Technology & Science

Why it's so hard to catch online predators

The internet hacking group Anonymous claims it has found the main cyber-tormentor of Amanda Todd. But in an online world, where it's so easy to hide your identity and computer address, how can anyone be sure that's true?

Questions of legal jurisdiction and volume of postings compound challenge for police

In an online world where it's easy to post anything you want under a false name and hide the computer where you made the comment, tracking a person's true identity can be a tall order. (Associated Press)

Among the many questions swirling after Amanda Todd's suicide, there is one that seems so basic: Who is the person whose online actions seem most responsible for sending the B.C. teen into such deep despair?

The internet hacking group Anonymous claims it has found the 15-year-old's main tormentor — a 32-year-old B.C. man it says has also made postings to child pornography sites.

Anonymous may have found the right person. Or maybe not. But in an online world, where it's easy to post anything you want under a false name and hide the computer address from which you made the comment, tracking a person's true identity can be a tall order.

"The internet affords a number of options for those who desire to hide their identity to do just that," RCMP Cpl. Laurence Trottier said via email.

"These options provide various levels of anonymity, which must be uncovered before it's possible to identify the individual's true identity."

Questions of legal jurisdiction and the overwhelming volume of postings made every day around the world compound the challenge police forces face in determining real identities in the online world.

The place to start such an investigation is often with the IP address, the identifier that reveals the computer from which a controversial post would seem to have originated. 

"It’s a little bit like a phone number if you will, but for computers," says Nicolas Christin, associate director of the Information Networking Institute at Carnegie Mellon University in Pittsburgh.

"If you figure out … the IP address that was used to make a particular post or a particular threat, then the next step is to figure out which internet service provider this IP address belongs to, contact them and ask them to tell you which customer was using that IP address at that given time."

If the ISP is on board with the investigation, it might provide that information.

Trouble is, as Christin says, "it's not a foolproof method for several reasons."

Different laws

One is jurisdiction. Say someone posted questionable — but not illegal — comments from a computer in the United States that seem sympathetic towards Hitler's Reich. Someone in Germany, where such comments are illegal, could take great umbrage with them.

Fifteen-year-old Amanda Todd,in a photo from one of the many Facebook memorial sites set up after her suspected suicide earlier this month. (Canadian Press)

"But if you're on a machine in the United States," says Christin, "you're actually protected by the First Amendment, which means the internet service provider has absolutely no reason to turn over their data to you if you're, say, the German police.

"So that's the first problem, the problem of jurisdiction."

Another problem is that people can also use software and proxy servers to mask their true IP address.

"You can use a proxy machine, meaning instead of connecting directly from my computer, I connect to another computer and from there I make those posts," says Christin, who notes that it's "relatively easy to anonymize" your traffic on the internet.

People could also use something like the Tor network, free online software that Christin says is fairly easy to download and is "essentially a peer-to-peer network that is not used for file sharing. It's a peer-to-peer network that is used to anonymize data over the internet."

Say someone used Tor to go to the website and post a comment — the website, instead of seeing the IP address of the actual machine from which the visit is coming would see the IP address of one of the machines that participates in the Tor network

Finding the true IP address in that instance "is going to be essentially impossible," says Christin.

Legitimate reasons for online anonymity

In efforts to fight crime, that scenario poses huge problems, but there can be legitimate uses for networks such as Tor.

"If you're in Syria right now and you want to document the atrocities that are being committed there, you definitely want to do that anonymously," Christin says.

"It's a challenge, because on the one hand you've got plenty of good reasons why you want to remain anonymous on the internet particularly when it comes to reporting abuses, reporting human rights violations and so forth.

"At the same time, when you have a bullying case and if the person is careful enough to hide their tracks, it may be very, very challenging to find them."

Sheer volume

The difficulty tracking online identities can also be compounded by the sheer volume of online messages that flow over the internet each day.

The very nature of online communication and social media can fuel the volume — in a bullying case, for example, one mean or disturbing comment could quickly be forwarded through cc-ing or bcc-ing one email message. People clicking additional "likes" on a suspect comment could also spread the harm. 

"Then it gets kind of clouded as to who was the originator," says Tim Richardson, an e-commerce professor at Seneca College and the University of Toronto.

"That's the problem. Law enforcement agencies find it too difficult to winnow through all the hundreds of postings to find out who was the originating person. They end up with a lot of people who were just part of the pile-on and they're not really the bad guys."

The use of public computers in internet cafés or libraries can also help mask a true identity.

"There's been a number of cases where people who were engaging in very shady dealings were setting up throwaway email addresses from a cyber café somewhere and essentially just from that information you were not able to trace them back," says Christin.

Of course, there's still the question of how Anonymous is claiming to have been able to find Amanda Todd's tormentor, while police are publicly silent on whatever progress they may have made.

Christin says hackers don't face the same "burden of proof" that law enforcement officials do.

"If you manage to break in, you have access to the information. You're committing an illegal act in the process but you have a lot less barriers."

A hacker might be able to break into a person's Facebook page, something police wouldn't necessarily be able to do because they wouldn't have permission.

"There are some restrictions against what law enforcement can do and those restrictions, they are there for a good reason," says Christin.

"You don't want to have a police state where people can access anything they want at any time, but hacking groups typically have no such concerns and essentially break the law to have access to this information themselves."

The RCMP would not be interviewed on this issue, and would not discuss the steps it can take to try to track down the identity of an online bully or predator.

"The RCMP cannot provide information or details related to investigational tools or techniques used to identify suspects in criminal investigations," Trottier said via email.

Christin says law enforcement officials have to approach efforts to track down online identities from several angles, there is no silver bullet or magic trick.

The desire to hide online is really only an extension of capabilities we've always had, he says.

"It's also very, very easy to send an anonymous letter and never find out who sent it. That hasn't changed."

And, for better and worse, probably never will.