interested in joining authors network, email us for more information.


Archive for the ‘Supervision’ Category

Update: Internet Restrictions, Facebook, and the Courts

November 16th, 2012

Well readers it has been a very busy past few weeks in the cyberspace world and corrections. Where do I begin?  Lets start with the Corn-huskers state, ie,  Nebraska. On October 17, 2012, a federal judge  struck down parts of Nebraska’s new sex offender law, which criminalized the use of social networking sites by sex offenders and also required them to notify the state when they posted material online. The judge also struck down provisions that required registered sex offenders, who were no longer on supervision, to submit to computer monitoring/searches by law enforcement. One issue the judge did not rule on, determining the issue not “ripe”, was a challenge of  the provision requiring a parolees consent to computer searches and use of monitoring software. The decision was very detailed and based upon a hearing in which numerous witnesses testified. Part of the decision noted that much of the language of the statute was “over-broad and unduly burdensome.”  It can be found here.

Now lets go to the sunshine state, California. First off, last week state’s electorate approved Proposition 35, which in part required registered sex offenders provide all their Internet identifiers and the names of their  Internet service providers to law enforcement. The American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF) promptly filed suit to block the law and an injunction was granted by a federal court pending a decision on the law. Then on  November 8, 2012, it was reported that a California appellate court held a 15-year-old juvenile sex offender can’t be completely prohibited from using Facebook, Twitter, or other social-media sites because his offense didn’t involve the Internet. The court noted he had a First Amendment right to use social media and chat rooms. However, in the same ruling the appellate court  found that prohibitions for him from visiting porn Web sites or using software or tools that could hamper probation efforts to manage his computer use were okay.

Finally, let us go across the seas to the United Kingdom.  A court there ordered an Internet ban on a sex offender and the appellate court found the order  “unreasonable”, overturned it, and ordered the offender to provide Internet history to police instead.  It is being seen as indicating that Internet access is a “fundamental human” right there.

Interesting huh? Now just this week there was another development, not a court ruling but important none the less. It was an announcement that Facebook, with the government’s aid,  developed a job listing resource. Per the  the site:

Facebook, the U.S. Department of Labor, the National Association of Colleges and Employers (NACE), DirectEmployers Association (DE), and the National Association of State Workforce Agencies (NASWA) created the ‘Social Jobs Partnership.’ The partnership’s goal will be to facilitate employment for America’s jobless through the use of social networks.

Cool uh? Something to help the unemployed, including ex-offenders, find jobs is a good thing.  But wait, Facebook has a user policy that prohibits  convicted sex offenders from accessing their site. So does that mean that at least 747,408 citizens can’t use a job search resource that was developed with government assistance? By the way the number is likely to be higher than that as Facebook’s policy prohibits “convicted sex offenders”, not just those required to register. Additionally, there are states that have legal statutes that bar sex offenders from social networking sites. How will they be able to use this government partnership program?

Now in fairness, Facebook isn’t actually hosting the job listings.  It is just providing the search feature. But still, it would seem likely that one would need access to Facebook’s site somewhere along the line to use this new service. If a sex offender accesses the service, will they be violating Facebook’s user agreement? Would they be violating a state law somewhere? Who knows? The government has been pushing for employment for offenders because studies reflect it reduces  recidivism, including among sex offenders. Yet, this new government partnership is being run with the aid of a Internet Service Provider that excludes sex offenders from using its site. We want to do all we can to reduce recidivism among sex offenders right? I think this is going to give the ACLU another argument against laws that provide wholesale Internet restrictions for sex offenders. How do you bar all sex offenders access to a government sponsored resource that helps them get a job, make a living, support their family, etc.? But yet how do you keep high risk “predators” from abusing this legitimate access to get at victims? Lot of questions ah?

Here is my suggestion, quit the wholesale legislative restrictions on Internet access. Stop the shotgun approach to managing risk.  Instead provide legal authority for courts and parole authorities to tailor these restrictions based upon the individual needs/risks of a particular case.  This would apply to only supervised offenders and not those whose served their sentences long ago. For what is worth, I don’t see an issue with requiring Internet identifiers being provided as part of sex offender registration. I note that neither did the 10th Circuit Court of Appeals in Doe v. Shurtleff, as long as they were not made public, which is also okay by me. The Supreme Court declined to hear an appeal of that decision by the way. I also don’t have a problem with sentencing enhancements for repeat offenders again using computers and Internet to commit crimes.

