back to article Judges reject Operation Ore appeal

The Court of Appeal has rejected claims that some individuals prosecuted under Operation Ore for incitement to distribute indecent photographs were themselves the victims of credit card fraud. Operation Ore was a major, long-running investigation by UK police into individuals who appeared on a US-based database – Landslide – …

COMMENTS

This topic is closed for new posts.
Black Helicopters

This is a title

So, if Im reading this right, there were a handful of people that were arrested only because their names were on a list? And the only way onto that list was to subscribe to it?

(Personally I'd be suprised if they hadn't caught any innocents, its not like everyone checks everything they click/download/put CC details into.)

They said there was no evidence that there was CC fraud, but what does that mean? The culprit didnt use the card anywhere else, so it looks like a 'normal' transaction?

Shirley if you are going to convict someone for somthing like this, then you have to prove that they did sign up to the list, not that there wasn't any CC fraud, no?

13
2
Anonymous Coward

Read the judgment before posting a comment

Benny: There should be a copy of the judgment on the Court of Appeal website: http://www.judiciary.gov.uk/media/judgments/2010/index in the next day or so. You will then see a full explanation why the judges rejected the appeal so comprehensively.

2
1
Anonymous Coward

After reading the full text of the judgement

I don't know whether this is just the way it was reported by the press, but the appeal was based on the premise that two different webmasters in countries other than the UK had used his details fraudulently.

This was not a good basis for appeal, bearing in mind how much evidence there was that the card transactions corresponded to access from freeserve in the UK, and that Mr O'Shea did not take any action when the transactions appeared on his credit card statement (he appears to have been the type of person who actually bothered to check his statements), or confirmation mails were sent to what he admitted was his primary email address.

If he had claimed that someone close to him had impersonated him, and used his card, email and other personal details (after all, there was not really anything that made Internet card-holder-not-present transactions safe before Verified-By-Visa and Mastercard SecureCode), then this may have had some more success in sowing doubt in the mind of the judge.

I admit that much of the evidence reported in the initial trial and this judgement appears to be circumstantial, and this should get people to think about the safety of the conviction, but the grounds of the appeal appear not to have been based on new evidence, but on a new theory for which no evidence was presented. In the judge's opinion, what was presented would not have been enough to sway the jury if it had been presented at the initial trial.

Having been previously pulled up on these forums for not reading the background, I decided to follow it through, and it appears to me that in this case, that the original article did not present enough detail of the judgement to make sensible comments. If it were just a transaction on a dodgy site's payment logs, then I would be appalled, but in this case it appears that it was not.

4
1
Anonymous Coward

Judges stupidity

"... the appeal was based on the premise that two different webmasters in countries other than the UK had used his details fraudulently."

No it wasn't, that was just a piece of nonsense apparently invented by the CoA judges. To me it looks like the appeal was based on the idea that the *Landslide* webmaster used O'Shea's details fraudulently on several different client sites. Once you realise this, virtually all the CoA's criticisms of the appeal vanish.

For example:

"30. ... The theory put forward on his behalf is that a webmaster, presumably the webmasters of the Child Rape, Forchild and Babyworld sites, had dishonestly acquired and used his details in order to benefit from the credit card payments that resulted. 31. One of the difficulties with the fraudulent webmaster theory is that the webmaster of Babyworld was German, whereas the webmaster for Childrape and Forchild was Indonesian. The theory therefore has to posit at least two fraudulent webmasters. [and later in [33] a third one]".

- No it doesn't. All it needed was for the Keyz webmaster to be fraudulent, which is hardly a long reach since even the prosecution expert admitted (see par 37 of the judgement) that the Keyz guy was conducting fraudulent transactions. If the CoA judges were too stupid to see this, then they were too stupid to hear the appeal and their decision should simply be ignored.

Next for example:

"49. The appellant’s only answer to the prosecution’s case is that the transactions in question were made by a fraudulent webmaster. This is pure conjecture, unsupported by any evidence relating to those transactions."

- On the contrary, it is supported by the prosecution expert, admitted (see par 37 of the judgement) that the Keyz webmaster was conducting fraudulent transactions.

