How NOT to Investigate Questionable Online Behavior

pexels-photo-534204We are being inundated with news of high profile misconduct incidents, notably sexual assault and/or harassment. Many of the reports pertain to dated allegations and most if not, all were never officially reported to the authorities. However, there is one recent case involving 9th Circuit federal Judge Alex Kozinski that did have an “official” inquiry and highlights how NOT to investigate an online case.


Washington Post journalist Matt Zapotosky reported on December 8, 2017,  that Judge Kozinski had allegedly sexually harass court employees. Specifically, he would show porn to staff and ask for their input, including whether it excited them. He also allegedly made sexual suggestive comments, like publicly telling a female court employee she you should workout naked. These incidents were never reported for fear that there would be reprisals from the powerful judge.

However, as noted by Zapotosky the judge was investigated in 2008 for misconduct of a sexual nature.  I would argue that had this investigation been conducted differently it could very well have lead to his undoing and may have detected or prevented conduct that has since been discovered.

The 2008 misconduct came to light after the LA Times ran a story  that Judge Kozinski was running a public website that maintained pornography. By they way this was not just any pornography but involved images which included;

a photo of naked women on all fours painted to look like cows and a video of a half-dressed man cavorting with a sexually aroused farm animal.”

At the time Judge Kozinski was presiding over an obscenity case. After the LA Time story appeared Judge Kozinski declared a mistrial and recuse himself. He also reported his conduct for investigation by the 9th Circuit Judicial Conference.

The matter ended up being investigated by a committee in the 3rd Circuit and not the 9th Circuit, which is kind of interesting. Why that circuit? Why not another? I will get back to that later. Judge Anthony J. Scirica was chair of the committee charged with doing the investigation and noted they completed the following investigative steps:

… by making written and telephonic inquiries; reviewing relevant documents and the image, audio, and video files provided by the Judge; engaging a consultant to advise the Special Committee on certain computer technology issues; and examining the Judge in person, under oath, and on the record.’

pexels-photo-207580The thing that stands out in all this is no one apparently actually examined Judge Kozinski’s server. Let me repeat that for a moment. The case involved a website and no digital evidence was apparently independently collected or forensically examined.  They took the judge’s word for what was on it and received images he provided. There was no forensic examination of this server, which might shed light on the following:

  • What exactly was on the sever, was it legal or illegal pornography?
  • Who accessed the sever and when? (Such as during normal court business hours)
  • More specifically were pornographic images on the server accessed during court hours and by someone working in the judiciary?

Equally troubling is the investigating committee never bothered to ask the 9th Circuit Court for information on whether court systems were used to access Judge Kozinski’s server. We know he admitted that he used the server for sharing files with other judges etc. but we have only his word on what was shared and accessed.

The 9th Circuit system could have provided independent information about what was shared/accessed and when. Imagine how this information might shed a bright light on the allegations being made today. For instance, the 9th Circuit court might have shown that their systems were used to access the judge’s server on a specific time and location (directory). Which would have raised questions about what was accessed and by whom and why.  Remember we now have allegations that the Judge Kozinski was accessing pornography and showing it to court employees.

By examining the 9th Circuit systems in 2008, there might have been evidence of sexual harassment. For instance, logs might have reflected that the court’s systems were used to access the judge’s server at 10:00 a.m. on a workday and the access was to a specific directory and/or file. What was in that directory and what was the file? Was it the judge and who was he with at the time? But those inquires were not made because they never apparently thought computer logs were important in an investigation concerning a website.

At a minimum, one would have thought the investigation would have asked the 9th Circuit for an examination of Judge Kozinski’s work computer to see when and how it interacted with his server. Again, this might have shown access to directories and files that might lead to inquiries of a more troubling nature for the judge.

The investigative report reflects actual digital evidence was not as important as Judge Kozinski’s “unbiased” statements on what occurred. This case had all the earmarks of something requiring computer forensics but that was not done. Imagine any obscenity or child pornography investigation only being conducted by asking the target what they did.

