After police arrested Timothy Ford, a twice-convicted sex offender, they found countless photos of unclothed young boys on his computer. Yet when they sought to expand the investigation, they didn’t just focus on the images. They also followed the money trail Ford left in paying for the material, eventually shutting down a ring that included dozens of people on four continents.
Acting on a tip that Ford, 53, was communicating with other pedophiles, officers raided his bungalow in Northamptonshire, 70 miles northwest of London. As they waded through dirty clothing and trash piled as high as the bed, they unearthed a laptop with hundreds of photos and videos that Ford directed from his keyboard, tapping out instructions -- “Play with each other” or “Close up, please” -- to boys as young as six, police documents show. Just as important for investigators were the details of Western Union Co. money transfers to adults who abused the children live via a webcam stream from the Philippines.
“The difficulty is that we see only the transaction amounts” without knowing what’s being bought, said Peter Barnes, Western Union’s top sleuth in northern Europe. “That’s why sharing with law enforcement is so important.”
After Western Union analyzed the payment data found on Ford’s computer, the investigation was expanded in 2012 and ultimately led to the arrests of 29 people worldwide in the child pornography ring, with 15 victims being rescued. Conspirators in the Philippines committing the abuse, including relatives of the children, netted 37,500 pounds ($64,000) in a country where an average household earned about $5,400 in 2012.
As police have stepped up cooperation with financial companies such as Western Union, PayPal Inc., Visa Inc. and MasterCard Inc. to cut off the money that fuels the trade in online child porn, they have had remarkable success. The Financial Coalition Against Child Pornography, which brings together companies and cops, says that since 2006 revenues from commercial sales of child porn on the public Internet have dropped to “almost zero” from several billion dollars annually.
Yet the success is illusory. While credit-card payments for child porn on the public Internet have plummeted, huge amounts of material have moved underground, and are often paid for using anonymous wire transfers and the bitcoin virtual currency.
Of particular concern is a dark corner of the Internet called The Onion Router, or Tor. The service, founded by the U.S. Naval Research Laboratory to help people in countries with authoritarian governments remain anonymous, masks online identities by bouncing the signal around as many as 5,000 relays. Problem is, it’s been adopted by sex predators, money launderers and drug dealers.
“After we take Web pages down, they’ll pop back up online again somewhere else,” said Sarah Smith, a technical researcher at the Internet Watch Foundation in the U.K., which acts on tips from the public and works with Web services providers and companies like Google Inc. and Microsoft Corp. to rid the Internet of child porn.
As more material moves to hidden areas of the Web, it gets harder to track payments. In most countries, regulations protect the identity of people making credit-card transactions unless police have reasonable cause to suspect illegal activity.
“Banking secrecy and privacy are usually the concerns we get from a whole range of financial payment companies when we approach them,” said Bindu Sharma, head of the Asia-Pacific Financial Coalition Against Child Pornography in Singapore.
Concerns over secrecy laws have spurred financial companies to come up with creative ways to fight the problem. Western Union, which records 29 transactions every second, has developed computer programs that flag potential illicit activity around repeated transactions in small amounts from “high-risk corridors,” like the U.K. to the Philippines.
Barnes, an 18-year veteran with London’s Metropolitan Police, joined Englewood, Colorado-based Western Union’s effort to fight money transfers that fund criminal activity two years ago. In the past year, he has given evidence in at least a dozen cases regarding payments for child pornography.
Working with police “is key,” said Barnes, 43, part of a team of 25 investigators in Russia, Australia, Dubai and the Philippines. “We are trying to learn from cases what the methodology is, and teaching our systems to identify that.”
Western Union said it is looking to work with the Internet Watch Foundation to have its logo removed from sites that recommend its service to pay for child porn. The foundation would notify Western Union when its service is being used for such payments. If the page also contains a link to Western Union’s website, the company would work on identifying who requested the transaction.
Much of the progress in using financial tools to fight online child porn can be traced to Ernie Allen. As head of the National Center for Missing & Exploited Children, a nonprofit group that acts as a clearinghouse in the U.S. for sex abuse images and videos, Allen eight years ago brought the financial community together with police. He was spurred on by a case in Texas, where a couple ran a site featuring categories such as “Child Rape,” and “Children Forced to Porn,” that had 250,000 members, each paying $29.95 a month.
