If you flinched while reading that, good. We’re standing on common ground.

Let's get on the same page early here. The sexual abuse of children is vile. It should be investigated thoroughly, prosecuted fairly and sentenced proportionally. Those investigations and proceedings should be based in fact, and an exceptional amount of effort should be put into protecting both the identified and unidentified child victims related to a case, which should include not using intentionally inflammatory language when testifying about child victims forced to perform oral sex on camera.

I just couldn’t help but become increasingly upset over time.

Dismayed. Saddened. Sickened.

As I reviewed transcripts in case after case, I would see incredibly inflammatory language being used in Child Sexual Abuse Material (CSAM) testimony, often in front of a jury. None of this awful language takes a victim-centric approach and is a bile-raising example of the "win at all costs" mentality that can consume criminal cases.

Yet, the statement that opened this piece, made by Special Agent James Dean Kanatzar of DHS ICE, really stuck with me. It’s part of a longer paragraph during his cross-examination in United States v. Casey Frakes (2008):

Q. [Defense Counsel] For any of the movies, any of the pornographic -- child pornography or otherwise, do you know what the search terms were?

A. [Special Agent Kanatzar] No, but I know you have to do some kind of search. You don't just type in Elton John and get 12-year-old sucks dick, you know. You've got to -- it's going to go out and locate what you search for, so if you have files that have child porn-sounding names, you would have to use some kind of child porn search term to get those files.

I knew what Kanatzar had said was false.

I knew it was a statement constructed to disgust, infuriate and shock all present parties. I knew that only someone from an alien planet, or a person who had never really used the Internet before would say such an incredibly inaccurate thing.

I just didn’t have the data to back up my gut.

Yet.

I was fortunate to have grown up in the initial era of peer-to-peer file sharing networks in the 1990s. It was a truly wild time for a hick in the sticks of rural Saskatchewan. Napster was the first network I clearly recall using. It would take upwards of 45 minutes to over an hour to download a single song over our dial-up modem. Didn’t matter, it was fucking awesome.

Yet, there were times when you would wait those agonizing minutes for Bruce Springsteen’s, “Dancing in the Dark,” only to find that what you’d been waiting for was a corrupted file, a virus, or a picture of some dude’s dinger.

This was just part of the online game and the risks that went with it back in the ol’ peer-to-peer days.

I mean. Think about it.

You were downloading shit directly from other people’s computers. Total strangers on the Internet during a time when it was nearly a lawless space. Strangers that you were relying on to accurately label The Boss’s songs and not pull a fast one on you with a dinger pic.

Or something worse.

It hadn’t really dawned on me in the 1990s, or well into the 2000s, really, that people could be prosecuted for accidentally having downloaded child abuse material. In the post-Napster days I was more worried about Metallica showing up at my front door and having Lars Ulrich punch me in the face or nunchuck me with drumsticks. I hadn’t really thought that downloading a zip file labelled, “100 Top Albums of the 80s - 1000 plus songs.zip” could in fact land me in prison.

After Napster’s explosive debut in 1999, the new millenium birthed Gnutella, or what is commonly known as the “gnutella network”. Formed in 2000 by developers that worked at AOL (previously Nullsoft, makers of our beloved Winamp), the gnutella network was a massive leap forward in peer-to-peer (P2P) technology. The network was the first decentralized peer-to-peer network of its kind that enabled the rapid and open development of numerous software clients that could connect to the gnutella network and download or upload music, videos, and other content. You weren’t bound by a single piece of software or method for accessing the network or its contents, and that changed everything.

After the gnutella network was launched, the Limewire client was developed and rapidly became one of the chosen gnutella clients. Limewire became so widely used that it was estimated to have been installed on “...more than a third (36.4 percent) of all PCs in a global survey of 1.66 million computers in 2007…”, with a later study showing, “...LimeWire was used by 58 percent of people who downloaded music from a P2P network in the year 2009.”

Special Agent Kanatzar, under cross-examination in United States v. Frakes is asked to clarify his statements regarding Limewire usage and more broadly Kanatzar’s knowledge of peer-to-peer networks and their clients.

It does not go well.

During this testimony, Mr. Kanatzar incorrectly asserts that only Limewire users can connect with other Limewire users. That’s just false on its face. Limewire was simply one of many clients for the gnutella network.

When Mr. Kanatzar is presented with an obvious contradiction from defense counsel, “We know that Detective Howe was using Phex; right?” Mr. Kanatzar agrees with this statement, “Yes.” When prompted further by Mr. Clarke, “So it’s not just people using Limewire; right?”, Mr. Kanatzar falsely states, “The law enforcement -- the average individual would have to be using LimeWire because all -- I don't think it speaks across, even though it's on the same network with Limewire.”

What on God’s green earth was Kanatzar playing at here?

As defense counsel testifies, Phex was another client for connecting to the gnutella network and is not a law enforcement-only tool nor did it require any specific technical skill that Limewire did not require. Later in the same testimony, defense counsel mentions Bear Share, yet another client for the gnutella network.

