Monday, July 23, 2007

IP Evidence and Unfortunate Grandmas

The viability of a great deal of the information contained in the by-now-notorious affidavit of probable cause depends upon law enforcement's ability (or lack of ability) to trace who did what on the Internet and from where. And that gives rise to a couple of concerns for both the prosecution and the defense in this case.

Just how reliable is this kind of Internet evidence?

There have been any number of horror stories of mistaken online identity-- the kind of misunderstandings that send SWAT teams crashing into Grandma's house, convinced that there's child porn on the computer that she uses to email Lemon Square recipes to her sister Flo at the retirement home in Gainesville.

Poor Grandma.



After spinning a few cautionary tales like that, surely a defense attorney can convince a Wilkes-Barre jury that the pile of IP addys that seems to bury Mr. Cuadra and Mr. Kerekes really doesn't add up to a hill of cyber beans, right?

Fair enough. The jurors' eyes probably will glaze over a bit when the prosecution hits that part of their case. One imagines that the Commonwealth will use as little of that information as they can get away with.

However, we might properly recall that as recently as a decade ago, much the same was said by court-watchers about DNA evidence: it's too technical; it's too complex; the jury doesn't have that kind of patience; it will never fly, Wilbur.

They were wrong.

But our efforts here are to get at the truth, not just guess a verdict. So, how likely is it that the police are just plain wrong about some of these damning Internet tidbits?

In general, the actual cases of mistaken online identity come from mistakes in reporting from ISPs in answer to the courts' warrants. That is, the police aren't concocting bad evidence-- nor are they seeking after unfounded data-- no, the ISPs are handing out incorrect information that doesn't match what the warrant outlines.

In other words, in a cyber landscape of dynamic IP addresses and 'ghosting', clerical errors at the ISPs really can incorrectly indicate to police that Grandma was indeed downloading naughty .wmvs.

Grab Grandma's heart pills and cue the SWAT team. Poor Grandma.

But how many times in a row is Grandma's door likely to get knocked down? Clercial errors happen at ISP companies just as often as anywhere else. What tends not to happen is a string of clerical errors at different ISP companies in answer to separate warrants served on separate days. Nor does such a multitude of errors (if errors they be) incorrectly resolve itself in such a way as to point at two people, and only two people: in this instance, Mr. Cuadra and Mr. Kerekes.

The likelihood of such a massive, utter, simultaneous and concomitant failure of all those ISP companies to properly comply with all those different search warrants... well, it's just a tad far-fetched.

-KM