us on Twitter at http://twitter.com/#!/tek4n6
Subscribe to:
Posts (Atom)