Australian police are using “poisoned watering holes” to investigate crime on the dark web. By taking over illegal marketplaces that traffic in child pornography or drugs, law enforcement are collecting information about criminals all over the world.
Of course, crimes that occur on the internet often cross international borders, but this situation is creating troubling new standards in transnational policing.
Research, including our own, indicates that as police operations move into online environments, new rules for digital evidence collection and exchange must be developed to assist prosecutions while preserving due process and human rights.
Investigations on the dark web readily transcend geographic demarcations fundamental to the use of search warrants and the admissibility of evidence.
Some enforcement agencies have conducted online investigations and attempted to access or transfer information outside existing domestic and transnational legal frameworks. This is common in cases involving dark web sites that distribute child exploitation material (CEM).
Without proper checks, police could have significantly expanded scope to search homes and computers around the world, even in cases not involving CEM.
Watering holes and network investigative techniques
The techniques used in online investigations can have potentially problematic legal standing.
Playpen was a dark web site used to distribute CEM. The FBI seized the site in 2015, and obtained a warrant to continue its operation on a government server.
The FBI used a Network Investigative Technique (NIT), also known as Computer Network Exploitation, to identify Playpen users. This distributed malware onto any computer used to log into the site.
The NIT enabled the FBI to identify the IP addresses, log-in times, and operating systems of around 150 computers located in the United States and more than 8,000 computers located in 120 countries. Up to 215,000 registered Playpen users globally could be affected.
According to the Electronic Frontier Foundation, Playpen is the largest known US government hacking operation. But it was authorised by a single warrant issued in Eastern Virginia.
Specialist online units in Australia, such as Task Force Argos in the Queensland Police Service, have also used “poisoned watering hole” tactics.
Australian convicted child sex offender Shannon Grant McCoole, who administered “The Love Zone” site, was apprehended after a tip from Danish police. Task Force Argos investigators then effectively ran the site “while feeding information to international law enforcement colleagues”.
The investigation identified many users located in other countries, including several who were prosecuted in the United States.
Details of the warrant used in this investigation are unclear, which is common in cases involving CEM that result in guilty pleas.
This article was originally published by The Conversation.