Houston, Texas' KHOU reports that 41-year-old John Henry Skillern was caught sending explicit images of a young, underage girl to a friend. David Nettles of the Houston Metro Internet Crimes Against Children Taskforce told the station that Skillern believed he could get around being caught by sending those images via email. Clearly, he was wrong.
After receiving word of the images, local authorities grabbed a search warrant and investigated Skillern's house. They found child porn on his phone and tablet, and text messages and emails describing his obsession with children. He also had videos of children who visited Denny's where he served as one of the restaurant's cooks.
Skillern is already registered as a sex offender, as he was convicted of sexually assaulting an 8-year-old boy in 1994. He's now charged with one count of possession of child pornography and one count of promotion of child pornography. His bond has been set at $200,000, KHOU reports.
So who ratted this guy out? Google did. The company scanned his email and detected explicit images of a young girl. The company then contacted the National Center for Missing and Exploited Children, which got the ball rolling on getting this guy arrested.
This is a touchy subject. On one end, we have a potential child molester who clearly needs to serve more time behind bars. On the other end, we have a company that's scanning our emails. Which one is more in the wrong here? Skillern is of course, but it's scary to think that Google is peeking into its Gmail users' accounts. Then again, Google's actions pulled a child predator off the streets.
But what if Google makes a mistake? What if a father sends a picture of his teenage daughter, taken at the beach, to grandmom showing that the family is having fun on a vacation? There's nothing wrong with the picture, but Google spies the images and sends the local authorities banging on Dad's door. The man is innocent, but his reputation is damaged because now he looks like a predator to friends and neighbors. Yay Google.
With that, we'd like to ask Google just where the line is drawn. We'd like to ask how these attached pictures are scanned. Is Google reading our emails too? Is it scanning all of our images? Most importantly, has the company ever been wrong?
Don't take this article the wrong way; I'm not defending Skillern. If it hadn't been for Google, he would continue to hunt down innocent children. I applaud Google for cleaning up some trash, but I'm concerned about Gmail users and their right to privacy. If one email is scanned, then you can bet ALL emails are scanned to some extent.
“Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored,” Google’s Terms of Service for Gmail states.
UPDATE: After reports of Skillern’s arrest began to surface, Google came forward and briefly explained its image scanning policy. An email from a company representative explained that every child sexual abuse image is given a unique “fingerprint.” This allows the company to immediately detect illegal images without the staff having to actually to take a peek. This is the case with all Google properties, not just with Gmail.
"It is important to remember that we only use this technology to identify child sexual abuse imagery -- not other email content that could be associated with criminal activity (for example using email to plot a burglary),” the spokesperson told the AFP.
The National Center for Missing and Exploited Children (NCMEC), based outside Washington, said in a separate email to AFP that federal law requires companies like Facebook, Google and Microsoft to report suspected child porn to the “CyberTipline.” These reports are then sent to local authorities for a possible investigation.
“Google has a zero-tolerance policy against child sexual abuse imagery,” Google’s Gmail Program Policies currently states. “If we become aware of such content, we will report it to the appropriate authorities and may take disciplinary action, including termination, against the Google Accounts of those involved.”
Follow Kevin Parrish @exfileme. Follow us @tomshardware, on Facebook and on Google+.
Detective David Nettles, from the Houston Metro Internet Crimes Against Children Taskforce, said Skillern used a Gmail account to e-mail a friend three explicit photos of a young girl.
Google's terms of service clearly state that e-mails are analysed, and that any lawbreakers will be reported to the authorities.
'Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection,' the terms say.
Information the firm gathers can be passed on for a number of reasons, including to 'protect against harm to... our users or the public as required or permitted by law'.
Since 2008 Google has used technology known as 'hashing' to tag known child sexual abuse images.
That allows copies of those images elsewhere to be detected by computer software without humans having to view them again.
Each image is encrypted, catalogued and assigned a unique ID number which is then tested against images being sent from Gmail accounts to see if they match.
More sophisticated ways of detecting abuse images are being detected all the time.
Last summer Google revealed it was launching a Child Protection Technology Fund worth $2million to encourage the development of more precise software.
electronic communications privacy act
The Electronic Communications Privacy Act (ECPA) , which was signed into law in 1986, amended the Federal Wiretap Act to account for the increasing amount of communications and data transferred and stored on computer systems. The ECPA protects against the unlawful interceptions of any wire communications--whether it's telephone or cell phone conversations, voicemail, email, and other data sent over the wires. The ECPA also includes protections for messages that are stored--email messages that are archived on servers, for instance. Now, under the law, unauthorized access to computer messages, whether in transit or in storage, is a federal crime.