How can Kanatzar be a supposed expert on peer-to-peer network usage—such as searching for Elton John and receiving CSAM—and then completely misrepresent the software clients that a human uses to perform those searches on a peer-to-peer network?

The Special Agent’s position was fully collapsing, yet, it didn’t seem to matter. The trial went on with him seemingly making things up as he went.

And the Elton John statement just kept ringing for me.

I turned it over and over in my mind. It was only when I turned the statement on its head, instead saying, “You can search for Elton John and get CSAM,” did the proverbial light bulb brighten for me.

This twist in phrasing has a different implication. One where the download of CSAM could be an accident.

Accidental CSAM downloads.

How frequently could that even happen?

Since I couldn’t, by law, go out and test this hypothesis by performing positive and negative searches for CSAM, I instead decided to see if law enforcement or a government agency had performed this research themselves.

Lo and behold, the aptly named Government Accountability Office (GAO), had indeed examined the very question in 2003. If you’ve never heard of this US agency, from their website, “GAO, often called the "congressional watchdog,” is an independent, non-partisan agency that works for Congress.” They do research on a variety of topics, and then submit their findings to Congress. Their reports are generally thorough beautiful creations I frequently gawk at in awe.

The GAO report released on March 13, 2003, was titled, “Child Pornography1 is Readily Accessible over Peer-to-Peer Networks” and contains a wealth of information detailing the state of affairs for CSAM on peer-to-peer networks in 2003, five years prior to the Frakes case.

It opens with a banger of a statement:

Child pornography is easily found and downloaded from peer-to-peer networks. In one search, using 12 keywords known to be associated with child pornography on the Internet, GAO identified 1,286 titles and file names, determining that 543 (about 42 percent) were associated with child pornography images.

Wait a second.

Using 12 known keywords for CSAM, shouldn’t you have a success rate of 100% for CSAM if the materials are as prevalent as we are led to believe? This statistic says that less than half the time when you are searching for CSAM on a peer-to-peer network are you actually getting it.

This may actually affirm Kanatzar’s statements in a way. Based on this study, albeit limited to KaZaA2, being successful less than half the time you search for CSAM must mean you have to search a lot in order to even have a few images.

Right? You can’t just search for Elton John and get CSAM, you really gotta go out of your way to find CSAM.

Can you see the logic?

Sure.

But not so fast.

The critical part of the GAO report, the data that can replace my gut feelings and vibes is right here:

To document the risk of inadvertent exposure of juvenile users to pornography, the Customs Cyber Smuggling Center performed KaZaA searches using innocuous keywords likely to be used by juveniles. The center image searches used three keywords representing the names of a popular female singer, child actors, and a cartoon character. A center analyst performed the search, retrieval, and analysis of the images. These searches produced 157 files, some of which were duplicates. From these 157 files, the analyst was able to download 177 images.

…we determined that 61 images contained adult pornography (34 percent), 24 images consisted of cartoon pornography (14 percent), 13 images contained child erotica (7 percent), and 2 images (1 percent) contained child pornography. The remaining 77 images (44 percent) were classified as nonpornographic.

With my emphasis added, one can see that searching for things far more innocuous than our dear spicy Sir Elton John resulted in the acquisition of CSAM. All based on the GAO’s law-enforcement supported study.

It’s minimal at 1%, but it’s there.

So, you may be wondering, how much of Casey Frakes collection was deemed to be CSAM when he was prosecuted in 2008?

About 1.4% by my math.

Based on my review of trial transcripts and other materials in the case? Casey Frakes had no idea how the child abuse material got on his computer, but he did enjoy regular, good old-fashioned and very legal porn.

Just as many do. Not a damn thing wrong with that.

So Mr. Frakes would do a general porn search in his peer-to-peer client, select all the files and hit Download All. No discernment whatsoever, and he amassed a small collection this way. I mean, not even close to something I would consider excessively voluminous based on some of my own friends penchant for porn in those days. But a collection nonetheless.

It just so happened that roughly 1.4% of those materials were CSAM, mirroring the result of the GAO study.

Of course this all flies in the face of the testimony that Special Agent Kanatzar gave and of course Special Agent Kanatzar grossly misrepresented other pieces of digital evidence. It’s right there in the transcripts.

But it’s crucial for you to understand, if you’ve never been involved in a criminal matter as an investigator, attorney or otherwise:

When you have an expert take the stand and misrepresent evidence, misrepresent the technology underpinning that evidence, and then intentionally go out of their way to inflame the jury, you have little hope as a defendant.

It is a frighteningly efficient way to get a conviction in a CSAM case.

And of course, Casey Frakes was convicted in 2008.

His appeal two years later? Failed.

Don’t take my word for all of this. Go ahead and read for yourself.

We’ve paid the fees for you and started to compile quite a collection of transcripts, court motions, government research and a litany of problematic issues with the prosecution of cases just like in Frakes.

Guilt or innocence of the defendant is left to the fact finders but either way you look at it, the child victims in these cases deserve so much better than all of… whatever this is.

That I know with certainty.