This is Part Three of a Series
Brad Willman was installing networking equipment out of an emergency van in British Columbia when a policeman showed up and asked for him. Willman knew the officer from a case he was involved with a couple of years earlier, so he didnt worry--until he arrived at the police station and was introduced to a couple of U.S. cops.
The visit marked the end of Willmans version of vigilante justice.
A Trojan Horse Used For Good
It was 2000, and Willman was 19. He had spent the past few years surreptitiously distributing a Trojan horse program to more than 1,000 people to try to uncover child-porn activities. All told, Willman said his work sent around 70 people to prison.
But then Willman stumbled on a prominent California judge. He discovered that Ronald Kline, at the time a superior court judge in Orange County, had a big collection of child porn and a diary on his PC indicating he was planning to try to seduce young boys. The high-profile case put an end to Willmans career as a crime-fighter.
"Oh, I knew it was illegal," Willman said in a recent phoneinterview. "But I really didnt care. I felt if Im helping a few people in the process, cool." Until Kline, Willman had managed to remain anonymous.
The Origins Of The Program
Willman didnt initially set out to chase child pornographers. He started out developing a program designed to compete with pcAnywhere, Symantecs software that lets users access computers remotely.
But then, while discussing programming on various newsgroups, he had a conversation with a Canadian man who offered his 6-year-old daughter to Willman.
"That was an awkward scenario," Willman said, putting it mildly.
Willman quickly contacted the police, who were able to prosecute the Edmonton man, he said.
"Hes more or less what altered my mind from competing with pcAnywhere to making a Trojan to see who else is doing this," Willman said.
Willman used the work hed already developed on the program to trick suspected pedophiles into unknowingly downloading the software so that he could get proof from their computers.
How Willman Used The Trojan Horse
Willman would visit child-porn newsgroups and post his program as a file that looked like it contained a photo. In order to avoid suspicion, Willman built in an additional feature: When the program launched without opening a photo, he designed it so that the first time it loaded, it would display any photo from the directory to the user.
After someone downloaded the software, Willman could look through their files remotely for illicit documents or photos. Once he found damning information, hed copy and share it with various child-porn watchdog groups, who could then pursue the perpetrators.
Everything changed when Kline downloaded the Trojan and Willman found evidence on the judges computer.
Willman passed the information on to one of the watchdog groups as usual, and he figured that was that--until the day the police showed up while he was at work.
The U.S. police told him that they found him through correspondence sent from his computer to one of the watchdog groups.
While the police were initially friendly because Willman was able to give them additional information about Kline, they later told him that if he did any more hacking, ever, they would arrest him. Willman signed an agreement that he wouldnt hack and that he wouldnt have anything to do with child porn.
Legal Barriers To Willmans Vigilantism
Various U.S. state and federal laws criminalize unauthorized access to computers, said Jeff Neuburger, an attorney specializing in technology at Thelen Reid Brown Raysman & Steiner, an international law firm based in New York City. If Willman hadnt agreed to the deal with the police, he could have been charged with violating state or federal laws. But even in that case, as long as he didnt set foot in the United States, it would have been difficult for American authorities to prosecute Willman, Neuburger said.
Neuburger is seeing more and more cases like Willmans, where people are using the Internet to accomplish good, but sometimes with questionable means. "In the U.S., prosecutors are careful not to let something like this go without sending a message that what the person did was wrong," he said. "But they may not aggressively seek a severe sentence or punishment."
One problem with vigilante work like Willmans is that someone might make a mistake and affect innocent people, Neuburger warned. Had Willman wrongly accused someone, he could have faced much bigger legal problems. "Its a dangerous thing," he said.
Retiring The Trojan
His days in the spotlight behind him, Willman, now 27, lives with his parents in Langley, B.C., where he provides phone tech support for a small cable company. On the side, he repairs computers and dreams of becoming a computer security researcher.
As for Kline, he was sentenced earlier this year to 27 months in prison, a sentence that Willman called "reasonable."
Once in a while, Willman still gets a request from someone asking for his help in busting a suspect involved with child porn. He can only refer them to the watchdog groups he was familiar with.
"I would like to help these people get their kids in a better position--but I cant, because the type of research Id have to do is stuff Im not allowed to do anymore," he said.
Even though Willman knew his actions were illegal, he didnt consider the consequences. "I thought I covered my tracks pretty well," he said. "And I did until the Judge Kline thing. I didnt really think Id get busted."
Dont Miss: Parts One And Twoof Our Digital Vigilantes Series
The White Knight Busts ID Thieves
Using eBay to Catch a Truck Thief