Now one might argue that Judge Scirica committee was trying to be narrow the investigation’s scope and only asking questions pertaining to certain issues. They didn’t want to pry into his personal or private life. Equally compelling is that Judge Sciricia did not want to push the issue about accessing the judge’s work computer and the 9th Circuit system as Judge Kozinski was at the forefront of forcibly objecting to Internet monitoring of judges as reflected by the LA Times in 2001.

Gee, we can only speculate now why he was objecting to monitoring. Maybe, that was why he had the personal server in the first place. He could access porn without fear of an alert because his sever did not have “porn” titles in files and directories that would triggered a notification by a monitoring program.  He noted in his sworn testify that he did not maintain images with suggestive titles making it a tough task to remove porn from various directories. Maybe that was to avoid getting caught looking at porn during working hours.

The accommodation given to Judge Kozinski is the exact opposite of how a Sixth Circuit misconduct committee operated in Judge John Adam’s case. His case centered not on sexual misconduct or financial/ethical concerns but that he was considered recalcitrant by a small minority of his judicial colleagues. Judge Scirica was also involved in a review of that investigation. His committee agreed that is was entirely appropriate for the Sixth Circuit tribunal to demand Judge Adams’ medical records as well as order him to submit to a mental health evaluation as they had broad investigative authority.

So, under Judge Sciria’s thinking it is okay to expand an investigation into one judge’s medical records and compel a mental health evaluation, but it is not appropriate or justified to look at another judge’s work computer and/or personal server concerning inappropriate online conduct. Am I the only one puzzled by that reasoning?

As a side, why agree that Judge Adams should be subject to a mental health evaluation for conduct that basically centers around him being independent minded with his colleagues but not suggesting or ordering a mental health evaluation for a judge who apparently was maintaining images that had an obscene if not bestiality theme? It is any wonder that Judge Adams, with the support of Judicial Watch, has filed suit to have the law allowing such disparate and unjustified actions by the judicial branch declared unconstitutional.

Now recall I mentioned that Judge Scirica is in the 3rd Circuit and Judge Kozinski is in the 9th Circuit. Well Judge Adams is in the 6th Circuit. Considering the apparent differences in how Judge Scirica operates in two different cases one must wonder if his investigative actives are “picked” not based upon his record of thoroughness but on his track record of steering the investigation to the desired conclusion. Based upon the allegations now being made against Judge Kozinski, one can only speculate that these newly disclosed victims could have been spared had a proper and through inquiry been completed in 2008 by Judge Scirica and his committee.

It is troubling that the 2008 “investigation” was completed by a federal judiciary body that should have known better. Investigations involving computer activity must involve the independent forensic collection of all available digital evidence and the examination of that evidence in a forensic manner. To do otherwise is call into question the legitimacy of the activity and the motives of the parties involved. Judge Scirica’s involvement in these two cases support that the judiciary cannot police itself. An independent Inspector General’s Office, with investigative procedures and protocols, needs enacted to ensure that the public is objectively protected against individuals who are appointed for life. On that note I left a cigar lit somewhere. Take care.


Digital Domestic Violence

“Stranger danger” has been used frequently to describe online threats, particularly those facing minors. However, one of the most serious digital dangers facing some individuals is posed by those who likely know the Internet user the best, such as a former spouse or significant other. Increasing domestic abusers are turning to technology to harass, threaten, and/or stalk their victims. This has become known as “digital domestic violence.” Use of technology to stalk or harass, has been since almost since the Internet’s inception. In the mid-1990’s, we started seeing the term “cyberstalking” and cyber harassment being coined in recognition of how individuals were using electronic communications to victimize others. Digital domestic violence (DDV) is more narrowly focused on those who use technology against a former girl/boyfriend or spouse. It can include using the Internet to:

  • Research methods and means to harass or stalk their victims;
  • Keep track and follow their victim’s movements and habits, frequently by accessing social media, either with or without global positioning information;
  • Transmitting and/or accessing computer monitoring software reports installed on victim’s computer or devices;
  • Transmit actual threats or harassment towards their victim; and
  • Facilitate the use of other technologies in DDV, such as GPS trackers, cell phone tracking, and remote video/audio surveillance.

