The possession of child pornography yields some of the harshest punishments upon conviction in California, not to mention the social ostricization and embrassament often involved when charged. Even though the definition of the crime defines ‘possession’ to entail many things, child pornography is most commonly found being on personal computers and mobile phones. Oftentimes, the police will build a profile on a suspect to convince a judge of probable probable cause if an individual who may be in possession of child pornography. That is typically when the computer is seized and searched to further build a case against the suspect. However, it’s easy to conceive of the idea that law enforcement is constantly watching us, but many of us are probably unaware of how they put their monitoring to practice, or how they can specifically track down those who look at or distribute child porn. Even when you think you have nothing to hide, it’s distressing to imagine someone watching over your shoulder, monitoring your every online move. 

1.  How is Child Pornography Defined

According to California law, the possession of child pornography is a ‘wobbler’ offense, meaning that it be charged as either a misdemeanor or a felony, depending on several varying circumstances. If convicted as a misdemeanor, the sentence entails time served in a county jail for up to one year, and a fine of up to $2,500. A felony conviction will levy the same amount for a fine, and up to three years in prison. No matter if the person is ultimately convicted of a misdemeanor or felony, they will be required by California law to register as a sex offender.

Child pornography, and the posession therof, is considered a sex crime. A sex crime usually occurs when one party not giving– or being unable to– give consent. Sex crimes involving a child under the age of eighteen, however, operates under the understanding that anyone under a certain age cannot have the maturity or mental capacity to give consent, even if it seems that they have indeed given it. For that reason, child pornography laws still apply when a minor knowingly produced and distributed it themselves, or when the person in possession of the content are themselves a minor.

Since the growing prevalence of the internet in our daily lives over the past thirty-odd years, child pornography has risen in its online presence, distribution, and access. With that, arrests and convictions of child pornography cases has shown a general upward trend as well. The greater frequency of cases also invites the greater likelihood that someone may be falsely accused of being in possession of child pornography. Often this comes in the form of a virus downloading that content on your mobile device or personal computer, without the person knowing before it’s too late. Someone may have had content downloaded through a suspicious email as well, without their knowledge. With the myriad of explicit images on the internet, it is possible to breach a child pornography law without any intention to do so, and without much effort. Even more mainstream porn sites have, in some instances, have failed in keeping child porn off of their sites. MindGeek, the parent company of PornHub, had recently come under fire for the lack of sufficient monitoring to prevent child porn from being uploaded. That said, one is still less likely to find child porography through typical searches via Google, or Bing. Depending on one’s search history, or their propensity for searching within the infamous dark web, a defense attorney or prosecutor could use that information to delineate the intent of the person charged. Whatever the case, police will be notified in the same way. And the technology used to monitor when people access child porn will not differentiate between an intentional or unintentional breach of the law. Furthermore, child pornography tracking technology cannot distinguish on whether or not the pornography found its way onto a device by some third party– the virus or suspicious email mentioned earlier, for instance. For this reason, it is paramount to consult with a lawyer as early as possible, especially given the enormous implications of having such a charge levied against someone. 

2.  How Does the Government Know What’s On My Computer?

In most cases, the physical search of one’s computer or phone by law enforcement will occur in one of two instances. The first is when one gives consent to an officer to perform the search. In California, a Terry stop (a term to describe when police stop someone, for a reasonable amount of time, and question them), is not enough to warrant a search of anyone’s property. To extend that further, police cannot search your mobile device, even in situations of lawful arrest. A Supreme Court ruling found that personal cell phones were “fundamentally different,” than other personal effects, and even though the law permits police to search some items in the situation of a lawful arrest, that cannot extend to one’s phone– something that contains such intimate details of one’s life. For that reason, it is fundamentally important to understand your rights, especially when it comes to your personal devices. Always say ‘no’ when asked, or even ordered, to surrender your phone for a search, unless an officer can present you with a warrant; there is no telling what information could be construed as evidence of a crime, rightly or wrongly.  If one does find themselves placed under arrest with their phone or computer confiscated, the most likely scenario is that law enforcement will hold your device until they can acquire a warrant to conduct a search. A third party software, called Cellebrite, will then extrapolate, categorize, and index all data from the device. However, a search and seizure conducted this way is not the primary way in which child pornography cases are discovered and prosecuted. Police usually will only seize a computer or phone on suspicion of child porn if there is already evidence of that crime having been committed. Most ‘search and seizures’ of mobile devices and personal computers are conducted to help the prosecution further build a case against the suspect. Charges of possession of child pornography are most often brought to a suspect after through a largely automated and remote monitoring system.

