Feeds

NH judge throws out paedo chat-log evidence

Chat, Copy, Paste, Prison

  • alert
  • submit to reddit

High performance access to file storage

When a New Hampshire judge threw out chat-log evidence against an accused pedophile, he illustrated just how jumbled and confused Internet privacy law can be, writes SecurityFocus columnist Mark Rasch.

You are engaged in a chat session with some friends and colleagues, when one of them makes a witty remark or imparts a pithy bit of information. You hit CTRL-A and select the conversation, then copy it to a document that you save. Under a little-noticed decision in a New Hampshire Superior Court in late February, these actions may just land you in jail.

New Hampshire is "two-party consent state" - one of those jurisdictions that requires all parties to a conversation to consent before the conversation can be intercepted or recorded. The decision is the first of its kind to apply that standard to online chats, and the ruling is clearly supported by the text of the law. But it marks a blow to an investigative technique that has been routinely used by law enforcement, employers, ISPs and others.

On 22 August, 2002, as part of his official duties, Detective Frank Warchol of the Portsmouth, New Hampshire Police Department signed on to a chat room on America Online, posing as a fourteen-year-old girl. We all know what happened next. A man named Roland MacMillan also signed on to the chat room, and solicited what he believed to be the 14-year-old for sexual acts. Shortly thereafter Mr MacMillan was arrested.

Detective Warchol - in keeping with good evidentiary procedure and knowing that the record of the conversation would be important to preserve - used screen capture software to essentially make a "video" of the online chat room conversation. The software created a record of the chat session that did not previously exist. The New Hampshire detective then transferred this "recording" to another computer for both preservation and analysis by essentially copying and pasting. It was this capture and recording which was used against MacMillan in court - or, at least, was almost used.

Before trial, Mr MacMillan's attorney filed a motion in limine to suppress the results of the recorded conversation as a violation of the New Hampshire wiretap statute. You see, New Hampshire law makes it illegal to engage in "the aural or other acquisition of, or the recording of, the contents of any telecommunication or oral communication through the use of an electronic, mechanical, or other device" without consent. MacMillan's attorney argued that the making of the recording violated this statute.

While the US federal wiretap law, the UK Regulation of Investigatory Powers statute, and many US state laws provide a similar definitions of "interception" and unlawful interception, the New Hampshire statute requires that the recording of the conversation be made with the consent of all parties of the conversation - not just one of the parties. Thus, the New Hampshire judge had to decide, essentially, two questions: did the Detective make a "recording" of an electronic communication, and was this done without the consent of one of the parties? The answer to both of these questions was, yes.

On 23 February, Rockingham County Superior Court Judge Robert Morrill ruled that the results of the copy and paste were an unlawful wiretap, and that they could not be admitted into evidence. He could have gone further and found that the policeman committed a state felony by both making the initial screen capture, and again by transferring it to the other computer, and again when he "disclosed the contents" of the illegal copying either to the prosecutor or to the court.

Judge Morrill concluded: "If Detective Warchol had not taken these acts, the words of the online communication would no longer exist after the program was exited or the computer was shut down." This was not to suggest that the police could not have "captured" the communication - only that they could not have done so without either a warrant or the appropriate Attorney General approval.

High performance access to file storage

More from The Register

next story
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Nokia offers 'voluntary retirement' to 6,000+ Indian employees
India's 'predictability and stability' cited as mobe-maker's tax payment deadline nears
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.