The fight against Internet child exploitation

TV news shows aren't the only ones bringing criminals to justice -- new tech helps police ferret out online predators

I love those Dateline NBC-type programs where they catch potential child sex predators who think they are setting up an intimate meeting with a 13- or 15-year old child via the Internet. How can it be that every sicko in the world hasn’t heard that the child they are flirting with online is more than likely a law enforcement officer?

Then again, I’m glad they don't realize this. It means more of them get caught.

[ RogerGrimes's column is now a blog! Get the latest IT security news from the Security Adviser blog. ]

Some people think the Internet is a terrible place because it allows child predators to be more anonymous and to have easy contact with more children. Not me. As the father of four children, including three teenage daughters, I love the Internet. Years ago, an illicit mailing had to come to the attention of a Postmaster General for these sickos to get caught. The vast majority of pedophiles went undetected, molesting children for decades before getting caught, if at all.

Now, the feds pose online and attract the bees to the honey. Pedophiles are even stupid enough to give their real credit card numbers to hoax child porn Web sites concocted by the Feds. We’re catching a thousand criminals at a time.

That’s a thousand criminals, often posing as coaches, teachers, and preachers, who will not have ready access to my child -- at least not while they are in jail. And after they get out, I can track them (their picture, crime, and address) using publicly accessible online registries. I feel 20 times safer today than I did before the Internet revolution. Information is power.

As much as I love the Dateline shows, the real grunt work that solves most child predator crimes doesn’t involve a camera crew, fake house, or a TV reporter. As anyone in law enforcement can tell you, solving crime is a mostly un-glamorous process involving evidence collection, information pushing, documentation, and pure human sweat equity. It’s the boring things behind the scenes -- the stuff that would never make CSI: Miami -- that solves most crimes.

Unfortunately, you can’t go to Best Buy and pick up canned software custom designed to help law enforcement catch pedophiles. This problem is exactly what led Paul Gillespie, a police officer with the Toronto Police Child Exploitation Sex Crimes Unit, to e-mail Microsoft’s Bill Gates in 2003 and ask for help in tracking child predators. Gillespie’s e-mail contained a plea that spoke of highly technical pedophiles and problems of tracking and analyzing voluminous amounts of data.

Microsoft responded by creating the Child Exploitation Tracking System (CETS). Microsoft programmer John Hancock spent many months with the Canadian law enforcement authorities and several other agencies to develop what has so far been a $7 million effort that's a shining example of multinational collaboration.

CETS is a shared, Web-enabled database customized for law enforcement investigations. It relies heavily on Microsoft technologies, including SharePoint and MS-SQL, but all data is stored in a readily accessible XML-format. It excels at storing investigation information, sharing that information across law enforcement agencies, and helping to intelligently analyze stored information.

In a nutshell, CETS helps investigators investigate more efficiently. The system stores hundreds of thousands of pieces of information for each law enforcement agency -- things like predators' online user names, suspicious Web sites, credit card numbers, and hundreds of other pieces of useful information. It has many custom-built analytical tools. For instance, an investigator can ask CETS to show them all the convicted pedophiles within three miles of a particular school where an exposure incident occurred. CETS helps make sense of disparate data, helping to prioritize commonalities between different investigations and target likely suspects. Other off-the-shelf tools, such as MapPoint, are integrated into the system, too.

Best of all, CETS is free to qualifying agencies in approved countries; Microsoft will even help with the initial analysis and deployment (a typical deployment takes six months to a year). First rolled out in Canada, CETS is now available in the U.K., Indonesia, Italy, and Brazil. Chile and Spain are in the process of deploying it this year.

CETS isn’t yet available in the United States, unfortunately, but making that happen is a goal. Tim Cranton, senior director of worldwide Internet safety programs for Microsoft, says a U.S. deployment would be by far the largest and most complex deployment scenario they’ve faced. Integrating the various local, state, and federal agencies and their existing systems would be a challenge -- but one Microsoft seems very open to assisting.

If you are interested in more information on CETS, send an e-mail to There are a lot of other fantastic online efforts leading to the capture of tens of thousands of sex criminals every year. We are locking up and identifying the creeps faster than ever. I don’t hate the Internet, I love it!