Next for example:

"50. First, there is no evidence that the webmaster had access to the data concerning the appellant that were used in these transactions. The appellant contends that the webmaster could have obtained it from an email sent by the appellant to protest against the wrongful debiting of his credit card account as a subscription for “Web’s Youngest Women”, following the cancellation of his membership. The email was dated 9 February 1999, and concerned debits similar in amount to those that were the subject of the indictment. This contention is hopeless. The email was not addressed to the webmaster of the Childrape and Forchild websites and there is no evidence he had access to it."

- Complete and utter rubbish. The fraud was conducted by the webmaster of the Kewz site who *would* have had access to O'Shea's data. The CoA judges have run away with the idea (presumably planted on them by Gamble) that the fraud was conducted by the other webmasters.

Next for example:

"56. It is also surprising in the extreme that if the supposed fraudulent webmaster was able to debit the appellant’s credit card account, he did so for such limited amounts and on relatively few occasions."

- Nonsense. That is, or was, how fraudulent commercial websites work. You charge small amounts that will not immediately reveal your fraudulent operations.

4
1

Evidence...?

This is the same evidence that Police experts had "serious doubts" about?

'Peter Johnston, a former computer crime officer for Merseyside Police, told ITV News that officers rounded up people whose details had been linked to internet child pornography despite doubts over their guilt.

'He said: “There then came the calls of ‘let’s get out, let’s get them locked up, let’s get these people off the streets, you can’t have paedophiles wandering round the streets’. My view, and it’s purely my own view, is that yes there was a witch hunt.” '

http://www.telegraph.co.uk/news/uknews/crime/8124277/Police-had-serious-doubts-about-child-porn-database-evidence.html

Yet, according to the Press Association:

'Dismissing the challenge, the judge said: "There is no real possibility that a reasonable jury, faced with the evidence we have considered, would not conclude that he was the person responsible for the transactions in issue. We have no doubt whatsoever as to the safety of his conviction."'

I would like to find out what exactly ensured they had "no doubt" in this case, was it because APACS and the banks said "Oh, no, Your Honour, our systems are entirely safe, there's no way that anyone could commit a credit card fraud like this, it must have been the card holder who did it" and the Judges replied "Ok, that's good enough for us"?

7
1
WTF?

In the UK, you are guilty unless you can prove that you are innocent

Another example of the way "justice" is served in the UK. And an example of how the UK police can take a very successful and laudable police action, and make themselves look like complete arseholes with no sense of the rights of people.

That the police did their job properly in a majority of cases, i.e. took good circumstantial evidence and then turned into into solid evidence after gaining access to the bad peoples computers, does not excuse them from going after people when they did not turn up solid evidence. To then prosecute people purely based on being on a list - with no other evidence of wrong-doing on their part - and expecting that the person accused has to find a way to prove that they got on that list by the actions of some other bad actor(s)... Whatever happened to "guilty beyond reasonable doubt"? Whatever happened to "innocent unless proven guilty"?

Whatever happened to this country and its justice system?

14
1
Silver badge

Credit card fraud doesn't exist?

So is Gamble saying that credit card fraud doesn't exist. Much kudos to anyone who steals his credit card details and signs him up to gay porn websites (not kiddie porn, for obvious reasons).

9
1

Re: fraud...

No, the *court* is saying that Mr Shea was on the list because he had subscribed to it, and not because he was subject to CC fraud.

People really need to learn about burden of proof. Mr Shea had already been convicted - this was an appeal against that conviction. It is therefore for him to prove that the conviction is unsafe (i.e. the burden of proof rests with him). His argument appears to be "someone stole my CC details and only used them to sign up to the kiddie pr0n site".

So, if you stole someones CC details would you only use them for one transaction, or would you get what you could out of it prior to it being cancelled (in for a penny, in for a pound etc)?

Was the fraud ever reported to the credit card company or the police?

One alleged fraudulent transaction he wishes to distance himself from and no report of it to the card company looks a little dodgy, no?

Based on all of the evidence available to them the court held that he was talking ballcocks. I can't say either way if it's a reasonable outcome as I haven't seen the evidence, but it's unlikely an Appeal Court justice is going to go out on a limb and commit professional suicide. The strength of the wording makes it all the more likely his argument is fluff - the justice left no room for distancing himself from the finding at a later date did he?