One’s former significant other or spouse, is in a unique position to wreak digital chaos on their victim’s lives. This is because of trust. The victim at some point in the relationship likely trusted their future attacker. With trust can come access to the victim’s computer and/or mobile devices. Prior to the relationship’s termination, the offender may have searched the device, viewing browsing history, e-mails, text messages, etc. They may have also left their e-mail account or social media profile opened. This access also may have allowed the future attacker to install monitoring software unbeknownst to the victim. Monitoring software by the way is very easy to install on computers and mobile devices. It is rather inexpensive, free versions are available, and depending upon the vendor, the results can be reviewed via the Internet, without direct access to the device that it is installed on.

Even if the victim did not provide access to their devices, they may have accessed their e-mail and/or social media from their future attacker’s own device. It isn’t that uncommon for a trusting girlfriend to check on their social media profile or e-mail via their boyfriend’s lap top or computer. They might not have been completely logged off when they were done, allowing the boyfriend to gain access. Even if they did log off, depending upon the offender’s technical sophistication, the password may be able to be recovered from their system at a later date. An unsophisticated offender may have even installed monitoring software on their own computer to capture passwords of unsuspected users for later retrieval. These are not the only methods to gain access to a victim’s digital life. Other cyber-criminal’s rely on methods, such as social engineering, to get passwords. Because of trust, a future attacker, may know their victim’s passwords to e-mail accounts and social media profiles. DDV offenders unlike strangers, know their victims, their friends, their habits, their history, etc.. If they don’t know the passwords, they likely know the answers to challenge questions to reset them. They know a lot about their victims, which can be used to trick them into providing information, getting them to install a program, such as monitoring software, or unknowingly add them as an “old” school friend in their social media circle. Other DDV offenders focus at the start with more direct methods of harassment and/or threats, such as sending messages or posting on social media profiles.

Victims should make sure to print out or take screen shots of all harassing or threatening messages so they can be provided to law enforcement. These posts can be quickly dealt with by reports to law enforcement and service providers and electronically blocking the offender from sending or posting messages. However, if the DDV offender still manages to electronically get to their victim, it may be that they have gotten access to the victim’s accounts and/or installed monitoring software. At a minimum, individuals involved in a bad break up with no violence, need to change all passwords to all accounts. They should also consider removing their former partner from their social media circles or at a minimum imposing restrictions on what they can access. Additionally, it is important to turn off GPS tracking on one’s mobile devices (cell phone, I-Pads, Windows Tablets, etc.) as well as for digital cameras (Digital cameras will embed GPS coordinates in the meta-data of image files created). If it appears that their former partner is still gaining access to them or following them they may wish to either get new devices or have their old ones checked for monitoring software (this can be costly but effective). In cases where violence occurred, victims need to immediately stop using their devices until they are deemed safe and gain access to new or trusted devices. In all cases where DDV is occurring victims need to contact law enforcement and seek help from resources such as those listed below. Obviously, victims should not use an untrusted device to make these contacts as their attacker may be monitoring them. (The National Domestic Violence Hotline is 1-800-799-7233 TTY: 1-800-787-3224).


Daily Tip: How to turn off GPS geo-location for iPhone photos, protect your privacy

Digital Harassment Is the New Means of Domestic Abuse

How to Turn Off GPS on a Cell Phone

How to Turn off GPS on the iPhone

How to Turn Off Location Services on an iPad

Minnesota Center Against Violence and Abuse

National Coalition Against Domestic Violence

Privacy and Domestic Violence

Smartphone Pictures Pose Privacy Risks

The National Domestic Violence Hotline

Turn Off Your Smartphone Camera’s GPS to Protect Your Privacy

What is Digital Abuse?

Revenge Porn: 1st Amendment Issue or Crime?

Stalking and harassing people online has been a pastime of some since the Internet went public. The purpose of online harassment has always been to try and humiliate others by posting rude and offensive information about others that offend and embarrass. A new form of harassment has been coined as “Revenge Porn“, the stated intention of which is get back at former lover for some personal grievance by posting nude pictures taken consensually during the relationship. Revenge sites such as or or its sister domain cater towards this activity. Some sites also have the dual purpose of being a dating site. From an investigative point of view we need to consider careful how we approach this issue due to First Amendment concerns and the general investigative issues related to online investigations.