“I called the chairman of a major credit card company and asked how this was possible and he said, ‘We don’t know what these transactions are,’” recalled Allen, now head of the International Centre for Missing and Exploited Children in Alexandria, Virginia, a global affiliate of the U.S. group. “He told me if we can identify where the account resides they can stop payments and shut down the account.”
That inspired Allen in 2007 to found the Financial Coalition Against Child Pornography. Allen persuaded banks to provide officers with credit cards to pose as subscribers to child porn sites. As transactions were processed, the merchants’ identities were revealed and police could shut the sites and arrest the people behind them. Hundreds of sites were taken down over the next few years.
Allen acknowledges that “we didn’t end it, we just moved it around.” Allen is also co-chairman of the Digital Economy Task Force, a group including industry and government figures that focuses on illicit activity, particularly child exploitation on anonymous networks. In May, he gathered representatives of Visa, the U.K.’s Internet Watch Foundation, mobile phone operators, and other companies, in London.
The delegates discussed the flourishing trade on sites with names such as PedoEmpire, Lolita City, Jail Bait and The Love Zone. Together those sites have hundreds of thousands of members, who pay for access with bitcoins, prepaid cards, and anonymous wire-transfer services.
The task force has recommended that governments regulate virtual currencies and apply anti-money laundering rules to transactions using them. It called for limits on privacy and anonymity on services such as Tor. And it suggested police do more to use existing laws on currency transfers to investigate suspected child sexual abuse.
In April, Britain took steps to adhere to some of those guidelines. The Crown Prosecution Service allowed the Internet Watch Foundation to actively seek out and search online for child pornography, as opposed to simply acting on tips from the public as it had done in the past. The group is the only non-police organization worldwide with such powers, according to InHope, a network of 51 child abuse hot lines in 45 countries.
In 2009, Sweden created its own financial-police coalition, including Svenska Handelsbanken AB, Skandiabanken AB and Swedbank AB. The organization has helped take down about 15 websites from locations such as the Virgin Islands and eastern Europe, according to Sweden’s National Bureau of Investigation.
“It’s a constant battle,” said Lena Hok, a sustainability manager at Skandiabanken. “There’s money out there changing hands through our banks to pay for this and we have to work to block these kinds of transactions.”
Information gathered by the Swedish coalition was used to convict Bengt Rune Kristoffersson, a 53-year-old from Vaestra Torup in southern Sweden who operated under the screen names BengViking and SwedenJohnny. Kristoffersson appealed an initial sentence of eight years in jail, which was reduced to 4 1/2.
Kristoffersson spent several years directing $40-per-hour webcam streaming shows in which girls as young as five were pulled out of school or away from toys to perform sexual acts, according to court documents. He often paid for it through Xoom Corp., an online remittance service in San Francisco.
“Every day lots of smart, well-funded organizations and people will wake up with the intent to use our service for illicit purposes,” said Christopher Ferro, vice president and general counsel at Xoom.
To fight the problem, Xoom now only permits remittances from U.S. bank accounts or credit cards issued by U.S. banks, and it limits its service to person-to-person transfers, barring commercial transactions, Ferro said. Xoom has a team of five people who track suspicious remittances, such as small transactions several times a week, wires between unusual country pairs like Japan and Mexico, or transfers that exceed the typical level seen along routes such as the U.S. to Guatemala.
“Everything you do on Xoom is recorded,” making it safer, Ferro said. “We know who you are, where you’re coming from, we have real-time records. In contrast, if you send through an offline money transmitter you go to the ATM, walk into a store and fill out a wire form.”
Ford, the Northamptonshire sex offender, pleaded guilty in March 2013, and was sentenced to 8 1/2 years in prison and will be subjected to police visits for the rest of his life.
“Paying for something makes you feel like a legitimate member of society,” said Gan Thayanithy, a detective sergeant in Northamptonshire police. “When it’s harder to get that gratification, and if guilt from a banking transaction is involved, it would put a stop to lower-level offenders.”