By Zachary Margulis-Ohnuma
In case there wasn’t enough reason not to use file-sharing (for pretty much anything), here is one more: police around the country have a relatively new tool called RoundUp that crawls through file-sharing sites searching for child pornography. In many jurisdictions, merely posting a single child pornography file to a file-sharing cite such as LimeWire or GigaTribe amounts to distribution or promotion of child pornography and can trigger lengthy prison terms — a five-year mandatory minimum in federal cases. RoundUp works by looking through file-sharing sites for “hashtags,” unique identifiers of specific, known child porn files maintained in a database by the National Center for Missing and Exploited Children.
And it’s effective. In one case that was recently reversed by the Ninth Circuit, military investigators used RoundUp to find child pornography in the possession of civilians. They were crawling IP addresses near military bases in Washington state, looking for soldiers offering up illegal material. The Ninth Circuit ruled that, because the military investigators found civilians instead of soldiers and forwarded the information to local authorities, they violated the rule against military law enforcement, the Posse Comitatus Act.
RoundUp has also been used to track child pornography on file sharing services, yielding fascinating results. In a study published last October, the developers of RoundUp tracked for one year all known child pornography offered on Gnutella, the first and one of the largest of the peer-to-peer networks. They found 245,000 separate computers that were sharing 120,000 unique child porn images during the year. But 80% of the computers shared fewer than ten images, while just 995 computers served up more than 100 images. Those 995 computers are easy targets for law enforcement, who might not bother with the thousands of other computers offering just a few images.
To get a sense of proportion, those images represent just under one-third of all known child pornography (i.e. of the 345,000 or so images in the NCMEC database). But the computers sharing large amounts of material are only a tiny fraction of the millions of computers on the Gnutella network. On the other hand, the hundreds of thousands of machines sharing small amounts of illegal material represents a substantial proportion of the network — not to mention an enormous opportunity for law enforcement. And a critical risk for users.