It is clear courts on both sides of the Atlantic are starting to get a bit more critical of total Internet use restrictions.  I don’t know if we have reached the point where Internet access has become a fundamental right yet.  With regard to offenders, we are either going to have a more tailored-focused approach or nothing at all.  A tailored approach will require corrections to learn how to manage the risk posed by an offender’s computer use. But for now, I left a cigar burning somewhere. Be safe out there and those in the U.S. have a happy turkey day!

Legal Updates, Supervision

See No Evil Hear Evil: A Correction’s View on the YouTube® Video

October 10th, 2012

My regrets, as I have been meaning to write these last few weeks, particularly with so much that is going on in the world. For instance, we had the recent middle-east riots, reportedly triggered by the  anti-Islam YouTube®  video. We can debate back and forth about whether the YouTube®  video was the real cause of the violence or merely another catalyze to an already volatile situation. Some might argue it was the digital equivalent of yelling “fire” in a theater populated by the world. In the states, as a free society, we tend to be a bit more thick skinned, at least that is the hope.

As we witnessed events unfold it came to light that the purported video source was someone who was prohibited from Internet access due to their correctional status.  The person has been arrested and is facing proceeding to determine if they have violated the terms of their supervision.   Some might argue that the real purpose of the arrest and hearing is to stifle free speech. Others are more on point, that exercising free speech is not the issue. The real issue is offenders can’t lie and violate lawful restrictions while under supervision. We don’t know all the facts of this case. In the end it is in the judge’s hands.

Many of you know I find the whole idea of computer/Internet restrictions intriguing. In this case the person was not allowed online without permission. Media reports are a bit sketchy about computer management conditions imposed in this case, such as use of monitoring software/hardware or searches. Clearly the conditions directed that supervision efforts were to also encompass “cyberspace.”  The question is what conditions or tools were available to help manage the cyber-risk?

While this offender faces a hearing, I read with fascination a story about how another probation officer located a missing juvenile offender using Facebook.® The thing that caught my eye was not that officer used the Internet as an investigative tool. After all, it makes perfect sense that a juvenile probation officer would turn to a media that so many of today’s youth use to communicate and socialize. What caught my attention was that this officer had to use her personal computer as she was prohibited from accessing the Internet from work. So on the one hand you have a world wide story involving a supervised offender’s Internet access, yet this officer’s department prohibits their employees from Internet access at work. Hell, maybe they thought they might view YouTube® videos and start tearing up the place. But seriously, in light of today’s environment, where actions done on the Internet can literally have worldwide consequences, why are probation and parole officers still being prohibited from accessing the Internet from work?

The fact is some officers are being asked to manage offender risk in cyberspace without tools and/or training. It is like being asked to write a movie review but instructed to wear dark sunglasses and ear muffs during its showing. I call it the “see no evil hear no evil” supervision philosophy. To make matters worse officers doing these off hours investigative activities could subject themselves to added risks, such as exposing one’s personal social networking connections to their caseload. Corrections has got to make up their mind. Either they are going to supervise offenders, including in cyberspace, and use all tools at their disposal or turn over this function to law enforcement or the mass media to report on the major supervision violations.  One of the reasons I haven’t written earlier is  I was busy attending the American Probation and Parole Association’s Summer Training Institute, which had over 1,000 in attendance. It was a very professsionally done conference and I was particularly pleased that there were three well attended workshops dealing with managing offender computer risk. Hopefully, more agencies will get the idea that supervision does not end with the “brick and mortar” world of yesterday.  For now I know I left a cigar lit somewhere. Be safe out there.


Three Intriguing Cyber-Offender Questions

June 15th, 2012

I get too few comments on the Three C’s to gauge whether I am accomplishing anything beyond irritating a few sex offenders who follow and accordingly voice their opinion. I wish more probation and parole officers would shoot a comment now and than, even if it is to point out I am off base. I guess they are a wee bit shy to tell me I don’t know what I am talking about. But anyone who runs a website or writes a blog knows there are tools out there that provide insights into what folks are thinking when they visit site and how they got there in the first place. What? You really thought when you visited a website no one knew about it?  Depending upon the tools used a lot can be learned about who visits a website or for that matter a blog. But for those super paranoid,  fear not. For the most part I am not privy to the glandular identification of users . The sole exception is when one posts to the blog their originating Internet Service Provider number and e-mail used is captured.  (Click on the privacy policy of for further details)

This information collection is so a website or blog writer like myself can get an idea of what folks might be interested in or what drives them to the website. It provides us input into what interests our customers or readers. Let me give you an example. Someone does an Internet search on a term, “cigars,” and they are provided a websites listing of sites containing that word or term. From that listing they click on a particular website. Depending upon the tools used the website or blog will be provided information on the search terms used to get to a particular website. So if someone got to the Three C’s with the search term “cigars” I would likely know about it (no it hasn’t happen yet). I have had some interesting search terms for the Three C’s as well as my personal site, which I am going  share and discuss, with a non-lawyer’s expertise (I am not offering legal advice to anyone). Here are the more intriguing ones thus far: 

How Does Probation Monitor Computer Activity?