Criminal behavior is not protected by the First Amendment. As with any crime, an investigator must have an idea of what statutes might be involved. Let’s consider the possible factors that might be present in this kind of behavior besides just a relationship gone bad. First, if one or more of the subjects in the pornographic images are a minor, the investigator is dealing with a sex crime. There are serious penalties for the person who took the image as well the one who posted it or possess it. Additionally, hosting child pornography has serious legal repercussions for any website.

Second, if the image is of an adult, was it taken without their consent, also known as video voyeurism? There are numerous laws that might be involved under such circumstances. The National District Attorneys Association has a nice breakdown by states of the possible statutes.

Third, was the pornographic image stolen from the owner? According to their indictments, Hunter Moore and Charles Evens, the evil geniuses behind, were not just posting images that were submitted but were actively hacking into individual’s email accounts/cell phones to get images. What they were doing definitely violated numerous hacking statutes. It makes one wonder if there were really that many folks submitting their revenge image or were they just hacking into peoples’ accounts and just stealing them.

Fourth, was there an attempt made to blackmail or extort something of value out of victim to prevent the images from being posted? Obviously, there are laws against this kind of activity in every jurisdiction.

Fifth, does the posting fit under general harassment or more specifically under Internet harassment or cyberstalking? Is the posting part of a broader context of harassment against a person? Finally, does your jurisdiction have a statue that specifically covers this conduct? California has done just that with its new Revenge Porn law. The new law makes it a misdemeanor for individuals to take and then circulate without consent such images online with the intent to harass or annoy.   Kevin Christopher Bollaert, the man behind, found out the hard way that the California Attorney General was serious about this method of harassment when he was charged with 31 felony counts of conspiracy, identity theft and extortion.

Absent an affirmative answer to one of the above questions, the investigator may be faced with a scenario of a consensually taken picture of an adult, posted on a website without authorization. Absent the pornographic nature of the image, how many images are posted on websites without specific authorization? You get the idea. Absent a criminal statute, this could simply be considered a civil issue. Key to getting the investigation under way is to answer the following questions:

  1. How old are the individuals in the picture?;
  2. Under what circumstances were the images created (with or without consent)?; 
  3.  How securely were the images kept after being created and who purportedly has them, ie, were they stolen?; 
  4. Were the images posted with or without consent?; and 
  5. Was there a blackmail or extortion attempt made prior to the images being posted or to get them removed?

Answers to these questions will help hone the investigative process and may initially help identify possible suspects if a crime did in fact occur. It may be quite possible that no suspect is identified, such as the case of where the images were taken covertly or were stolen. It then becomes a process of identifying where the images were created and where they were posted. Also as we explained in detail in our book how some images posted online may contain metadata called Exif in the image. This could lead to some possibly useful and identifying information as to the photograph’s source. The investigator may may also have to contact the hosting website and serve legal process to obtain their cooperation.

The process gets much more difficult if the poster anonymously hides their IP address, or the website did not keep any information. If the actual file images can be obtained will they have any meta data that may provide clues to where they were created and how? Clearly, these investigations can be time consuming. Law enforcement has a role to investigate criminal acts but it also has to be prudent in how they allocate limited resources. A true revenge porn incident might be more appropriately handled by civil enforcement action taken by the wronged party.

The problem for the wronged party becomes that search engines crawl websites and frequently capture the posted images from these sites. They are maintained in their cache independent of the revenge site. Also, may be down and no longer running as a revenge porn site but there is still a problem. was archived by the WayBack Machine. As of the writing of this post some of the material from has been removed but not all of it. The result for the victim is that the images that were offensive are now likely archived someplace else on the Internet. You also have to consider how Google and Yahoo and sites like TinEye handle these images in their databases. They have tons of images, which they have in “cache” or maintained somewhere on a server.

