CyberTipline Success Stories
CyberTip prevents rape and murder of a child for profit
Between March and June 2014, the CyberTipline® received multiple reports from two different registered electronic service providers regarding a user allegedly uploading graphic child sexual abuse images to their service.The ESPs provided information including an email address, various screen names, Internet Protocol addresses, as well as geographical coordinates associated with the reported user. Also during this time, a complaint was submitted by a concerned citizen, who reported an email address and indicated that the individual was planning to abduct a child.
NCMEC Exploited Children Division analysts performed extensive online searches through which they were able to develop critical information including a full name, employment information and corroborated the location of the Orlando, Fla. area suggested by the IP addresses.
Cognizant of the urgency of the situation, analysts immediately notified the central Florida Internet Crimes Against Children Task Force.
Investigators from the ICAC quickly looped in the Florida Department of Law Enforcement’s Orlando Regional Operations Center Cyber High Tech Crime Squad, which already had the reported user on its radar after receiving information from an informant. Armed with the new information, FDLE investigators coordinated efforts with the Longwood Police Department and went to work tracking him down.
In mid-June, members of the FDLE’s Cyber Task Force took their suspect into custody. They learned that just days before his arrest, he had lured a father, grandfather and child to a vacant home in the Longwood, Fla. area with the ruse that he was a student making a film. However, the family left shortly after arriving at the home after seeing a plastic sheet covering the floor. Detectives believe that this man had been using the Internet, as well as talent agencies, to recruit underage actresses with the intent of murdering the parents, then raping and murdering the child. He allegedly planned to record the rape and murder and sell it on DVD.
Suspect charged with possession and production of child pornography
Between February and March 2014, the CyberTipline® received nine reports from a registered electronic service provider regarding incidents of apparent child pornography uploaded to its service. In accordance with federal law, the ESP provided incident information, including email and Internet Protocol addresses associated with the uploaded images.
NCMEC’s Exploited Children Division analysts conducted an online look-up of the reported IP addresses and discovered key geographic information, leading them to believe the reported user could be located in Michigan. Using all the identifiers they gathered, they ran the information through a public records database and found one match: an individual with a criminal history that included a conviction for indecent exposure. The CyberTipline reports were quickly forwarded to the Michigan Internet Crimes Against Children Task Force.
The Michigan State Police Computer Crimes Unit coordinated with its local police counterparts and immediately initiated an investigation. In early April, detectives executed a search warrant at an address in Michigan and seized property, including a digital camera and memory card for forensic examination yielding numerous images of apparent child pornography, including images of a two-year-old female who was later identified by family members as a relative.
The suspect was arrested and faces felony charges.
Child pornography victim identified; suspect arrested
In late May 2013, an electronic service provider registered with the CyberTipline® notified the National Center for Missing & Exploited Children that one of its users had allegedly uploaded apparent child pornography to its service. In compliance with federal law, the ESP supplied the CyberTipline with the uploaded images in conjunction with the user’s email address and Internet Protocol address.
The report was assigned to an Exploited Children Division analyst, who immediately noticed that the images all appeared to depict the same young male child, who was previously unknown to NCMEC. She also noted that the images were taken in a home environment, and that the child victim could be seen being sexually abused by an adult male in several of the images. Through her searches, she was also able to develop a full name, age, and employment information associated with the reported user and found a possible public records entry for the individual.
Cognizant of the urgency of the report, the analyst reclassified the report to reflect its high priority, immediately notified the New York State Internet Crimes Against Children Task Force and provided them with access to the CyberTipline report.
As a result of their swift investigation, ICAC investigators, along with local law enforcement officers, placed the suspect, a local male in his early 20s, under arrest just two weeks later. They were also able to identify the child featured in the images reported to the CyberTipline. The suspect has been charged with several crimes.
Family member arrested on child pornography and sexual abuse charges
In April 2013, the CyberTipline® received a report from a registered electronic service provider regarding a user who had allegedly uploaded multiple sexually suggestive images of a prepubescent female to its service. Fulfilling its federally mandated responsibility, the ESP notified the CyberTipline by providing the images, a unique identifier assigned to the user associated with the content and an Internet Protocol address.
A NCMEC analyst determined a potential jurisdiction for the reported user in Philadelphia and escalated the report, making it high priority, to law enforcement. She immediately contacted the Pennsylvania Internet Crimes Against Children Task Force and provided them with access to the full CyberTipline report.
Upon receipt of the report, the ICAC engaged Immigrations and Customs Enforcement’s Homeland Security Investigations based on the belief that the images may have been produced by the reported user. HSI agents submitted an emergency summons to the Internet service provider listed in the report and were provided with subscriber information.
After determining that the child was a relative of the person they had identified, investigators obtained a federal search warrant for the suspect’s home and interviewed him. During the interview, he reportedly admitted to molesting the child and photographing the abuse on several occasions. In May 2013, the suspect was arrested at his residence. He is currently facing federal charges.