Where was the school's filter?
While the Norwich school's Information Services Director Bob Hartz reportedly told a school board hearing in January 2007 that the school was running Symantec's WebNOT filtering software [Editor's note: SecurityFocus is owned by Symantec Corp], Hartz stated that the automatic update feature was not activated – possibly due to an unpaid invoice. Thus, for at least three months, the system was not blocking many pornographic websites, including the ones seen by the 7th grade class. There did not appear to be any kind of adware blocking software on the school machines. This could explain why there had never been an incident involving pop-ups prior to that date, and – assuming, as Hartz later told the school board, a new filter was installed (and updated) it hasn't happened since. Filters aren't perfect – but outdated filters are much less than perfect. Now who again exposed the kids to materials that impaired their morals?
Now I am not suggesting, without a full review of the evidence, that it was impossible that Ms Amero voluntarily visited the porn sites while sitting as a substitute teacher in the 7th grade class. Stranger things have happened. I also don't think that the mere presence of spyware, adware, or even remote control or Trojan horse software should act as a perfect defense to any crime or fraud that someone might conduct. This is not a "twinkie-defense" – "gee, I have malware, you can't convict me of anything". I have previously written about the so-called Trojan horse defense to allegations of hacking or downloading pornography. Indeed, the defense may be misused, and only an independent forensic examination can say for sure. However, the facts of this case strongly suggest that the substitute teacher was the victim of mouse-trapping, and not a porn surfer.
Not only could Amero be sentenced to 20 years in jail, there is nothing to prevent the Connecticut legislature from requiring – years hence – that she register as a sex-offender, and have her name posted on the internet in that capacity. She rejected a government plea offer which would have guaranteed a probationary sentence and a non-felony conviction. Nobody seems to suggest that a 20 year sentence is appropriate, and indeed, it is likely that Amero will get probation anyway. But the real question here is: does the evidence support the criminal conviction for knowingly displaying pornography (as opposed to not doing her job, surfing other websites during class time, or failing to react properly to the pornographic websites.)
This seems to be an example of bad – or at least incomplete – lawyering on both sides, and the vagaries of a "jury of your peers". Firstly, neither the prosecution nor defense experts fully presented their cases – the prosecution because they had no notice that adware would be an issue, the defense because they weren't permitted to because of possible discovery violations. The jury was asked to render a verdict on incomplete evidence and vague and ambiguous jury instructions about exactly what the crime was. Moreover, juries tend to believe expert testimony, and experts frequently display a degree of certainty that is not supported by the facts. And that is the real crime here. How is it that you can have two experts examine the same computer and conclude – with equal degrees of certitude – that the defendant deliberately typed in the URLs, and that she did not? The answer lies not with science, or forensics, but with humans. People naturally come to forensic examinations with preconceived ideas, and trying to prove something. This dictates what files they examine, and what they conclude from these files. They shade their testimony and examination. What is possible becomes likely. What is merely unlikely becomes impossible. The truth is, we will see more people wrongfully convicted of crimes they did not commit because the computer indicates that they did it. And computers never lie, right HAL?
Next page: Institutional liability