Additionally, what happens when the website is hosted in another country? How can you make them remove the image if the website is hosted in Russia? Civil suits can be filed against the hosting company, but extraditing individuals from another country for hosting these illegal images is almost impractical knowing that doing so for child pornography is difficult at best. Trying to get some sanctions for them for posting nude images of former boyfriends/girlfriends would be a major challenge.

The best solution is strengthen the liability and if necessary the criminal statute for someone who maintains the image on their website. There is also always the one thing we recommend that can definitely stop this issue, prevention. Simply don’t let folks take pictures of you with your clothes off! Individuals have to understand that in this day and age the picture you take today can be uploaded and posted for all the world to see in seconds and may never disappear.

PS: This piece was written by both Todd Shipley and Art Bowker

Additional Stories on Revenge Porn

Race To Stop ‘Revenge Porn’ Raises Free Speech Worries

Mom: I found my face on a ‘revenge porn’ website

Judge throws out New York “Revenge Porn” case

Intentan controlar bajo ley el ‘porno de la venganza´

Buscan poner freno al porno de la venganza

Author Interviews

Todd and I have been busy doing interviews about Internet crime and our book. We decided to start providing links to them so our readers can keep up to date with what we are saying, as well as what others are saying about our book. For those writing about Internet crime or our book, shoot Todd or I a message and we will be glad to help you out.

Todd G. Shipley Interviews:

Gary Audin on No Jitter

Collecting Internet Evidence, Part 1, January 24, 2014

Collecting Internet Evidence, Part 2, January 30, 2014

Art Bowker Interviews:


Investigating Internet Crimes: An Interview with Cybercrime Expert Art Bowker, February 7, 2014

Both Shipley and Bowker

American Heroes Radio, hosted by Lieutenant Raymond E. Foster (Retired) 

Introduction to Solving Crime in Cyberspace, December 28, 2013

Questionable Online Investigations: Missteps Outside the Classroom

Last week we discussed the problems that can occur when an uninformed college educator exposes criminal justice students to online undercover investigations without fully understanding the legal nuances of those operations. This generated a lot of feedback on links to the blog article. We did not mean to imply that these missteps only occur in the academic setting. Unfortunately, they happen whenever staff are not properly trained and are then directed to complete online investigations.

We are aware of law enforcement personal doing the same thing that criminal justice students were directed to do, ie, pulling images from the Internet for use in an online undercover profile. In some cases, law enforcement felt it was appropriate as long as they bought the “model’s” picture. This is an ill-advised practice because it exposes the real person to danger as well as the officer and their agency to civil liability if something goes wrong. Additionally, it can give away the profile as being a “fake,” defeating the purpose for its creation. Again, the real person might be identified. It may be true the model sold their picture but that does not mean they wanted it used for conducting undercover online investigations.

Missteps are not only being committed by law enforcement. We cite in our book several cases where attorneys either directly or through advice participated in legally questionable online undercover activities. In one case a prosecuting attorney impersonated a defendant’s friend online to obtain proof that a witness was lying during a criminal trial. In another an attorney gave the go ahead for an investigator to take over a minor friend’s social networking profile, to obtain access to the minor’s restricted pages in order to get evidence for a civil suit. None of these examples ended well for the attorneys involved.

We devoted Chapters 9, 10, and 11 to covering various aspects to initiating, conducting, maintaining, and managing undercover online investigations. But don’t take our word for how good our book is conducting Internet investigations. Take a look at the following comments from respected law enforcement professionals:

Larry D. Johnson, Current CEO at Castleworth Global LLC, Former Chief Security Officer at Genworth Financial and Special Agent in Charge, Criminal Investigative Division, USSS, Retired, noted:

“This book offers the most comprehensive, and understandable account of cybercrime currently available to all different skill levels of investigators. It is suitable for novices and instructors, across the full spectrum of digital investigations and will appeal to both advanced and new criminal investigators. It will no doubt become a must have text for any law enforcement or corporate investigator’s investigative library.”