1
2
Big Brother

Or maybe

Or maybe he never actually disputed the charges to his CC?

Makes claiming it is fraud a lot harder.

0
0
Alien

It must be true because

America provided them with the list right?

6
0
Flame

DPP laziness

So what, in effect, the DPP is saying, and the judge is agreeing to, is that if you want to do something illegal with the internet, first steal someone elses ID and use it to get a credit card. You will be then be left completely alone since the DPP is far to busy to bother checking that the credit card used was actually issued to the person accused. And as we have seen so often where 'kiddie porn' panic is concerned, suspicion is conviction.

This approach does have lots of advantages as it seems that it makes everyone happy. The police and the DPP get easy prosocutions, politicians can claim they are doing something and have the convictions to back them up, newspapers have headlines that sell papers, pressure groups have hate figures to scare us with. Even the peados get to carry on as usual. In fact, the only people to suffer by doing things this way are the idiots who allow their ID's to be stolen and the kiddies that are being abused, and lets face it, nobody really gives a fuck about them.

3
2
Unhappy

Bloody frightening

A few weeks ago I had a call from my bank regarding what they suspected was a fraudulent use of my debit card. Someone was trying to buy an iPad with it. (well, spending a sum of money at the Apple store that equates to an iPad). I informed them that this was a fraudulent transaction and they blocked it, and cancelled my card.

Now, I'm careful with my debit card to the point of being paranoid. I don't use it online. I double check ATMs for skimmers, and I refuse to hand it over to shop assistants and hide the keypad with my other hand when entering my PIN. Yet I nearly got ripped off.

Now I consider how easily my card could have been used to subscribe to a paedophilia site instead of buying a fondleslab.

And I'm fucking scared. Not because this could happen, but because the Police would rather believe that I am a kiddie-fiddler than believe I'm a victim of ID theft.

Sad face, because there isn't a scared shitless one......

22
2
Anonymous Coward

Re: Bloody frightening

> And I'm fucking scared.

This guy is one of the lucky ones, he's still alive.

How many suicides were there? THIRTY NINE, apparently.

Even if those people were GUILTY of downloading child porn, I don't think they deserved to die for it, and the prosecuting authorities should have taken notice of what was going on. Like, say, after TEN of their suspects had killed themselves, maybe getting some psychiatrists to interview the others?

And if they were innocent, then to me it's not far off murder.

3
0
Silver badge

Fraud ?

Being the concentious person you appear to be, if a transaction appeared on your statement that you did not expect, you would challenge it. That would form part of the permanent record of your account that the banks are required to maintain for a minimum of 7 years, and the banks would probably change your card (and number) as well.

Therefore if the Police/CPS use the idea that "you had subscribed" as only evidence, the fact you have challenged the transaction at the time would provide "reasonable doubt" over your guilt.

From my limited reading of the details, there was no evidence of any challenge on any transaction on any statement, so having already been throught the court process once, it is a little late to be claiming it must have been a fraudulent transaction. Why didn't he claim it was a fraud at this first trial?

0
1
Flame

Damn you and your filthy titles...

When asked by Lord Errol in the house of lords "Is there possibly going to be a problem with the amount of credit card theft—identity theft as people have re-named it—that is going on at the moment?"

Gamble replies "We never prosecute someone simply on the basis of their credit card being used."

Liar liar pants on fire.....

( http://www.publications.parliament.uk/pa/ld200607/ldselect/ldsctech/165/165we07.htm )

12
1
Big Brother

Fixed that for him.

Gamble replies "We never prosecute someone simply on the basis of their credit card being used. We also read the Daily Mail comments section to see how we should react"

0
0
Go

Judgement tl;dr

You can find the judgement at

http://www.judiciary.gov.uk/Resources/JCO/Documents/Judgments/o-shea-judgment-06122010.pdf

if you're interested. Actually the evidence against him is pretty good - they have logged IP addresses for his initial subscription, credit card billing addresses matching his home, hand-annotated credit card statements that mark the billed items (that he didn't query when he's followed up other items in the past), and passwords from the gateway site matching passwords (and account names) he's used for other subscriptions. All in, I'd say reasonable doubt had been met, cos the only alternatives are OCD identity thieves, police fitting him up, or magic fairies.

