Police charged a Maryland man on March 1 for allegedly possessing illicit images of children, following a tip from his cloud storage provider Verizon, which had detected the images in an online sweep of its service.
William Steven Albaugh, 67, a deacon at St. Joseph’s Roman Catholic Church, was arrested at home, where a search turned up additional images, according to a March 4 news report in The Baltimore Sun. The man had stored files in his personal Verizon Online Backup and Sharing account, according to police charging documents cited by The Sun.
While the case represents a win for law enforcement and the protection of children, some privacy experts have taken an interest in the case, as it could mark an expansion of Internet service providers’ powers to monitor their users.
“Today I learned: Verizon has a cloud backup service for consumers, and they scan every uploaded file for child porn,” Chris Soghoian, a privacy-rights expert, stated in a tweet on March 4, adding that he was searching for more information.
In a statement issued on March 1, the Archdiocese of Baltimore confirmed that Albaugh was a permanent deacon assigned to St. Joseph Church in Fullerton since 1996, and had been relieved of his position following the arrest.
According to news reports, Verizon Online detected the illicit images on its cloud storage service and reported them to the National Center for Missing and Exploited Children, a nongovernment organization that processes tips on child abuse and illegal images. Scanning users’ documents for illegal material appears to be an expansion of the monitoring performed by Internet service providers.
Internet service providers had already agreed to scan some services for images of child abuse. In 2008, three Internet service providers, including Verizon, signed an agreement with the New York attorney general to scan their Usenet groups for illicit images of children. Usenet is a legacy Internet service that allows users to share information, including images, having to do with certain topics.
In 2009, Microsoft and Dartmouth University donated software technology to the NCMEC known as PhotoDNA. The technology allows Internet service providers to match hashes of known images of child abuse to variants of the images that may have been resized, cropped or have some noise added.
Law enforcement agencies are not the only organizations looking to use Internet service providers’ powerful position to search for online misconduct. Copyright holders have convinced ISPs to also agree to take action against subscribers who are allegedly breaking the law.
This year, for example, Internet service providers will help music and movie studios implement a six-strikes policy for copyright infringement, known as the Content Alert System. The Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) will search peer-to-peer networks for pirated content and notify ISPs, who will then send a warning to offending users. Providers could cut off users that have reached six strikes, but most are unwilling to do so.
“At this time, it does not appear that the ISPs will be directly monitoring their customers’ traffic through deep packet inspection,” the Electronic Frontier Foundation stated in an analysis of the CAS program. “Rather, the content owners will monitor peer-to-peer traffic from public BitTorrent trackers.”
Verizon didn’t release a statement concerning the arrest of Albaugh before this story was published late on March 5.