The Jennings blog has moved!

As of October 1, 2011 the Jennings Project blog has moved and joined forces with Constitution Daily, the Center’s daily digest of smart conversation on the Constitution. All new posts will be published there, so be sure to subscribe and follow Constitution Daily on Twitter. If you are interested in submitting a post to Constitution Daily, please email Stefan Frank at

Monday, August 31, 2009

Privacy and the Internet -- Maureen Orth's Eyeopening Piece on the Craigslist Killer

In this month's Vanity Fair, Maureen Orth, writing on the Craigslist killer, Philip Markoff, details just how much of our lives we have ceded to the Internet...

"Few Americans, even those from the younger, Internet generation, seem to understand how easily their clicks and text messages can be detected, and how little privacy any of us have anymore. Every search, every posting, every text message or Twitter, leaves a cyber footprint. The content of every e-mail sent by any one of us is kept by the Internet service provider and stored for a period of time, usually six to nine months. Google and Gmail used to store e-mails indefinitely; now they claim they’re within the same range, but all the e-mail we choose to keep until we delete it can also be accessed by the provider. “If you can see them, they can see them,” says Rasch.

Boston law enforcement started backtracking to find out Andy’s [Markoff's] identity, first establishing that the e-mail account at came from Microsoft in Redmond, Washington. Next they had to find out who was accessing that account and from where. “They used legal processes [court orders and search warrants] to get Microsoft to disclose the unique computer-ID number, or I.P. [Internet-protocol] address, that was used to send the e-mail answering the Craigslist ad,” Rasch explains. Craigslist was able to see what time and date the user of the address responded to each of its postings—when he clicked Morgan’s or the other two women’s ads, for instance. “People who use Craigslist leave more of a trail than people who just use the phone,” says Rasch. Conley goes further: “People feel online communication is pretty discreet. That’s entirely false.” (Hotel security services routinely monitor Craigslist to see how much of the erotic trade they are attracting.)

The police searched the hotel’s surveillance tapes to see who appeared on-camera just after the killing. Simons’s phone call and her text to Brisman right before the killer got to Brisman’s room made the timing precise. The surveillance tapes showed that, just after the killing occurred, a tall, blond, white male matching Leffler’s description of her attacker was looking down and working his phone while walking briskly but nonchalantly away from the Marriott Copley elevators. Surveillance tapes at the Westin Copley revealed a remarkably similar-looking person texting upon leaving that hotel in the time frame of the Leffler holdup. “He doesn’t seem to rattle very easily,” says Conley.

The police also got important clues about the e-mail account [the account which Markoff used] —what information the subscriber provided when it was created and the I.P. address of the computer used to create it. “What they learned was that the e-mail account was a throwaway account, created a day or two before, just for the purpose of making these connections,” says Rasch. The address came back to an Internet service provider in the Boston area. “The provider was able to give the police the name and address of the customer to whom they had assigned the particular I.P. address. This doesn’t mean necessarily it’s the guy, but it’s close enough,” says Rasch.

When the police went to investigate the physical location—8 Highpoint Circle, in Quincy, Massachusetts, a suburb of Boston—it turned out to be a large apartment building. The I.P. address was definitely associated with a particular person, but it was a wireless router, “so anybody in the building could have been using this address,” says Rasch. “That’s the nature of wireless. So, while the police had a name and address that got them close, it did not give them the suspect. Anybody within a few hundred feet of the router would be able to access that router and be assigned the Internet-protocol address the police were looking for.” Nevertheless, Rasch says, the first thing police did, once they had a name, was exactly what many of us would do—they went to Facebook and Google to find out who their suspect was and what he looked like. Then they fell back on tried-and-true detective work and began an old-fashioned stakeout. They were shocked to learn who it was they were looking for...

You can read the complete article at, here.

No comments:

Post a Comment