It depends on the agency. Some do computer searches or get law enforcement  assistance to do them.  Others install monitoring software. Still others rely solely on traditional techniques, such as surprise home visits. Some use polygraphs, specifically for sex offenders. Still others do online investigations and go check social networking sites to see what their offenders are doing online. I should note that in the United Kingdom law enforcement takes a central role in enforcing sexual offences prevention orders. Too many agencies I am sadden to say, ignore cyber-risk completely.  The best practice is to employ multiple techniques.

Can Sex Offenders Use or Access Social Networking Sites (SNS)?

This one also comes under the heading of “What is Facebook’s Policy on Sex Offenders?”  The answer is it depends. Some states have statutes that make it illegal for sex offenders, regardless of being under correctional supervision, from accessing these sites.  Currently, there is a lot of legal action  going on attacking these criminal statutes.  We will see how it turns out.

Additionally, it may be a specific condition of supervision that a sex offender not access a social networking site. This would mean if an offender got on a SNS without permission their supervision could be revoked.

Finally, independent of criminal statutes or supervision conditions, many SNS are banning sex offenders from using their sites. Facebook’s User Policy reflects: “You will not use Facebook if you are a convicted sex offender.” However, Facebook is no longer alone in making sex offenders unwelcome. Recently three dating sites,, eHarmony and Spark Networks signed a joint business principle statement agreeing to check subscribers against national sex offender registries. To my knowledge there have been no cases thus far decided that have ruled that a SNS can’t bar sex offenders from their site.  In summary, check the jurisdiction’s legal statutes/court decisions; correction supervision conditions; and the user agreement of the particular SNS.

Can Probation Officers Hack Your Phone?

My, are we a bit paranoid or what? I am assuming “hack” means access a mobile phone, either remotely or through breaking in without a password. The answer is not without legal authorization, which translates into a court order, warrant and/or condition, subject to your jurisdictions legal requirements.  A probation officer could search a mobile phone with your consent or with specific legal authorization, supported with “reasonable suspicion” that you have broken your conditions. They could also search under some circumstances, such as a specific condition authorizing “random searches.” They could may also search the phone pursuant to an arrest.

Now if you mean “hack” as remotely access the phone, without your knowledge, that would likely require a specific order or warrant. Additionally, I would have a tough time naming many probation officer that have the technical ability and/or equipment to accomplish this task.  The exception would be to install monitoring software on the mobile phone. That is relatively easy, requiring only access to the phone. However, there has to be some legal authorization behind such activity.  Without legal authorization it could be a violation of  law. It simply is not a routine supervision activity.


There is one conclusion that might be drawn from these collective search terms. What you ask? Well, it seems I might be an information source for the offender population. It is kind of interesting that offenders are doing research on what officers are doing in cyber-risk management. I wonder what else they are doing Internet searches on, maybe how to defeat urine screenings or polygraph examinations? Maybe with more offenders asking questions, I might get a few more comments from probation and parole officers. Hopefully, they aren’t “what the heck are you telling my offenders?” Until then I left a cigar lit somewhere. Be safe out there!

Legal Updates, Supervision

Save the Date: American Heroes Radio May 24, 2012

May 9th, 2012

The May 24, 2012, episode of American Heroes Radio features a conversation with Art Bowker the author of The Cybercrime Handbook for Community Corrections: Managing Offender Risk in the 21st Century.

Program Date: May 24, 2012
Program Time: 1500 hours, PACIFIC
Topic: Cybercrime: Managing Offender Risk in the 21st Century
Listen Live


CrimCast Podcast on Cybercrime Handbook for Community Corrections

March 19th, 2012

Check out the cyber-supervision podcast. Thank you CrimCast!


Correction’s Play Role In Keeping Sex Offenders Off Social Networking Sites

March 18th, 2012

Recently, a federal court struck down a Louisiana state law that prohibited sex offenders convicted of crimes involving minors from “using or accessing of social networking sites websites, chat rooms, and peer-to-peer networks.” The ruling found that the law impacted the First Amendment and was unconstitutionally vague. The court further concluded that it could not be cured through administrative regulations. The law covered both sex offenders under supervision and those who had completed their sentence. Additionally the social media definition was extremely broad and could have been interpreted to include the court’s own website. Needless to say the law had some major deficiencies. Louisiana appears posed to give it another go, correcting the deficiencies noted in the decision. The question is should they?

