Feeds

NH judge throws out paedo chat-log evidence

Chat, Copy, Paste, Prison

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

When a New Hampshire judge threw out chat-log evidence against an accused pedophile, he illustrated just how jumbled and confused Internet privacy law can be, writes SecurityFocus columnist Mark Rasch.

You are engaged in a chat session with some friends and colleagues, when one of them makes a witty remark or imparts a pithy bit of information. You hit CTRL-A and select the conversation, then copy it to a document that you save. Under a little-noticed decision in a New Hampshire Superior Court in late February, these actions may just land you in jail.

New Hampshire is "two-party consent state" - one of those jurisdictions that requires all parties to a conversation to consent before the conversation can be intercepted or recorded. The decision is the first of its kind to apply that standard to online chats, and the ruling is clearly supported by the text of the law. But it marks a blow to an investigative technique that has been routinely used by law enforcement, employers, ISPs and others.

On 22 August, 2002, as part of his official duties, Detective Frank Warchol of the Portsmouth, New Hampshire Police Department signed on to a chat room on America Online, posing as a fourteen-year-old girl. We all know what happened next. A man named Roland MacMillan also signed on to the chat room, and solicited what he believed to be the 14-year-old for sexual acts. Shortly thereafter Mr MacMillan was arrested.

Detective Warchol - in keeping with good evidentiary procedure and knowing that the record of the conversation would be important to preserve - used screen capture software to essentially make a "video" of the online chat room conversation. The software created a record of the chat session that did not previously exist. The New Hampshire detective then transferred this "recording" to another computer for both preservation and analysis by essentially copying and pasting. It was this capture and recording which was used against MacMillan in court - or, at least, was almost used.

Before trial, Mr MacMillan's attorney filed a motion in limine to suppress the results of the recorded conversation as a violation of the New Hampshire wiretap statute. You see, New Hampshire law makes it illegal to engage in "the aural or other acquisition of, or the recording of, the contents of any telecommunication or oral communication through the use of an electronic, mechanical, or other device" without consent. MacMillan's attorney argued that the making of the recording violated this statute.

While the US federal wiretap law, the UK Regulation of Investigatory Powers statute, and many US state laws provide a similar definitions of "interception" and unlawful interception, the New Hampshire statute requires that the recording of the conversation be made with the consent of all parties of the conversation - not just one of the parties. Thus, the New Hampshire judge had to decide, essentially, two questions: did the Detective make a "recording" of an electronic communication, and was this done without the consent of one of the parties? The answer to both of these questions was, yes.

On 23 February, Rockingham County Superior Court Judge Robert Morrill ruled that the results of the copy and paste were an unlawful wiretap, and that they could not be admitted into evidence. He could have gone further and found that the policeman committed a state felony by both making the initial screen capture, and again by transferring it to the other computer, and again when he "disclosed the contents" of the illegal copying either to the prosecutor or to the court.

Judge Morrill concluded: "If Detective Warchol had not taken these acts, the words of the online communication would no longer exist after the program was exited or the computer was shut down." This was not to suggest that the police could not have "captured" the communication - only that they could not have done so without either a warrant or the appropriate Attorney General approval.

Remote control for virtualized desktops

More from The Register

next story
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.