Supplementary memorandum by Mr Jim Gamble
I write further to your letter dated 26 April
2007, requesting clarification of points made in your letter dated
1 March 2007 and seeking answers to a number of specific questions.
In September 1999, the US Postal Inspection
Service searched the premises of an American based online trading
company known as Landslide Inc. this company was providing access
for payment to adult pornography and child abuse images. Material
was seized which included a database containing the list of subscribers.
In September 2001, following the conviction of Thomas and Janice
Reedy, owners of the company, Landslide Inc transaction information
was received by the National Criminal Intelligence Service.
Prior to any public statement alerting suspects
to the investigation, 50 cases across 31 different police force
areas were actioned. The overwhelming majority of these cases
led to child abuse images being found on computers.
In September 2002, the National Crime Squad
took the responsibility for national co-ordination dealing with
the dissemination of the subscriber data. This included a co-ordinated
approach to the categorisation and prioritisation of individual
suspects based on their potential access to children.
This transaction data consisted of information
submitted by a customer in purchasing access to the websites,
which included their name, address, credit card number, email
address and a customer selected password. In April 2004, following
the first incitement case, further forensic work revealed the
capture of the subscriber IP address and the credit card verification
In the majority of Operation Ore cases, police
forces have used the data from Landslide Inc to commence investigations
into the suspected possession of indecent images of a child. Once
the individual packages were released to the forces, it was the
responsibility of individual Chief Constables to decide whether
to undertake investigations. Following investigation, forces considered
whether offences had been committed and warranted judicial proceedings;
each case was independently scrutinised by the local Crown Prosecution
To the best of my knowledge more than 2,450
individuals have been successfully held to account. This figure
presently shows a 93 per cent rate of guilty pleas and includes
more than 700 admitting their guilt in receiving a formal caution.
In almost 2,300 cases, child abuse images were discovered. In
21 per cent of all dissemination cases, following an investigation,
the Police Service took no further action.
Following the publicity generated by some high
profile cases and greater levels of awareness that an investigation
was ongoing, the CPS developed a response for the occasions where
no images were found. A CPS prosecution strategy emerged, focusing
on the subscriber incitement of the Reedys to distribute child
abuse material. The CPS additionally drew up and issued best practice
These incitement cases number only 161. This
figure represents 1.8 per cent of the total dissemination of transaction
data. In the majority of these cases (68 per cent), the individual
admitted their guilt and received an adult caution with placement
on the sex offenders register. The remaining cases were subject
to court proceedings resulting in 24 convictions and two acquittals.
The CPS chose not to proceed in 13 cases. Only 10 contested incitement
cases presently remain outstanding.
In these incitement cases, the evidential connection
between the personal details provided, the identity of the user
and a direct link to a site offering child abuse images is clearly
key. This is a matter dealt with on a case by case basis, subject
to the particular circumstances.
I will now deal with the questions you have
posed in your letter dated 26 April 2007.
Whether CEOP (or the police prior to the establishment
of CEOP) have launched investigations into suspected online child
abuse on the basis solely of the use of credit cards online
CEOP has not launched investigations into suspected
online child abuse cases in the context of Operation Ore. This
is the responsibility for local police forces.
In my experience when an Internet user subscribes
to a website offering child abuse images, they provide personal
data to a registration page. Similarly to the explanation above,
this data may include:
Their credit card details.
In addition, the IP address of the subscriber
may be captured by the system (the IP address can provide information
indicating the address or location of the subscriber).
This information is analysed by the local police
who then attempt to identify the particular individual who accessed
the site by providing that information. Their enquiries may include:
postal address; any previous offending history; existing intelligence
or other relevant information; and, whether the credit card was
reported lost or stolen.
Whether CEOP (or the police) have sought and been
granted search warrants to enter premises and seize materials
on the basis solely of the use of credit cards online
CEOP have not sought or been granted search
warrants on the credit card information. However, CEOP cannot
comment on what other police agencies may or may not have done.
Whether any prosecutions, in particular for incitement,
have been brought, in particular under Operation Ore, on the basis
solely of credit card information
To the best of my knowledge, in all incitement
cases, additional evidence beyond simple single credit card details
have supported the prosecution. I understand that where there
is doubt, suspects have been given the benefit of the doubt.
In my view, where there is an allegation relating
to child abuse (directly or indirectly) it is for the police to
establish whether and by whom an offence has been committed, plus
to ensure no children are at risk. If sufficient evidence exists
and it is in the public interest, a file is submitted to the CPS
for their consideration as to a prosecution or otherwise. The
evidence is considered by the defence teams and their consultants.
The veracity of that evidence is then further tested by the Courts
to a standard that is beyond reasonable doubt.
The police are under a duty to disclose material
to the defence that either undermines the case for the prosecution
or assists that of the defence. This obligation requires the police
to pursue all reasonable lines of enquiry including those that
point away from the suspect. Failure to comply with these obligations
may result in the court refusing to allow the prosecution to continue
and staying the case as an abuse of process. Whilst I am unable
to comment on the disclosure decisions in individual cases I would
expect that once a defendant has raised the possibility of his
being the victim of credit card fraud, enquiries would be undertaken
in order to ascertain if that was correct.
Whether any investigations or prosecutions are
pending and if so, how many under Operation Ore in which the only
evidence available is credit card evidence
A number of investigations and prosecutions
are pending. No prosecutions, to my knowledge, are pending where
the only evidence available is a simple single credit card transaction.
As already stated individual police forces are responsible for
the investigation of individual cases.
What impact the prevalance of online credit fraud
and identity theft (most recently the hacking of TK Maxx) has
had in your view of the reliability of unsupported credit card
evidence as a basis for launching investigations and prosecutions
for online child abuse
This question has been previously addressed.