The reality is that social media is so intertwined with living in today’s society that any prohibition is sure to have a negative impact on whether an offender can get a job, find needed services, etc. But then again the dangerousness of an unmonitored sex offender using the Internet is very real. What to do? I read an interesting piece by Eric Goldman about this issue and the pitfalls of the Louisiana law. One thing that he noted was:

The ruling doesn’t require social media sites to allow sex offenders on their sites, and they can still use the Adam Walsh/KIDS Act database to block known sex offender aliases. (Of course sex offenders may not properly report all of their aliases, a general deficiency of the self-reporting database approach). Thus, striking down this law doesn’t immediately open up all of the Internet to the sex offenders. Nevertheless, it does mean that they can use the Internet without inadvertently committing a crime.”

This got me thinking what if more sites followed Facebook’s policy on not allowing sex offenders on their sites. Could enacting laws that prohibit sex offenders who use a site against the user agreement be one piece to this legislative quagmire? Facebook’s policy no doubt came into play because of the bad press some social networking sites got over sex offenders trawling the various social networking sites. They simply didn’t want sex offenders joining up like they had on other sites. I understand why they have this prohibition. They allow minors to join, age 13-17, and wanted a “safe” environment. But what about other sites, particularly those might specifically cater to minors? Do they have such a ban? I was shocked to find out they do not. The user agreements of the big gaming sites, X-Box Online; Playstation; and Nintendo do not ban sex offenders from joining or participating. Even Disney’s Club Penguin, does not have a prohibition against sex offenders joining the site.  In fairness, these sites do bar activities that are illegal, just not individuals that have been convicted of engaging in such activities, such as sex crimes.

So the sites that are  gaming in nature and/or cater to minors do not prohibit sex offenders on their sites. Yet they serve no legitimate purpose for offender reintegration. After all, there is no employment services section on X-Box Online, at least not in the real world. I don’t think giving sex offenders “recreation” in isolation, filled with role playing as well as access to minors is a legitimate reason for allowing them on gaming sites. Interesting, Facebook, which is interconnected with not only individuals but businesses, education, causes, etc. bars sex offender from its site, because a portion of its members are minors. Don’t get me wrong. I understand Facebook’s reason and understand the risk. But there does seem to be something a miss here. Should sites start barring sex offenders from their sites in total?  I think it would start with those which have minors on them and would quickly expand to the entire Internet. After all, with the exception of adult oriented sites,  there are few sites in the mainstream that would want to be known as one of the few locations that allows sex offenders to be members.  But if we allow legislatures to make the decisions you are likely to get sites that are important in rehabilation prohibited as well.  

Legislatures need to start working with corrections department on what is the best way to manage cyber-risk. Corrections obviously has got to step up its game but I think they can come to terms with cyber-risk management.  If they don’t who then? Who is in the best position to judgement offender risk?  Probation/parole departments time to get into the 21st Century and quick belly aching about laws being passed without consideration of the rehabiliative impact.

Additionally, the focus needs to be on sex offenders under a correctional supervision not those who have completed their sentence. I also think states would then be better served by providing community corrections with the tools needed to manage the risk posed by sex offender’s online. This means giving officers the ability to restrict sites that pose a risk for re-offending behavior. It also means allowing officers to restrict hardware and software used by offenders to that which can be monitored and/searched. States should also provide the legal framework for officers to install monitoring software and to be able to conduct computer searches. States should also provide the resources, namely training, software, and hardware to officers for this to occur.

Providing blanket restrictions that just tie the hands of officers and offenders is bad policy. (Please note I am talking about offenders in the community. Note those behind bars. See Why Does Your Facebook Profile have an Inmate Number?) Let those who are experienced in corrections make decisions on managing cyber-risk. Give them guidance but not legal mandates.

Yes, I know there was provisions in the Louisiana law that allowed officers to grant permission but few if any officers are going to go out on a limb to grant an exemption to a sex offender, particularly when they have no tools to manage risk in the first place. Maybe just maybe, states would be better off in directing their corrections to come up with a cyber-supervision policy for their review and approval. I think the American Probation and Parole Association Issue paper  is a good place to start the discussion (disclaimer, I had a hand in writing it!). There are ways to manage cyber-risk. In some cases, such as gaming sites, officers are right to prohibit access. Access to other sites, particularly those that directly impact employment need to be managed not prohibited.

