Print
Discuss
Send to friend
RSS feedsLegal history was made a few weeks ago when a man from Reading was able to prove that paedophile pictures discovered on his computer had been placed there by an intruding Trojan program.
The man was an IT contractor in the defence industry, divorced and with two children. As a result of paedophile charges brought against him, he lost his job, was attacked and was unable to see his children. He claimed, correctly, that pictures found on his computer had nothing to do with him: he had no interest in paedophilia and no pornographic magazines or videos at his home. He had no history of sexual offences and was an honest man trusted with a sensitive job that required security clearance.
He pleaded Not Guilty, of course, and was prepared to use his own expertise in computers to show that someone else could have been responsible for the pictures. The defence team said that this was the first time in which the so-called "Trojan defence" had been run. Not quite true: I've seen the defence tried a number of times, admittedly as an argument of last resort in cases where there is, frankly, very little doubt about the outcome.
Under those circumstances, several people have attempted to argue that the pictures could have been placed on their systems by a virus, a pop-up or as a result of unsolicited email.
In previous instances, the prosecution has been able to show that the Trojan defence was implausible. On behalf of the police, computer experts have been able to show that pictures were viewed and moved around the computer; that they did not appear in the locations that would indicate pop-ups; that there was no remaining indication of the spam email; and no evidence of any Trojan application. Armed with this weight of evidence, courts have had no problem in dismissing the Trojan defence until now.
In this case, though, it was certain that there was evidence: the Trojan was indeed found and it was discovered that it referred to the paedophile pictures explicitly. Experts were able to show that the defendant had not accessed the pictures and that he could not have known they were on his computer.
This final point is important. The actual offence under which most charges of computer paedophilia are brought is the 1988 Criminal Justice Act. Section 160 makes it an offence to be in possession of an indecent photograph of a child. In this case there was no dispute about the fact that the pictures were indeed on his computer and were indeed indecent photographs of children. There are, however, three defences: that the picture was in his possession for a legitimate reason; that he had not seen the picture or had any reason to believe it was indecent; or that it was unsolicited and not kept for any length of time.
The first defence is the one that gives permission for experts working on behalf of the courts to possess the pictures in the course of their investigations. The second and third defences were claimed in this case: the pictures were not solicited and were not viewed.
This third defence also provides protection for those increasingly common situations in which extreme material - including paedophile content - is being transmitted in spam.
If you are unlucky enough to receive such pictures, contact the police or delete them immediately. Do not forward them to anyone: that would make you a "distributor" and would mean that you were then in "knowing possession" of the images - both are offences under the law. If the police ask you to retain the pictures then you have a legitimate reason for possession. In this way, you can ensure that you don?t inadvertently go through the two year hell suffered by the unfortunate man in Reading.
Meanwhile, I'll tool up ready to counter, in my capacity as an expert witness, all the Trojan defences that are now undoubtedly about to be attempted by the most unlikely of people. Wish me luck!
Have your say: reply to IT Week
del.icio.us
Digg this
reddit!
