14-year-old Timberline High School student Josh Glazebrook near Olympia, Washington, was sentenced to 90 days in juvenile detention in July 2007 after having admitted making bomb threats to the school and other charges. In order to obtain the evidence, the FBI filed a court order on June 12, 2007, for planting a so-called CIPAV (Computer and Internet Protocol Address Verifier) on the suspect’s PC. Spyware, once planted on the hard drive, the software reports back to the FBI with the Internet Protocol address and other information found on the PC and, notably, an ongoing log of the user’s outbound connections.
The information supplied electronically enabled the authorites to identfy and convict the suspect a month later. The American journalist Declan McCullagh has extensively documented the case in the news.com blog, and made available the court order (see also the full Affidavit here as PDF).
It might have been these kind of sensational revelations that pursuaded the Austrian gouvernment this week to permit online spying of private PCs, though Interior Minister Günther Platter (Conservatives) and Justice Minster Maria Berger (Socialdemocrats) were quick to inform the public that offficial spyware will only be allowed in cases of suspected serevere criminal offences or terrorism. Each request will be examined carefully and can only be approved “by an order of a Public Prosecutor sanctioned by court”, Berger said. In other words, Josh Glazebrook would have never been identified by Austrian law. Nevertheless, the legal framework is to be expected in place by autumn 2008. Read the rest of this entry »
