Nate Anderson’s The Internet Police: How Crime Went Online, and the Cops Followed is really a story about how the internet grew up. It begins with the story of Sealand, a refurbished wartime platform located just off the coast of Great Britain; in the early 2000s, it became home to HavenCo, a hosting service that promised complete immunity from the law. HavenCo was based on the dream of an internet unfettered by old, conventional rules — a dream quickly dashed on the shores of reality. With a few exceptions, online crime has come to be prosecuted like any other crime. Anderson talked to us about how that happened, why all cops are now “internet police,” and whether law enforcement really “gets” the internet.
You’ve framed the book partly as a battle between two camps: the exceptionalists, including John Perry Barlow, whose “A Declaration of the Independence of Cyberspace” imagined the internet as transcending geography and politics, a space subject only to its own law; and the non-exceptionalists who believe that crime on the internet should be subject to the same laws and norms as anywhere else in human society. Throughout the book you demonstrate the consequences of those opposed beliefs. The battle doesn’t seem to be over, but which side is “winning”? And why does the question matter?
The non-exceptionalists have won in most respects, which is why every country still has national laws and tries to enforce them — often with success — online. One of the things that I think wasn’t anticipated in the 1990s was the ease with which blocking could be done at internet scale. Instead, the idea had been that there would be so many connections into a country like China that someone hosting an offshore server couldn’t be stopped. But of course they can — and are. One only has to look at Google’s interaction with China to see that 1) technical and 2) political / legal / economic power can combine to shape the net in dramatic ways.
One chapter in the book declares “All police are internet police.” Why has that become the case, and was it inevitable?
Because so many different kinds of crime migrated so quickly onto the internet, and those crimes took place in so many places. The existing structure of local police and state and federal agencies had taken decades to create; easier to leverage the structures that were there than to create some new “internet police.” And crimes committed on the internet weren’t “new”; in almost every case, they were simply digital versions of things that cops had investigated for years offline. It was natural that, as cops ramped up their internet training, they would continue to follow cases wherever they led, even online.
"Every national agency you can think of investigates online crime."
That’s why cops in my town troll the net looking for local prostitution, and why my county runs a unit focused on online child pornography and sex abuse, and why my state runs internet-focused task forces, and why every national agency you can think of (ICE, NSA, FBI, Postal Inspectors, DEA, and many more) investigate online crime. It’s instructive simply to look at the lists of units involved in major cybercrime cases today.
For instance, I’m currently investigating cops who use Craigslist to troll for men who might be open to sex with underage girls. One recent sting in northern Florida involved: the Department of Homeland Security (national); the Florida Department of Law Enforcement (state); the Sarasota, Polk, Lee, Seminole, and Hardee County Sheriff’s Offices (county); and Bradenton, Sanford, and St. Petersburg Police Departments (local).
Another point you bring up is the old saw about technology being agnostic about the uses to which human beings put it. For example, you write that regarding the anonymous routing network Tor, “the US government built a tool of use to criminals because that was the only way to make it useful to everyone else.” That particular tool allowed anonymous internet access for dissidents worldwide; it also enabled the online drug bazaar known as the Silk Road. You advocate a pragmatic approach to dealing with this “dual use” problem: there will always be sinister uses for technology, and we’ll continue to find ways to prosecute those crimes. But we should prefer to do so without crippling the technology itself. Do you think most law enforcement shares that view?
"The FBI is drafting new legislation that would require tech companies to have some way of getting past any encryption in their products."
No, they quite clearly don’t. I can’t speak for all law enforcement, of course, (much less for “government,” which has so many conflicted views on “the internet” that it’s impossible to make general statements about what they are) but the FBI is the clear leader on most of these issues nationally, and they are upfront about the fact that they would like tech built in such a way that it doesn’t lock them out. The current concern is something they call “Going Dark,” which refers to being blinded by encryption. The FBI is currently drafting new legislation that would require tech companies to have some way of getting past any encryption in their products. In other words, you may have to build your tech with law enforcement in mind; the government won’t tell you exactly how it has to be done, but they do want it done somehow.
The Internet Police: How Crime Went Online, and the Cops Followed is available now.