However, I want to reiterate the point, that members of the Committee
must be clear on the distinction between an investigation and
prosecution. In my view, where such an allegation exists that
relates to child sexual abuse, the police are duty bound to establish
whether and by whom an offence may have been committed. That investigation
in my view would never lead to a prosecution solely on the basis
of simple credit card evidence.
I note from your letter, that the Committee
mentions a case. This inquiry, to my knowledge, was not proceeded
with on the basis of unsupported credit card use, and a number
of facts were taken into account by the relevant police service
and thereafter the CPS before a decision to prosecute occurred.
This matter can be further clarified in writing by the police
service concerned if the Committee so wishes.
I note you have chosen to accept Mr Campbell's
magazine articles as evidence. I therefore think it appropriate
that I respond to some specific issues raised.
Although I do not ignore the possibility of
fraud, reading the PC Pro article, from the information
available to me, I can not recognise the article's analysis or
Inevitably there will be some element of fraudulent
activity on the Landslide Inc. system. I am, and remain, unaware
of the "endemic" or "widespread" nature of
fraud as suggested in Mr Campbell's article. I believe the proper
place to debate the issue whilst cases are outstanding is in a
court of law.
Fraud tested in the Courts
In the incitement case of R v O'Shea, O'Shea
took Coventry Magistrates Court to judicial review, challenging
the sufficiency of evidence to justify his committal to to Crown
Court. The High Court sitting in the Royal Courts of Justice dismissed
the application, stating that details of email, postal address
and credit card were sufficient for a jury to draw the conclusion,
if so minded, that the person with that identity was the person
who had keyed the information into the computer.
In "C" v Chief Constable of "A"
Police and "A" magistrates court, "C" sought
that the police should formally acknowledge that there was no
case against him and stop their Operation Ore instigated investigation.
Albeit the local police did receive some criticism, rather than
an apology, the High Court determined it had been reasonable for
the police on the basis of the information disseminated and developed
by them, to commence and continue an investigation. More specifically,
the High Court found that the claimant's case fell far short of
establishing that the police were bound to conclude that the claimant
was a victim of identity theft. The lead Judge emphasised that
what is perhaps a possibility should not be presented as a probability.
Kean Songy's post mortem report
In relation to Mr Campbell's account of a post
mortem study of Landslide, CEOP have obtained a statement from
Mr Kean Songy. Songy states he had a limited conversation with
Mr Campbell. He denies the assertions attributed to him, stating
a review of credit card activity prior to the police search of
Landslide Inc. does not translate into a post mortem study. Mr
Songy cannot understand how Campbell has reached his conclusions.
We note that Kean Songy suggests one of the possible options is
that there was no fraud.
Defence access to the hard drives
Following the copying of the Landslide Inc hard
drives in October 2002, responding to CPS advice in meeting disclosure
guidelines, arrangements were made for their examination by defence
representatives. In providing the appropriate environment and
facilities, two independent defence examiners were consulted.
For the purpose of contested cases, defence representatives, including
Duncan Campbell, have visited the examination facilities on numerous
As the original material includes the abusive
images of children, evidence of linked prosecutions, details of
persons suspected of offences not yet dealt with and potentially
information identifying innocent people, defence representatives
were asked to sign a confidentiality agreement. Again, Duncan
Campbell has signed such a document.
In the case of R v Bird, the defence counsel
using Mr Bates' services requested a copy of the entire database.
Judge Baker agreed the defence team were permitted to inspect
the Landslide Inc. system. However he was not persuaded that Mr
Bates' lack of familiarity with Linux justified a full copy of
the system nor that he was unable to conduct the work required
save only at his own home.
Belfast Crown Court
The defence produced a hand written note, requesting
that parties exchange details of approximately 250,000 files on
Landslide Inc. computers. This exchange was to include hash values
of the hard drives, but not the content. This indicated to the
prosecution team that the author of this document has access to
the hard drives from Landslide Inc., potentially including indecent
images of children.
This note therefore may be evidence of an offence.
As such, the PSNI on behalf of the prosecution declined to return
it to the defence team. As soon as the Judge offered to retain
the note, the PSNI officer co-operated with the court, exhibiting
it as evidence of an offence and leaving it in possession of the
Consideration was given as to whether Mr Campbell
should be cautioned. A caution is not a threat. A caution is designed
to protect an individual of whom there are grounds to suspect
an offence may have been committed.
If an individual claims to have copies of the
Landslide Inc. hard drives, clarification is required to determine
what they have and whether it has been obtained in accordance
with the law. If their material includes abusive images such individuals
may well be committing a criminal offence.
CEOP are aware that Landslide Inc. transaction
data has been released and distributed. This distribution is unauthorised.
This information includes details of persons eliminated from enquiries
and suspects who have yet to be dealt with. In my opinion, any
unauthorised public release of this data is irresponsible, risking
public identification of such individuals and potentially obstructing
I am aware the CPS in relation to Operation
Ore disclosure obligations has written to both Mr Campbell and
Mr Bates seeking information that would undermine the Ore generic
evidence. I am advised to date Mr Campbell has provided no credible
information. Mr Bates has not replied to their requests.
In preparing this letter, I have tried to balance
the public nature of the Committee's work with the sub judice
of outstanding prosecutions. It is also difficult challenging
points made without abusing the parliamentary privilege.
I hope this letter whilst answering your questions,
provides further clarity on Operation Ore. Should you wish further
evidence, I am willing to attend your convenience in person.
1 June 2007
1 The statistics include information supplied by forces
in the first instance, with some selection and manual inputting
by NCS/CEOP officers in the second. The data has then been cleansed
and analysed. Statistics reflect activity to 17 May 2007. Back