Lieutenant Raymond E. Foster (Ret.) Los Angeles Police Department, author, and host of American Heroes Radio, observed:

“Another strength to this book is that is very easy to read and in my opinion it needs read not only by the guys who are going to be doing these investigations but I think supervisors and managers out there need to take a look. … It is written for many levels within an organization.” (The entire show is here American Heroes Radio)

Neal Ysart, Director First August Ltd, Information and Corporate Risk Services writes:

“At last….. Informed, pragmatic guidance from two highly experienced professionals who have actually spent time on the front line, not just the classroom. This book is relevant for practitioners working in both law enforcement and within business – every aspiring cyber investigator should have a copy.”

Jim Deal, United States Secret Service (Ret.) and original Supervisor of the San Francisco USSS Electronic Crimes Task Force notes:

“Cyber-crime, internet fraud, online predators…we think they’re being addressed until we become the victims. Today’s law enforcement is ill-prepared to address against national security, let alone against our law-abiding citizens. Todd Shipley and Art Bowker are able to communicate what law enforcement responders need to know before they get the call – the information in this book must become a mandatory reference for law enforcement agencies everywhere.”

Criminal Justice Student gets A, Perverts Get Off, and Instructor Fails

Todd and I wrote our book for individuals conducting Internet investigations, be they criminal or civil in nature. We made a very conscious effort to include real life cautionary tales of what not to do when conducting online investigations.  One area we stressed concerned online undercover operations and that they were not the same as “role playing” for fun or fantasy. We just heard of a recent real life story involving a major college criminal justice studies (CJS) program. It really shocked us and demonstrates the need for our text in today’s law enforcement training and criminal justice degree programs.

The university mentioned has a respectable CJS undergraduate, which has areas of focus on law enforcement, cyber-defense, information security, terrorism and forensics.  Its graduates go on to obtain careers in law enforcement, intelligence and security officers.  The description could apply to any one of a number of colleges and universities if instructors are following the same kind of in class lab project.  This university’s program has a class focusing on technology and law enforcement, again not unlike numerous other classes in vogue in degree programs around the county.  Many such classes go by names such as cybercrime, Internet, or computer investigations. This particular CJS program class has a hands-on component, which allows undergraduate students to purportedly experience what it is like to actually conduct an undercover online investigation. Yep, we said “undercover online investigation”.   One of the students described the class as follows:

The course is taught by a 10 year plus instructor, experienced in computer security and CJS. The class size is about 30 students and uses a computer lab on the campus. The course is for sophomores and above and has been taught for two or three years.   It is a very popular course on campus, because of this “hands-on” component.  One required exercise in the course is for each student to create a fake e-mail account and Facebook profile of a 13-year old minor and to proceed online and to enter various chat rooms pretending to be a juvenile. The students are advised to pull a picture off the Internet of a minor to complete their profile for this exercise. The exercise occurs over three or four class sessions.  Software is used to record chats and take screen shots of the sessions. Students are then required to submit a “worksheet” of their experiences. The only cautionary directive the instructor gives is if they are sent child pornography they are to report it immediately, in which case the hard drive is “preserved.”

Well, we clearly have some areas of concern about this exercise.  First, none of these undergraduate students are sworn law enforcement officers.  Neither Todd nor myself have ever heard of undergraduate students being required to conduct actual  undercover investigations as part of a course requirement.  Clearly, if something bad happens, the students are woefully unprepared for what follows.  Additionally, because they are not sworn law enforcement officers, they could be criminally and civilly liable for problems that may occur. Then there are also chain of custody issues when something illegal is discovered. They are not trained in how to collect and preserve evidence, which of course our text covers in great detail and goes beyond merely recording chats and taking a few screen shots.  Even Dateline’s to “Catch a Predator”, which had law enforcement involvement and still ran into numerous legal problems. We spent a lot of time in our book discussing policy and the appropriate process for setting up a system and preparing law enforcement officers for online undercover work. There is much more to it than just Googling a name or a website.

One of the most disturbing things about this exercise was the use by the 30 CJS students of REAL minors’ pictures in their profiles, pulled from who knows where on the Internet.  What would the parents of these minors feel like if they knew that their child’s picture from a sporting event or school website was used in this manner? How would you feel if your child’s picture was used to demonstrate how undercover online investigations into sexual exploitation transpire?  Now, how would you feel if we told you there was a way for those perverts to identify and locate your child from those images that were pulled from the Internet? Yeah, we know.  Not good.