I also would avoid passing restrictions on individuals that have already served their sentence. I have no issue with them having to report Internet identifers as part of sex offender registration but barring them from sections of the Internet, without realizing how interconnected the world and the Internet is is fool-hearty. For repeat sex offenders, particularly those who use the Internet as a tool for exploitation, consider mandatory sentencing that precludes them from being in the real world, let alone the cyber world. Okay, time to find my cigar.

Legal Updates, Supervision

Why Does Your Facebook Profile have an Inmate Number?

February 15th, 2012

In August I wrote an article called Sex Offenders: 1 Supervision Officers: 0  specifically to highlight the need for officers to be able to access the same areas that their offenders are visiting and oftentimes posting to at will. I am sad to say things just haven’t changed since that piece appeared. I am still getting reports that officers both inside and outside prison walls continue to have their Internet access restricted.

It really is bizarre when you think about it. Take for instance Facebook, the current big dog of social networking sites. Offenders are having profiles often times from behind prison walls but the individuals that are suppose to be guarding or supervising them can’t access those sites from work. ( I also like the story out about probation violators posting on the Facebook profiles while they are wanted for violations but I digress).

Yes, I know some states are looking at ways to ban prisoners from having Facebook profiles, two notable ones are California  and recently South Carolina. Facebook and California Department of Corrections and Rehabilitation reportedly entered into partnership in August of 2011 to prohibit inmates from having accounts.  There are some exceptions. The policy does not apply to inmates who created an account before they were sentenced and have not used it while incarcerated. Reportedly, Facebook’s policies prohibit an individual other than the registered user from updating a Facebook account, which would happen when any update occurs…unless of course the inmates is doing it while in prison via a mobile device. Additionally, this described policy is only for states which prohibit inmates from accessing Facebook while in custody.  But none of this inmate or prison specific stuff appears anywhere on Facebook’s user agreement. There is a prohibition to a user allowing another person access their account (Item 8), but that is not specific to inmates.

All this has me scratching my head. Facebook reportedly has a prison policy, which is not part of its user agreement, last updated April of 2011. But there is a report out that California has an agreement with Facebook which points to a rule that they will prohibit inmates from accessing their accounts if they are not allowed to in their state. The last time I checked Internet access was very limited in U.S. prisons. Sure some have e-mail but I have never heard of any state or federal prison system allowing inmates to access Facebook accounts while in custody. At best most systems are silent on the topic. Does that mean approval? Is Facebook waiting until states like South Carolina take legislative action to prohibit access?  Meanwhile while all of this is going on many of those charged with guarding inmates can’t access the Internet or more specifically Facebook. So we can make sure the employees can’t access Facebook but the inmates can do it at will. That makes perfect sense. See no evil hear no evil, etc.

Now many of you are wondering what is the big deal. Let the inmates have Facebook access. What is the worse that could happen? It is not like they could coordinate a riot or attack via a social networking site. No one has done that yet. Nah… these are prisoners…. they wouldn’t do that…. Right!

States need to carefully articulate to Facebook that they don’t want inmates accessing and updating their profiles. Facebook has got to have a policy on this that can be enforced and is posted somewhere. It makes sense that if they had an account before going it that they can have it as long as no updates occur. Corrections has also got to find a way to allow officers both inside and outside of the walls to check on what is occurring in cyberspace before it finds its way into the real world and someone gets hurt. Finally, much of this would go away if prisons could block mobile phones from working in prison. Obviously I am asking for sanity in an insane world. Now where is that cigar at…


Both Sides of Atlantic Take Aim at Offender Risk In Cyberspace

November 30th, 2011

Two news events occurred within the last week that warrant notice.  The first was the announcement by the American Probation and Parole Association (APPA) magazine Perspectives– Fall 2011 of the Issue Paper, “Managing the Risks Posed by Offender Computer Use.” The second was the announcement that Britain was unveiling a new strategy to battle online threats.  Both announcements touch specifically on managing offender computer use. Let’s deal with the first announcement. 

APPA Issue Paper

APPA develops issue papers on topics currently facing community corrections. These papers outline the concerns or considerations of a particular topic in a generally neutral fashion. The APPA, though its Technology Committee, has been wrestling with a cyber-supervision issue paper for well over a year (I know, as I was intimately involved in the process).  The APPA Board of Directors approved the issue paper in September 2011. It was formally announced in the Perspectives last week.  The result is a ten page document which identifies  five components to good computer management in the supervision of people on probation, parole or supervised release. The components are: 1) Obtaining accurate and up-to-date knowledge about what computers a supervisee has or may use; 2) Deciding how to monitor the computer or Internet use (random searches or installing monitoring software); 3) Encouraging venturing beyond the traditional “brick and mortar” world into cyberspace itself by going on-line to find out what offenders are doing on social networking sites and the Internet;  4)  Incorporating complementary technologies, such as GPS monitoring and polygraph evaluations for some high risk cases to augment  computer management; and 5) Requiring officers continue to incorporate field visits, to residences, employment sites, schools and other relevant locations as part of computer management. The paper also discusses the pros and cons of computer searches vs. computer monitoring, noting the ideal approach is to integrate both to provide effective cyber-risk management. Although the paper notes the high percentage of cases involving sex offenders, the discussion is not limited to just supervising sex offenders. It specifically notes all manner of criminal and non-compliance behavior is being committed by offenders using advanced technology and community corrections needs to come to terms with this reality.  Bill Burrell, editor of the Perspectives notes:

With the proliferation of digital technology through our lives, it has become increasingly difficult and impractical to prohibit the use of computers and other digital devices by offenders. Managing the risks falls to probation and parole officers, and it is incumbent upon us to throughly understand and fully exploit the potential of digital technology to monitor and manage offender use of computers and related technology.” (p. 10)

UK Cyber Security Strategy

Almost on que was the announcement  by United Kingdom of its new cyber strategy called  The UK Cyber Security Strategy Protecting and Promoting the UK in a Digital World.  Included in this cyber stragey was the increased use of sanctions, including Internet restrictions against offenders involved in flash mobs or other acts where the Internet or social networking sites were used to cause havoc.  The report notes in part:

4.27 The Government will also work to ensure that law enforcement agencies and the judiciary are aware of the additional powers the courts already have to protect the public when there is strong reason to believe someone is likely to commit further serious cyber crime offences. Computer use may be monitored or restricted under licence conditions when an offender is released, or through a Serious Crime Prevention Order (under the Serious Crime Act 2007). For example an internet fraudster can be prevented from offering goods for sale online. Other orders which may include restrictions on internet use are used to protect the public or victims in cases of sexual offences, harassment and anti-social behaviour. Through guidance we will encourage the judicial system to consider these cyber-relevant sanctions for cyber offences wherever appropriate.

4.28 In addition, the Ministry of Justice and the Home Office will consider and scope the development of a new way of enforcing these orders, using ‘cyber-tags’ which are triggered by the offender breaching the conditions that have been put on their internet use, and which will automatically inform the police or probation service. If the approach shows promise we will look at expanding cyber-sanctions to a wider group of offenders.” (p. 30)

So in a nutshell we have a professional organization for community corrections in the United States noting that officers and agencies tasked with supervision need to come to terms with dealing with cyber-risk.  At a the same time the UK comes out with a strategy that expands Internet restrictions beyond prevention orders typical in sex offense cases to include a “wider group of offenders.”  Unless I am missing something sentencing and correctional professionals on both sides of the Atlantic are starting to take seriously the cyber-risk posed by those accused or convicted of crimes.  The question remains is what may develop out of these two “bits” of news. 

You see in the UK much of the monitoring of offender computer use appears to have been done not by probation officers but by law enforcement. (See Elliot, I. A., D. Findlater and T. Hughes. 2010. “A Practice Report: A Review of e-Safety Remote Computer Monitoring for UK Sex Offenders.” Journal of Sexual Aggression. 16(2), 237-248 for a discussion on computer monitoring). But in the U.S. probation and parole officers are doing the monitoring. Sure some agencies rely on law enforcement assistance for computer searches, but monitoring is deployed and reviewed by corrections agencies.

Will the UK continue using law enforcement to monitor offenders during rehabilitation, reintegration, etc. or will they be forced to back track on their efforts over “big brother” concerns?  Likewise will US correction  agencies embrace 21st Century supervision or will they they advocate for law enforcement taking over a greater role in computer monitoring of these cases?  I doubt that will fly a lot lower in the US than in the UK which has no “First Amendment” concerns.  Maybe the private sector will step into the management role on both sides of the Atlantic as contract agencies offering monitoring service to corrections agencies. The advantage to private sector doing the monitoring is they are not law enforcement but unlike many in corrections, they have the expertise to get the job done. The issue though will be expense. Can they offer a service at a cost that public is willing to pay? 

Personally I see no issue with monitoring computer activities of convicted offenders but there will surely be those who argue that this smacks of “big brother.” I wonder though how these same individuals would feel if these offenders were just kept in prison. Is that a better solution?  What about the rights of  rest of  society which are negatively impacted by cyber-offenders? Don’t they count for something?  We all have to abide by the rules on the roadways, why should the information highway be any different? I think that cyberspace has been allowed to fester with lawlessness for too long without any repercussions to those who think it is their personal playground to stalk, attack, and victimize the rest of us.  The recognition of this fact on both sides of the Atlantic is clear. Equally clear is offender risk management is not going to be the same.  It now is being extended to cyberspace. On that note, where is that cigar I had?

