How Convicts Ordered to Stay Offline Try to Slip Their Digital Leashes

When John Walker Lindh, a California man, was sentenced in 2002 for helping the Taliban, neither Facebook nor YouTube existed. If you had a cellphone — and only about 60 percent of Americans did — it was probably a flip phone.

Before Mr. Lindh was released from prison on Thursday, his probation officer asked the judge to adjust the terms of his release to reflect how the world had changed. The judge barred Mr. Lindh from possessing an “internet-capable device without prior permission from the probation office” for the next three years. Further, any such device would have to be “monitored continuously,” according to the court order.

According to two leaked government intelligence assessments, as of May 2016 Mr. Lindh “continued to advocate for global jihad.” Given that, the request to curtail his online access might be understandable, but it also raises questions that extend beyond his case.

How do you enforce orders to restrict digital access for those newly released from prison? Who monitors them? How difficult is it to evade detection?

Here are some answers from a hacker and a sex offender who both tried to trick their monitors, and a probation officer who keeps tabs on the digital activity of people like them.

It depends on the crime. People convicted of sex offenses involving the internet usually do. The severity and length of the restrictions depend on whether they were convicted in a state or federal court, local laws, the details of the case and the judge, experts said.

Those convicted of hacking, terrorism-related charges, credit card fraud and other internet-related crimes often face restrictions, too.

Tommy DeVoss, 35, began hacking military, bank and company websites when he was in his early teens. In 2000, he was put on juvenile probation and told he could not use computers or other electronic devices, including gaming consoles, until he was 21.

Computers were what interested him most, so he used them anyway. “I wasn’t doing anything illegal,” he said. “I was just not supposed to have them.”

One morning his probation officer showed up unannounced.

“I took apart the computer and a hid the parts under the mattress,” he said.

But Mr. DeVoss forgot to hide the mouse. He went to prison.

A 39-year-old man convicted of transporting child pornography in his 20s went through a similar cycle. In his case, he was permitted to use the internet only on cleared devices, and he was explicitly prohibited from looking at pornography. He came up with hacks to bypass the software tracking him, he said.

The man, who asked not to be identified but whose probation officer verified the details of his account, said the authorities checked his hard drive and learned that he had violated his probation. He went back to prison, and when he was released he found new workarounds. Sometimes they worked, but more often they did not, he said.

In terrorism cases, a judge usually set up the rules and then a probation officer and an F.B.I. agent watch for violations, said Mitchell D. Silber, a former director of intelligence analysis for the New York Police Department, who was a founder of a nonprofit that tries to rehabilitate extremists.

The person doing the real-time digital monitoring is typically a probation officer. (Mr. Lindh’s case will be managed by the probation office of the United States District Court for the Eastern District of Virginia.)

The approach varies from district to district, said Brian J. Kelly, a federal probation officer and cybercrimes specialist in the Eastern District of New York. Many probation officers rely on tools that track a person’s keystrokes, search terms and downloads, among other activities.

“We get a lot of false alerts,” he said. If someone under supervised release reads an article referring to “food porn” or sends an email complaining about his boss using a certain four-letter word, Mr. Kelly says he will receive a notification.

Often he finds that a manual review is more useful than relying solely on alerts. Deciding whether something is a violation sometimes requires an interview and a polygraph test.

Recently, for example, he noticed that a sex offender was spending a surprising amount of time on, a site that preserves old web pages. He figured out that the offender was trying to evade detection to look at pornography.

“The biggest misconception is that it’s an easy process,” Mr. Kelly said of the monitoring. “It’s very labor-intensive, and it requires a lot of understanding of the particular case.”

Mr. Silber once worked with a reformed Qaeda member who was barred from going online during his probation. If he wanted to send an email, he had to do so in the presence of his lawyer, he said.

It is not uncommon for sex offenders to face bans on all internet use, which many lawyers believe is debilitating to people trying to get their lives on track. Cristie Gibbens, a public defender in Louisiana, fought an order restricting her client from using the internet for the rest of his life and won. “He couldn’t function,” she said.

Sometimes probation officers and judges will loosen the restrictions in response to good behavior or permit exceptions, Mr. Silber said.

Mr. DeVoss, the hacker, tried to get his computer ban relaxed so that he could attend college. He said his request was denied. Because he could not get a job involving electronics, he worked as a line cook. He was not even permitted to clock in for himself, he said.

By the time he got out prison for violating probation the final time, his digital restrictions had expired, he said. He now works as a “bug bounty hunter,” which means he gets paid to hack into companies’ systems to highlight vulnerabilities.

Source link