US court okays malware in hunt for Web paedos

Close to the line

A US appeals court last week gave tacit approval to the use of Trojan horse viruses as a tool in investigating crimes on the Net.

The federal appeals panel ruling stems from a case in which a hacker "uploaded a file to a child porn newsgroup that made it possible to track who downloaded files from the service", News.com reports.

The uploaded file contained the SubSeven virus, which enabled the cyber vigilante to root around suspect computers. He then tipped off the police, who used this information in subsequent investigations.

It's difficult to see how "evidence" obtained in this way could be seen as anything but hopelessly tainted. After all, if someone has gained control of a suspect's computer couldn't incriminated material be planted? Certainly any shrewd defence autorney would suggest so, injecting doubt into what could otherwise be a clear cut case.

However the legal arguments in this case focus on whether or not this behaviour violated US constitutional protection against illegal search and seizure.

A US District Court judge in Virginia thought the tactic violated a defendant's rights - but the appeals panel disagreed. It reversed the decision, even though judges said law enforcement operated "close to the line" in the case.

The appeal court drew a distinction between the police using information from a third party after the fact and encouraging the vigilante's' actions in the first place.

"In order to run afoul of the Fourth Amendment, therefore, the government must do more than passively accept or acquiesce in a private party's search efforts," the judges wrote. "Rather there must be some degree of government participation in the private search." ®

Related Stories

Trojan defence clears man on child porn charges (UK case)
Reg duped by crime-busting D.I.R.T Trojan
Super DIRT Trojan to infect indiscriminately

Sponsored: Today’s most dangerous security threats