Legal Updates, Supervision

Hackers, Sex Offenders, and All the Rest

October 24th, 2011

Community correction officers and others often equate technological conditions, such as computer searches, monitoring, Internet restrictions, etc. with sex offender supervision. Afer all, there isn’t a day that goes by where an individual isn’t busted for a sex crime in which a computer or the Internet did not play a role. We also have the cases of registered sex offenders violating their conditions and in some cases the law, by accessing social networking sites. Accordingly, it is understandable that many equate computer restrictions/monitoring with sex offender supervision. However, computer restrictions and monitoring go back to the early hacking cases. For instance, Kevin Mitnick, a reformed hacker and now security consultant/author, had numerous conditions imposed in 1999 including the following:

without the prior expressed written approval of the Probation Officer: 1. the defendant shall not possess or use, for any purpose, the following: (a) any computer hardware equipment; (b) any computer software programs; (c) modems; (d) any computer-related peripheral or support equipment; (e) portable laptop computers, personal information assistants, and derivatives; (f) cellular telephones; (g) televisions or other instruments of communication equipped with online, Internet, world-wide web or other computer network access; (h) any other electronic equipment, presently available or new technology that becomes available, that can be converted to or has as its function the ability to act as a computer system or to access a computer system, computer network or telecommunications network (except defendant may possess a “land line” telephone).”

But lets not equate computer restrictions/monitoring to just hackers and sex offenders. It is, however, kind of ironic that these two groups equated with such restrictions are making the news. For instance, the hacker group “Anonymous” reportedly crashed a large collection of child pornography Web sites, and published the names of its patrons.  So for those keeping score, that is Hackers 1 and Sex Offenders 0, oh that is not in binary code either. My money is on the hackers winning the cyberwar against those who victimize kids. But I digress.

Computer restrictions/monitoring conditions do get imposed on non-sex offender and non-hacker cases. Recently, a convicted fraudster, Charles D. Stergios, was released to a halfway house and home confinement. He promptly set about conducting a check kiting scheme via the Internet upon his release and succeeded in getting a second fraud conviction for his efforts. He also was given the following supervision conditions:

Subject always to review by the sentencing judge upon request by either the defendant or the government, the Defendant shall not possess or use a computer to access an online ‘computer service’ at any location, including his employment, without the supervising officer’s prior approval. This includes any Internet service provider, bulletin board system or any other public or private computer network.”

Defendant shall participate and comply with the requirements of the Computer and Internet Monitoring Program (which may include partial or full restriction of computer(s), Internet/intranet, and/or Internet capable devices), and shall pay for services, directly to the monitoring company. The defendant shall submit to periodic unannounced examinations of his/her computer(s), storage media, and/or other electronic or Internet capable device(s) performed by the probation officer based on reasonable suspicion of contraband evidence or a violation of supervision. This may include the retrieval and copying of any prohibited data and/or the removal of such system(s) for the purpose of conducting a more thorough inspection.”

Stergios appealed these conditions, noting in part they amounted to a complete Internet/computer ban. The First Circuit rejected his argument on October 18, 2011, noting he could access the Internet and computers, “as long as he obtains his supervising officer’s approval.” Additionally, if he disagreed with the officer’s decision he could take it to the sentencing judge. The First Circuit noted:

Stergios relied heavily on the Internet to perpetrate his frauds, including opening two checking accounts online through USAA, opening another using an email address, and conducting a number of electronic money transfers. Moreover, Stergios had a history of using the Internet to commit crimes. Stergios’s 2005 conviction involved hundreds of fraudulent Internet transactions on eBay, totaling over $421,000.00. It was therefore reasonable for the district court to find, the second time around, that restrictions on Stergios’s Internet usage were necessary to deter him from committing further crimes.”

Does this mean that we are going to see the flood gates open wide for special technology conditions being imposed in multitude of non-sex, non-hacker cases? I doubt it. However, in cases where offenders continue to misuse computers and the Internet to perperate fraud, those offenders better be prepared survive in a technologically advanced society without a computer, or at least not one that isn’t monitored. It is not an easy road to hoe. Mitnick noted upon his release from those restrictions that: “The greatest relief is that I am no longer subject to any conditions of supervised release” and … “being prohibited from the Internet has been an impediment going forward with my own business.” But again, Mitnick was prohibited from being online for about ten years ending in 2003. That was before Facebook, Twitter, I-Pads, X-Box 360, etc.  I think that the only ones in the U.S. that might not be online now are the Amish…but wait they have mobile phones. Needless to say, not a pretty picture. What does all this mean for the community corrections officers out there? Well, be prepared to see more non-sex and hacker cases with computer restrictions.  On that note, where did I put my cigar at?