It is unclear what happen to these profiles after the exercise ended. It did not appear that these fictitious profiles were deleted. Additionally, the profiles were used for several different class sessions. This means that even if the profiles were deleted, they may still exist as they were probably crawled by a search engine while they were still active. It is tough to get that genie back into the bottle once it is online. So the effect of this exercise may go well extend beyond the timeframe of a single class semester. These profiles were no doubt created to facilitate interaction of a questionable nature with a pervert. The problem is the profiles likely still exist somewhere (anyone look at the Internet Archive lately), including a picture, used without the permission of the parents of minor, waiting for some sex offender to find them.

Again, we noted in our book, investigators have to be extremely careful with using images because there are sites, such as Google Image and Tineye, that can be used to show if that image has appeared elsewhere on the Internet. So taking the image from a profile and running it through one or both of these programs may show where on the Internet it also appeared.  If the image was pulled from say a school website, a person could possibly identify the name of the real minor, the school, and their general location, and not the identity of the CJS student who created the fictitious profile.  No one would want images of loved ones posted on a profile designed to entice pervert until  the Internet runs dry of electrons.

Additionally, the 30 CJS were instructed to collectively violate Facebook’s terms of service agreement for this class exercise.  There have been civil suits filed by several Internet Service Providers for individuals collectively creating fictitious profiles. LinkedIn and Yelp are two such companies that come to mind. Granted in these examples they were used for deceptive practices or to commit fraud, but is exposing an unsuspecting minor to real dangers any better?  It deserves repeating that we discuss these issues in great detail in our book and note that investigators and their agencies must have well thought out policies and procedures dealing with these legal concerns, before undertaking undercover online investigations.

In our example, one CJS student hit the “jackpot” so to speak. One Internet target thought the CJS student was really a 13 year old female and sent the CJS student links to child pornography.  The student, apparently at the professor’s instruction, sent the pervert a “link” so they could capture his IP address (Anonymizing techniques must be taught in another class). This student also received an online invite to meet up in the real world for sex from another individual responding to the CJS students fake profile.  What is incredulous is that the student got an “A” for the assignment.  We don’t even want to know how they identified that the “links” went to actual child pornography. 

Apparently, the rest of the class engaged in chat conversations with numerous individuals who thought they were minors. Frequently, these individuals masturbated on webcams to the students as well. So these perverts “got off” and the CJS students got disgusted. Law enforcement was notified about the child porn links being sent. But this is not going to be an easy case, particularly with the chain of custody concerns presented, not to mention testimony and evidence collection and documentation.

This should never have occurred. These concerns are not mitigated in a college classroom setting, students and teachers do not have an exemption from general legal principles, particularly when they are apparently ignored. Todd and I would both give this instructor an “F” for failing to provide the students with a useful learning environment.  We are confident that anyone reading our book would realize that without the proper structure and policy that this is a big no no. We wrote our current book intending to help prevent these kinds of situations so things like this don’t happen. This is particularly true for in programs that are training future law enforcement officers and investigators.  A copy of our book is on the way to this instructor. Hopefully we can correct his teaching approach to ensure that his students actually are prepared for their future in law enforcement. On that note I left a cigar lit somewhere.


Cutler, J. (2013, August 20). Yelp Sues Firm That Sued It for Coercion, Alleging Posting of Fake Favorable Reviews. Bloomberg Law. Retrieved from

Gold, M. (2008, June 24). NBC resolves lawsuit over ‘To Catch a Predator’ suicide. Retrieved from

Gullo, K. (2014, January 7). LinkedIn Sues Unknown Hackers Over Fake Profiles. Bloomberg Technology. Retrieved from 







Investigating Internet Crimes is Coming!

Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace is coming this Fall!

Todd G. Shipley and Art Bowker have started writing a new text titled “Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace”, due out during the Fall of 2013.

The book is set to be released November 15, 2013. This book intends to be the basic source for investigators new to Internet investigations and solving crimes in cyberspace.