Garda needs new technology for online child abuse investigations

Forensic analysis of encrypted and damaged devices stymied by scientific limitations

In some cases involving high levels of encryption, the Garda sends devices to a foreign company.
In some cases involving high levels of encryption, the Garda sends devices to a foreign company.

The Garda must wait for new technology to be developed before it can break into encrypted digital devices suspected of containing evidence of child sex abuse and other crimes.

Some devices currently in the custody of Garda National Cyber Crime Bureau (GNCCB) are so heavily encrypted that the technology has not been invented to gain access to their content, according to the Department of Justice.

Others are so damaged that technological advances are required before the data on them can be retrieved and examined. The Garda Inspectorate previously reported that digital devices were becoming damaged while in Garda custody due to improper storage methods over long periods of time, rendering them unreadable.

Since 2013, the GNCCB and its predecessor bureau, the Cyber Crime Investigation Unit, have faced a massive backlog of cases due in part to a lack of qualified computer crime experts and the increasing prevalence of digital evidence in criminal investigations.

READ MORE

Last week The Irish Times reported that it takes an average of five years, between the start of an investigation and sentencing, for cases of online child abuse to be completed, with some cases taking nearly ten10 years. Delays are leading to lighter sentences for some abusers and, according to child-protection experts, children being exposed to additional risk.

Case longevity

However, according to new figures released by the department, the wait-time for forensic analysis of devices has improved dramatically.

The “maximum age” of cases currently caught in the backlog in Garda HQ is 2½ years, it said. This is down from five years at the end of 2018 and six years at the end of 2017.

“It may further be noted that Garda management has indicated that this general maximum age profile relates to a very small number of the cases on hand,” a department spokesman said.

However, in a small number of cases the maximum age is older than 2½ years. These include damaged or heavily encrypted devices where “technological advances may be required to facilitate access to their content”, the department said.

In some cases involving high levels of encryption, the Garda sends the devices to a foreign company which specialises in breaking encryptions for police forces.

It is understood the Department of Justice is satisfied with the reduction in the backlog. Two years ago, it set a target for gardaí to reduce waiting times by 25 per cent. Last year the target was 5 per cent. No target has been set for 2020.

Regional cybercrime units

There are currently 26 gardaí and six civilian staff employed in the GNCCB. The Garda intends to further reduce the backlog by employing more civilian digital forensic analysts in 2020.

It is also currently reviewing a plan to roll out regional cybercrime units “with a view to increasing operational effectiveness and addressing the forensic case backlog”, the department said.

The GNCCB deals with increasing numbers of cases which require forensic analysis of digital devices, the department said. The majority of these relate to online child abuse imagery but the bureau is also responsible for analysing devices related to other offences including organised crime and money-laundering.

There has been a massive increase in the number of new online child abuse cases coming through the system. In 2013 there were 116 new cases, a figure which tripled to 392 in 2018.

According to an Irish Times analysis, nearly 60 per cent of "child pornography" possession cases dealt with in the Circuit Criminal Court resulted in either a suspended sentence or probation last year.

Conor Gallagher

Conor Gallagher

Conor Gallagher is Crime and Security Correspondent of The Irish Times