There is a clause in the ECPA, however, that permits employees at an internet service provider (ISP) to read the messages in order to maintain service or to immure the provider itself from damage. For example, if an ISP suspects that a virus is being disseminated via its systems, it has a right to intercept messages to determine whether its service is, indeed, a carrier of a virus.
Like traditional wiretapping, the ECPA allows the government to obtain a warrant to access electronic communications or records. The first "data wiretap," for example, was used to apprehend some of the principal actors in the Phonemasters case.
Interestingly, the ECPA itself was amended by Congress in 1994 when the Communications Assistance for Law Enforcement Act (CALEA) was passed. The amended ECPA required telecommunications carriers to modernize their equipment so that they comply with authorized electronic surveillance. Three prominent advocacy groups--the American Civil Liberties Union (ACLU), the Electronic Frontier Foundation (EFF) and the Electronic Privacy Information Center (EPIC)--opposed the law. In a 1998 joint statement, the organizations said that they "continue to oppose the funding of , an FBI-backed law that--despite the record levels to which law enforcement wiretapping has soared--would require the telecommunications industry to build enhanced digital wiretapping capabilities into the Nation's telephone system."
Other Federal Laws
There are other laws in the federal statutes that have been applied to hacker cases. These laws aren't designed specifically to counter computer crime, but have been applied to certain cases when existing law has proved inadequate in scope:
Economic Espionage Act
Enacted in 1996, the Economic Espionage Act (EEA) has both domestic and international components and condemns foreign espionage as well as theft of trade secrets. It has been used to prosecute industrial espionage through traditional means as well as the newer electronic pilfering methods. In essence, the EEA makes it a federal crime to take, download, receive, or possess trade secret information obtained without the owner's authorization.
Wire Fraud Act
The Wire Fraud Act makes it illegal to use interstate wire communications systems, which ostensibly includes the internet, to commit a fraud to obtain money or property. In addition, computer-aided theft involving the use of interstate wires or mails is considered criminal.
National Stolen Property Act
The National Stolen Property Act (NSPA) prohibits the transportation in interstate commerce of "any goods, wares, securities, or money" valued at $5,000 or more that are known to be stolen or fraudulently obtained. Computerized transfers of funds have been covered by this law.
Identity Theft and Assumption Deterrence Act
The Identity Theft and Assumption Deterrence Act (ITADA) was passed by Congress in 1998. It criminalizes identity theft and allows courts to assess the losses suffered by individual consumers. According to the act, identity theft is defined as follows:
Whoever knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or otherwise promote, carry on, or facilitate any unlawful activity that constitutes a violation of federal law ...
Therefore, anyone who steals any name or number that may be used to identify a specific individual is committing a federal crime and may be forced to pay damages. While the CFAA covers certain aspects of identity theft, the ITADA addresses restitution and relief for the victims.
According to a March 1999 study in Information & Communications Technology Law, 33 states have enacted their own laws to combat computer crime, while 11 more have laws pending in state legislatures. The laws from state to state vary widely in structure and wording, but not in intent. Almost all of the present state laws criminalize the unauthorized access to or use of computers and databases, using a computer as an instrument of fraud, and known and foreseeable acts of computer sabotage.
By nature, however, state laws are limited in scope. While most law enforcement has historically been left to the states, states are ill-equipped to deal with the extraterritoriality of computer crime. State law enforcement agencies cannot execute search warrants, subpoena witnesses, or make arrests beyond their own borders. Yet computer crimes are hardly ever confined to a specific locality. The "Morris Worm," for example, ultimately crippled 6,200 computers all over the country.
Most experts agree that the CFAA affords the broadest protection against computer crimes.
drugs, porno and much more they're wrong. And their attitude is spoiling the concept of an open Internet. I run it as a means for those in censored and blocked country's
for the sake of freedom of speech. Too many want to use that for every illicit possibility they can for the sake of it. Who raises these punks? a: Mommy.
spoiled little selfish whining creeps without much backbone to hold up their whining big mouths. And they're all male little twits. Without any real maturity.
People do have the right to hide certain things especially considering there are still some powerful people in even the USA government who wish to persecute and even prosecute people for being gay. Thankfully USA does not currently execute gays like some countries do.
Also, you are forgetting industrial espionage. Companies spend billions of dollars to research and invent things and if someone secretly can just access all their top secret data, then that billions of dollars could have been completely wasted and put them into crippling debt that they may never recover from which will bankrupt them and utterly destroy them to the point where scientific advancement could cease to exist with apocalyptic consequences for humanity.