6
1
Pint

Much better.

The credit card transaction and billing address is in all honesty, not evidence of anything. I've had fraudulent transactions made on my card with my full address. It's pretty common.

The IP details, user name and password etc.. Much more solid. And it would take someone who knew him very well to duplicate that.

As to the bank statements.. Gotta love a perv who keeps good records..

1
0
Anonymous Coward

The judgment is at

http://www.judiciary.gov.uk/Resources/JCO/Documents/Judgments/o-shea-judgment-06122010.pdf

0
0
Silver badge
FAIL

They should use evidence, not witch hunting

“Whilst convicted offenders understandably wish to disassociate themselves from this type of offence in any way possible, the devastating impact of child abuse on its victims must never be forgotten.”

What has the severity of the offence got to do with whether the accused is guilty? If it is an extreme offence with an extreme punishment, they should if anything be more careful not to convict the innocent. Not say "It was a devastating crime, therefore he must be guilty".

10
0
Thumb Up

Guilty as charged!

Anyone who thinks this guy is innocent, read the court logs.

Sure, someone could have got his credit card details, name, address and postcode. ID theft happens.

But whoever paid for the kiddy-fiddling websites also had his email address; an IP address for his ISP; and a password which matched passwords from his other email accounts. An email was proved to have been sent to that email address, telling him that he'd been charged. O'Shea claimed he'd never heard of that password, when he was proven to have other email accounts with that password. And he was proved to have disputed unexpected credit card charges, but didn't dispute these ("the curious case of the dog in the night-time").

And this is before you consider that with absolute free rein to this guy's credit card, the one and only transaction on it from a hypothetical fraudster was this one. Likely? Not very.

Deserved fail. O'Shea, meet O'Shit.

2
0
Coat

From the judgement...

"IP addresses are stored as binary numbers, but are shown in readable notations, such as 208.14.156.289"

289 ?! O RLY ?

2
0

Deliberate

Otherwise whose ip address are they going to publish?

Examples in judgments nearly always avoid using real details.

0
1
Gold badge
Joke

Exemplary PR work from Jim Gamble cor CC companies

Wonder what he's going to be doing when he leaves (Ed Vaizey seemed to suggest he had already done so in the adjournment debate) CEOP?

0
0
Flame

Yes, he has already left...

... he resigned in protest at the decision to close down CEOP and subsume some (but not all) of its functions into the National Crime Agency in 2012.

Which is actually very much to his credit... CEOP does a great job and no-one will seriously argue that scrapping it is anything other than a stealth cut that will seriously diminish the protection given to vulnerable children... :-(

0
3
Paris Hilton

I dont get this bit

I can see why he didnt want to get prosecuted and its a stretch to say that subscribing to a website encourages others to distribute as its a chicken/egg argument as to what came first. but its pretty clear from the evidence collected that there where grounds for reasonable suspicion that he had subscribed to some dubious stuff.

I did find this point interesting (Its paragraph 38)

"There was only one issue of fact relating to the specific transactions ascribed to the appellant on which Dr Sharples and Mr Bates disagreed. Dr Sharples told us that, while it was possible for an Internet user to disguise his IP address, it was not possible for him to assume the IP address allocated to someone else, and specifically Freeserve. In other words, if the Landslide computer recorded that it had been accessed from a Freeserve proxy server, it had been."

I might be misreading this but if you can disguise your IP address, whats to stop you disguising it as one that comes from a Freeserve proxy?

Over to the proper tech heads to explain that one.

I also wonder at the courts view that webmasters wouldnt engage in fraud, I suspect that Visa/Mastercard would disagree with that.

0
0
Boffin

Explanation

You can disguise your (real) IP address by accessing something via the (real) IP address of an anonymising proxy server, which is what Dr Sharples meant when he said "disguise". However, you cannot hide your (real) IP address by accessing something via a device that uses a (mock) IP address.... the routing would simply fail because the remote service could never respond to device attempting to set up an IP session. It's like trying to con a bank into sending you cash by telling them to post it to you at a non-existent address. Even if they post it, you will wait a long time at your real address for it to come through the letterbox!!

