Sunday, February 16, 2014

Cyberbullying Investigations - Cyber-Breadcrumbs Part 2

Peek-a-Boo…we can find you! People often mistakenly believe they can surf and communicate anonymously online. The reality is that no one is truly anonymous online. As Parry Aftab always says, we leave a trail of cyber-breadcrumbs behind us wherever we go, whatever we do online. Most times, no one cares about piercing the veil of anonymity—unless they are the recording industry, an irate spouse, or someone being cyberbullied.

Young people think that by creating a fake Facebook account, YouTube account or Gmail account, they can hide their identity. But, most of the time, they can't.

Luckily, these cyber-breadcrumbs almost always lead you to the cyberbully. Each e-mail (and IM) and every cyber-communication contains an IP address. Most online games and social networks grab the IP address for every account formation, everything posted and uploaded, and all comments and friend access. The IP address (Internet protocol) tracks back to the IP address owner, and sometimes to the Ethernet card in a computer in an office, school, or home network.

When you have your own server, or use certain ISPs (Internet service providers), you have a static IP address. That means it’s always your IP as long as you use the same computer and the same ISP access. Tracking you is then as simple as tracking your IP address. Most larger companies, especially technology-based companies, educational institutions, and governmental agencies, have their own static IP addresses.

When you use a standard Internet service provider to access the Internet (which most of us do), such as Optimum, Verizon, Earthlink and others, you typically have a dynamic IP address, which means it’s yours for the period you are logged on, like subletting from the server’s IP address pool. It can only be tied to you by asking the service provider for certain information. They will need to know when the IP address was recorded to be able to track which subscriber was using it at that time. The cooperation of the ISP or online service is essential to check their records to tie the IP address to you, as their customer.

The privacy policy (which few of you have read) tells you how and under which circumstances the service provider, network, or site will turn information over when requested by legal process or otherwise. It tells you what information they collect and store, as well. Whether they want to or not, if the legal demand is made in the right way, they have to comply.
Given how many subscribers they have and the high turnover of IP address assignments, many ISPs only retain the subscriber/IP address records for a short period of time, usually ranging from three weeks to three months. (Some mobile IP information is online kept for a few days.) Problems arise when someone needs those IP records and they are no longer being stored by the ISP. Unless the situation and IP address is discovered quickly, important evidence linking the suspect to the cyberabuse and possible cybercrime may be lost.

Most leading ISPs will retain these records for longer periods of time if requested to do so by a litigant or law enforcement official. Some statutes permit law enforcement and lawyers to send a letter to the ISPs (a “retention letter”) requesting that they maintain their records on a particular user for 30 days; that request can be extended for additional 30 day-periods, if necessary.

But even with extended retention periods, this requires that the victim of a cyberbullying moves quickly. Law enforcement agencies can move very quickly and the ISP typically will not notify the subscriber or user when information about their account or profile is requested.