Law enforcement have means of monitoring potential child pornography breaches with considerable efficiency, and on a mass scale. Most cases of the police finding child pornography on a device is through conducting a remote search. For instance, when a device connects to the internet, that device is given an Internet Protocol (IP) address. Most people acquire multiple IP addresses for various connections (at work, home, coffee shop etc.). Anytime someone accesses a website, their IP address acts like a footprint, providing evidence that they were there. Along with tracking an IP address, police might use a number of softwares that track the distribution of child pornography. PhotoDNA, for instance– developed by Microsoft and Dartmouth college– is one such software. PhotoDNA is a software program that takes an image and assigns a “hash” to it. Hashing is taking data and characters, on a particular image, and converting that to another ‘fixed’ value. In other words, it graphs an electronic signature of sorts onto the image. The use of PhotoDNA is now used by many major websites, among them are Google, Twitter, Discord, and Onedrive. Whenever an image is uploaded to any of these sites, PhotDNA will automatically create an electronic signature of that image to be matched against already ‘hashed’ child pornography in a federal database. ‘Hashing’ images and videos has proven to be a significant step forward in the tracking of child pornography. A reference database has existed in several forms before. However, without ‘hashing,’ purveyors of child pornography could simply color edit, or resize the image, and the integrity of the image file would be compromised, so that it couldn’t be traced to a known image in a police database. Since hashing is the act of integrating an electronic signature onto a file, the integrity of that signature cannot be altered through simple editing techniques. Each time an image is copied and sent from one device to another repeatedly, thatimage loses its data integrity. Some platforms, such as Facebook, are known to compress an image drastically, lowering the quality of an image. When an image is compressed like this, we lose more and more metadata (the information available within the image).  Anyone who works in photography editing probably already knows that the more you manipulate an image, the less ‘information’ that image contains. When tracking child pornography, it used to be possible for illicit images to slip under the radar simply because the quality of the photo was significantly lower than the reference image in a police databases; it lacked the data. To counter this, sometimes law enforcement had no choice but to store as many different versions of the image as possible to be used as reference. However, with PhotoDNA, instead of trying to compare a simple one to one matchup of like images, the software instead compares ‘hash’ against ‘hash,’ ‘code against code.’

When a match presents itself, law enforcement can then track to see which IP addresses have accessed the image. Someone in law enforcement will categorize and hash an image to store in a database and be used as reference when needed, but once that stage of cataloging is done, the process of tracking down the sharing of child porn is largely automated.  It is important to note that an IP address can only track when a site or image was accessed, and by what device; it cannot prove who was using the device. For that reason, even when authorities have traced child pornography to a certain IP address, one should always consult with a lawyer to define the likelihood of conviction.

Given the ever growing prevalence of child pornography cases, investigators commonly use stings to track down and arrest perpetrators. Law enforcement could take control over a website, or set up a decoy site, to monitor the potential buying and selling of child pornography. Investigators themselves might pretend to be either prospective buyers or sellers. Once authorities have identified the buyer or seller, they make the arrest. Sometimes investigators will allow some images, known as ‘honey pots’ to linger on a site, in order to gather hits on that image, and collect as many IPs as possible

To track and monitor one’s computer or mobile phone, even remotely, law enforcement must have a valid warrant issued by a judge, founded on the basis of probable cause. Police cannot arbitrarily access anyone’s device in an effort to gather evidence that may or not be there. Police do have a means, however, to ‘passively’ collect data on child pornography traffic, without having to singularly monitor one person. We mentioned before how law enforcement put ‘hashes’ on images of child pornography to use as a refferntial dataabse. Police can be notified when one of their ‘hashes’ gets a hit on a website. They will get this notification whether the image was downloaded, sent from one party to another, or simply even looked at. Even though law enforcement always needs a warrant, except in rare circumstances, to search and monitor someone’s computer, a hit on one of their hashed images now gives the police probable cause that a crime has been committed. After that, it’s only a simple matter of tracking the IP. A search warrant against the suspect can then be issued with relative ease. If this is the case, and the police seize one’s phone or computer, further evidence of possession of child pornography can be ascertained in a number of ways:

2a) Having Incriminating Files Stored On Your Internet Cache

Caches are essentially temporary internet files. Every time you visit a website, a small cache file is stored on your phone. When you return to that site, your phone or computer will not only access the webpage through the browser, but it will also reference the cache file of that site, ultimately increasing the speed of that site on each visit. The more visits, the more cache files your phone can rely on. Once authorities have possession of a phone or computer, if that device does have child pornography on it, it can be easily found on that device’s cache folder.