PS  BOOK UPDATE: Sent the revised page proofs and index back to my publisher, Charles C. Thomas. Look for The Cybercrime Handbook for Community Corrections: Managing Offender Risk in the 21st Century in early 2012. I, of course, will send out a “tweat” to all my loyal readers and followers when it is available.

Legal Updates, Supervision

The Password is “Trouble”

September 23rd, 2011

Years ago there was a game show called Password where one contestant had to guess the secret word or “password” known by the other contestant. I see Saturday Night Live does a parody on it every once and a while for those too young to know what I am talking about. Well, I am hearing some rather distributing things in regards to passwords and social networking sites that I thought I would delve into here. Lets deal with it first from an officer and offender relationship and then we will move to agency and officer perspective.

Officers and Offenders

 Officers supervising offenders, particularly those dealing with offender computer management, frequently ask for all an offender’s social networking site (SNS) profiles as well as the passwords associated with those profiles. Some sex offender registration agencies are likewise asking for passwords as part of registration. Before SNS became a phenomenon supervision officers frequently asked for e-mail passwords. Obviously, having a password is the key to an offender’s accounts. However, and this is a BIG HOWEVER, having the password and using it to gain access to an offender’s account is a BIG NO! NO!There are legal prohibitions against accessing some-one’s e-mail account or SNS, even if you have the password. Even if one does have permission or authorization, it can create a chain of custody nightmare. After all an offender could allege the officer deleted or sent something from the account. There can be better ways of getting at the information. For instance, directing the offender to log on to the account in your presence and going through it with them, in the presence of another officer.  

So why ask for the password in the first place? Well, it is a good practice to ask for the password in case it is needed later after the appropriate legal authorizations are in place. Additionally, individuals may use a password numerous times. It may be used to log into an e-mail account, SNS, or to log in to their computer or an encrypted file.  Let me explain. You have an offender’s e-mail password and you find a computer later they were not suppose to have. The computer is secured with a password. The offender tells you he doesn’t remember the password. Well the e-mail password might be the same one to unlock the computer. Even if is not, it might be very similar to the password and be of use for password cracking tools in brute force or dictionary attack to access the computer.

Think of it in these terms. Officers are allowed to visit offenders in their homes and even to conduct searches upon authorization. However, I can’t think of any supervision agency that demands an offender provide a key for the officer to enter the home at any time they wish. In short, having the password to a SNS or e-mail account means an officer has the key to the offender’s virtual home. That does not translate into accessing the virtual home at will, even if they are on supervision.

Officers and Agencies

Now lets move on to the officers and their agencies. I have previously noted the concerns with officers posting personal information on SNS. Well some agencies are starting to look at new employees and current officer’s SNS profiles. I see no issue at looking at what is publicly posted on these profiles. However, some agencies are taking a more aggressive position and asking for passwords to their employee’s profiles. They want access to the private areas too. Imagine, officers being subject to a “search” of their personal space as a condition of employment. The next step is obviously having to consent to a search of their home at any time without a warrant.

It really is not that farfetched. Take Google+, which is Google’s venture into creating a social networking site business. If one has a profile on this site the password that accesses it is the same as the user’s e-mail account. Imagine an employer being able to not only search the SNS profile but each and every e-mail sent or received from the user’s account. Oh yeah and Google’s wonderful search engine works just as great on a user’s e-mail account on their server. Google also has Google Documents that allow the user to save letters, resume’, spreadsheets, etc. on Google servers. Yep, those are also accessed by the same password. So as a condition of government employment, an officer has to consent to having their digital life searched…even private information. Now there is an incentive to get a low paying dangerous job! Well, not all is loss. In large part due to the efforts of the American Civil Liberties Union of Maryland, the Maryland Department of Corrections suspended their SNS policy for prospective hires.

So what is the point to all this. Sit down with some legal beagles and hammer out a policy for this stuff. As it stands, offenders can be asked for their passwords but using those passwords to access a SNS or e-mail account without the proper legal authorization will get the officer and their agency in very hot water. For agency’s asking for passwords of their employees or potential employees, don’t even think of asking unless you want a call from your local ACLU. In short, the password for not knowing what you are doing in today’s technological and legal environment can be “Trouble.” By the way my password is CIGAR…. I am of course kidding. Be safe out there!

Legal Updates, Supervision