Update: Just got this brief story from the NY Post about a drug bust that got information about the smuggler from posts on Facebook. “Federal prosecutors in Brooklyn indicted Luvman Allison after discovering that he allegedly used Facebook to arrange delivery of more than a kilo of heroin from overseas through JFK Airport.” I want to know if they were tipped off by one of Allison’s “friends,” someone from Facebook itself or if the Feds are actively monitoring all posts that closely. I’d also be curious to find out if these posts were totally public, or if the Feds used their subpoena power to circumvent his privacy settings. If I can find a copy of the indictment, I’ll let you know, but it wouldn’t surprise me if someone dumb enough to discuss drug smuggling on Facebook wouldn’t know how to modify his privacy settings.
Original Post: I love Sundays. I sleep in, listen to NPR’s Weekend Edition while making breakfast and catch up on my Facebook news feed from the weekend exploits of my friends. Pretty relaxing, that is until Liane began a story about a burglar who stole someone’s computer and then posted a picture of himself on the victim’s kid’s Facebook page with the loot he stole from them! The victim, Washington Post writer, Marc Fisher, wrote about the experience on the Washington Post Blog.
Typically, this would just be filed under “Stupid Things Criminals Do,” we’d have a chuckle, and then move on with our day. Instead, what is frustrating about this story is the apparent lack of zeal with which the police are pursuing the thief, because burglaries are low priority crimes, even when the thief literally sends a complete confession to the Internet. Mr. Fisher explains in his story that police usually don’t bother much with burglaries because most burglars get let off with probation, if they’re ever caught at all. This case should be different for several reasons. First, by logging into Facebook with the victim’s laptop, the thief generously sent along his IP address, which can be used to trace his exact location. Second, the picture has all the evidence a court would need for a conviction. I would LOVE to be the prosecutor who gets to try this case. No plea bargaining, no calling witnesses, you wouldn’t even need to bother with a closing argument. Yet, we might never get to that point because it’s a low police priority.
The more interesting thing about the story, from the perspective of this blog, is Facebook’s response. From what I can tell, they were extremely helpful in securing the son’s account and gathering the necessary information that would allow the police to track the thief. The only problem, the law prevents them from disclosing the information without a subpoena. Now, I’m not a criminal lawyer, but from what I know about them, subpoenas really aren’t that hard to get. It’s pretty much, ask and you shall receive… According to Fisher’s blog post, other law enforcement agencies don’t even need to bother with subpoenas, they just watch Twitter or unrestricted Facebook posts for other idiot criminals. I know that virtual worlds with real-cash-economies also work closely with law enforcement to prevent money laundering. While everyone loves to scold Facebook for this or that privacy snafu, I think they did the right thing here, although I’m not sure why the victim needs a subpoena to obtain information about his own account. Facebook recently updated its Privacy Dashboard to make it even easier for users to find out what information they shared and to whom it was available, but I guess IP address and other metadata are classified a bit differently.
I’m curious if anyone reading this knows if there are any computer crimes the burglar could be charged with successfully. He probably didn’t have to hack the computer, since many people have all their passwords stored in their browser for convenience. That brings up another story this week, when Gawker media announced that its site was hacked, exposing all its registered users’ account name and password info. One thing that was interesting about that fiasco was that users who logged in using their Facebook accounts–which is an increasingly popular means of gaining access to sites–didn’t have their information stolen because Gawker didn’t store that information. So there’s another way that social networks can help prevent crimes; by reducing the number of accounts people have to create (and passwords they have to memorize) people should be less-inclined to store their passwords in their browser. Fewer stored passwords, fewer accounts subject to violation if the computer is lost or stolen.
One final note, I find this all very interesting because it’s not just about a violation of physical and emotional privacy. It’s about how social media can provide tools to help solve crimes–a theme that is often drowned out in the breathless stories about how vulnerable we are to online threats, while glossing over that we’re just as vulnerable to offline threats. I don’t mean to scare you into carving out some bunker and living like a hermit. Rather, I hope to emphasize that we live in a connected society and we should look to the tools we have at our disposal to see how they can help us solve problems. Then we can put our fears aside and get back to shouting out the answers to the Weekend Edition puzzles with Will Shortz.