2b) Your Internet Search History

Different from caches, your internet search history is not necessarily a series of files stored on your phone. Instead, whatever browser you use will simply log your internet activity. This is an easy fist go-to for law enforcement to try to find evidence of child pornography. But even for those who are not actively engaged in any sort of criminal activity, this still raises an oft asked question: can you really delete your internet browsing history? Most people probably operate based on this assumption that your history is never really gone, but many of us may not be fully aware just how true that is. Sure you can “clear” your history from your phone, but where exactly does it go? If you are a Google user, simply deleting your search history does not delete every bit of information on you that the search engine has in its possession. In fact, when you “delete” your browser history on your laptop, it’s not as if you’re pulling that browser history out from its source to permanently remove it. The files of your search history are actually stored in what’s called a “free space” on your computer hard drive, where it will eventually be overwritten with new information over time. The disadvantage behind this however, is that the overwriting process, depending on your usage, could take days, months or even years. And since your internet browsing history isn’t truly deleted, only tucked away until it’s eventually overwritten, police have the means to reconstruct those files. Even while your browsing history might not be evident on your phone or computer, a subpoena order from law enforcement given to a company like Google, will compel the search engine company to allow police to access those browser history files. While your browser history is still in the limbo of “free space,” it can still be accessed and reconstructed.

2c) Your Internet Service Provider 

Under federal law, your internet service provider is compelled to inform law enforcement of any evidence to access of child pornography. Once law enforcement is informed, the internet service provider can simply give the IP on the device used, and police can then promptly obtain a warrant. `

2d) Peer-to-Peer File Sharing Sites

Peer-to-peer file sharing is essentially a decentralized platform in which buyers and sellers can have direct interaction, effectively forgoing a third party mediation. Sites like these have become one of the prime targets for law enforcement who are looking to clamp down on child pornography, as they are one of thos most common targets for sting operations.

3.  Under What Circumstances Can Police Monitor My Internet Browsing– What Are My Rights?

As stated earlier, the law, as it is written, prevents law enforcement from arbitrarily and indefinitely monitoring your computer without probable cause. The Fourth Amendment protects all citizens from unreasonable search and seizure. For the Fourth Amendment to apply, however, one must have a ‘reasonable expectation of privacy.’ For example, police cannot arbitrarily search your wallet without a warrant, something enclosed and always on your person. However, if an officer pulled someone over for speeding, and that person had plainly visible contraband in the passenger seat, the officer could seize that contraband and search the car. In that scenario, not only did the police officer already have probable cause that a crime was taking place when they pulled the suspect over, but the driver could not say they could reasonably expect the contents of their car to remain private, when something was in clear and obvious view. Still, any evidence seized while an officer is violating one’s Fourth Amendment right is considered inadmissible. So how does that law apply to internet browsing? This was answered in the Supreme Court case U.S. Burowy. The final ruling maintained that an officer who had been viewing and downloading files on the peer-to-peer site LimeWire in an effort to expose buyers and sellers of online contraband, did not need a warrant to do so. This ruling was based on the court maintaining that on a peer-to-peer website, where publicly available files were routinely, and oftentimes freely shared among many individuals, one could not have a reasonable expectation of privacy to those files. This ruling has allowed police to continue monitoring websites suspected of having child pornography, all while working within the bounds of the law.  You still have the right to browse the interwebs without the intrusion of monitoring by law enforcement. However, you should take extra care when you find yourself on any file sharing site. One’s reasonable expectation of privacy is murky at best, even on sites that are not strictly peer-to-peer sites.

It may not look exactly like a government agent looking over your shoulder, spying on your every move, but when it comes to child pornography, the government and law enforcement have a system that is generally automated, efficient, and growing evermore sophisticated. With every site you visit, you leave a trail of bed crumbs that can be easily reconstructed, evaluated, and used to incriminate you. While Google has adopted PhotoDNA that automatically ‘hashes,’ Apple has recently announced its plans to release its own anti-child pornography software on their iPhone and macOS systems, which will flag illicit which have been found to match the federal child pornography database. Much like PhotoDNA, the flagged images are to be then reported to law enforcement. In essence, it is not the image itself, but the coding and metadata of that image that can be ultimately used as evidence against someone. Even though the technology is still developing, and not one-hundred percent effective, law enforcement can become aware of child pornography on one’s phone or computer with relative ease.