0
0
T J
WTF?

Wow, a Room 101 clause!

So the ruling nasties now have the thing they always wanted - a Room 101 clause. Now they can arrest anybody with a credit card. No evidence required, just add government lies.

0
0
Silver badge

one question

Did they find any kiddie porn on his computer. If so then yes I would say case closed , well that and the credit card details. If not you are going to need more than just CC details. Lots of folks never notice small charges.

1
0
Big Brother

I've got a little list...

"I've got a little list, Of society offenders who might well be underground, And who never would be missed"

How soon before Julian Assange's Credit Card details appear on one of these lists?

1
0

"the Appeal Court found no evidence of any such fraud"

Put like that it sounds like they wanted proof that he was innocent. Is that really the case nowadays?

1
0
Thumb Down

No one cares

The public have been brainwashed into thinking that having a single image of a 17 year old = having child porn = making child porn = making child porn = raping babies thanks to the hysterical reporting by the media.

Hence whenever any man is accused of having child porn, he may as well kill himself (I say man specifically because they are STILL of the opinion that it's mostly a man thing). Even if he is found innocent, the accusation is worse than any punishment that could be given.

And no one cares because "if it saves the life of one child ..."

Notice that the press hailed Ore as a massive success and didn't even mention all of the men that killed themselves.

3
0

@Steve Bush

For an appeal, you either need to show that there's a good chance the jury reached the wrong decision based on the evidence (which could be due to a fuckwitted jury or due to misdirection from the judge), or you need to provide new evidence which the Appeals Court thinks would have had a good chance of causing the jury to reach a different decision.

So proving your own innocence is *one* way of doing this, but it's not the only way. Famously, the various banged-up Irishment who were fitted up for bombings in the 70s and 80s didn't prove their innocence, they just proved that the police had fitted them up. As many people said at the time, the police may have planted evidence to guarantee a conviction, but that doesn't mean those guys didn't plant the bombs. But with the evidence totally buggered, there was no way to tell the genuine terrorists apart from the guys who were only guilty of Being Irish And Living In England.

0
0
Unhappy

maybe the guys guilty, not sure.

but it looks like his defense is that he subscribed to, perhaps an adult site using the same payment processor, - and a webmaster took his details. (which would include passwords and IP addys) and copied it to other sites, including a child pron site.. certainly plausible, the webmaster wouldn't necessarily want to charge it multiple times as charge-backs can kill a payment processor (it would have been done 1 time on hundreds of cards to generate revenue with the fewest charge-backs, kind of like doubling your business income). most people won't bother phoning their cc company for a £10 or so unexplained charge fewer if it looks embarrassing , not sure if its likely but that means it will happen sometimes... which to me would make the conviction unsafe.

don't know about anyone else but I'm not at ease with people getting convicted on child porn charges when they didn't actually find any child porn.. i mean maybe he's particularly sneaky about it but it just seems wrong to me...

1
0
Anonymous Coward

this appeal failed, does not mean all Ore cases genuine

I just read the full judgement. Reading it, it very much seems like the appellant was grasping at straws to overturn the original verdict.

That said, he was charged with "incitement" to encourage others to make/download child abuse images by nature of his subscription: no evidence was found that he had downloaded or made images himself. That sounds a bit thought-crimey to me.

That this person was apparently soundly convicted is one thing. It does not mean that everyone whose details were on the Landslide database were guilty.

This 2008 BBC article tells the story of man whose life was ruined by the accusations of being a downloader of child abuse images (http://news.bbc.co.uk/1/hi/magazine/7326736.stm). He could PROVE that his card was being used fraudulently in Jakarta while he was using the same card in a restaurant in London. Still, he lost a £120k/year job, almost lost his house and was disowned by his family. Eventually, the police conceded that they found no evidence of child abuse images and that his card had been used fraudulently.

The BBC story makes no mention of an apology or any kind of compensation from the police.

1
0
This topic is closed for new posts.

Forums

Biting the hand that feeds IT © 1998–2017