Deep Web & Law Enforcement: Introduction to Intelligence

5 minute read

Posted by: Allen Hoffmann, JD

December 24, 2014

Intelligence is not the same as evidence – just because the police have, somehow, found out about some story, this does not make it court admissible evidence on its own. There is a complex system that LE must use to determine how reliable incoming intelligence is, whether it should be listened to at all, and what exactly it means, but rest assured, its all part of a jigsaw puzzle. Read on…

In the days of old, crime intelligence was developed by hard-nosed, hard-boiled, rule-bending detectives of the stereotype we’re all used to seeing in police procedural dramas, who drank with snitches and prostitutes to gather information on crimes being committed in a typically compact geographic area. It brought about (and indeed, still does bring about) corruption as cops and hardened, often heavy hitting, violent criminals break bread socially, and the lines of professionalism get blurred, but as any cop will tell you, if you call them out on hanging with the bad boys too much, “You don’t catch crooks in Church”.

That’s not the case anymore, not by a very long chalk. And damn, it’s a good thing for accountability and transparency. Cops are still masters at finding a way around laws and procedures, but these days, wholesale abuse is less possible than it arguably once was. What’s really changed, however, is how intelligence is developed, and the way in which law enforcement has adopted the technologies and methodologies of agencies more typically tasked with protecting national security. But at the very bottom, as the US military learned during the first Gulf War; you need people on the ground. And the people on the ground, when the war is on drugs, are not scouts, but rather, informers, tasked human resources (a middle ground between informer and cop), and that character we see in many other police procedural dramas; the undercover cop. Is the average darknet market buyer likely to run into many of the above? Realistically, the biggest potential threat, whether in the cyber world or the real world, is the criminal informer. Perhaps, in a later series aimed at sellers, we’ll learn more about the undercover cop.

LE resources are finite when it comes to crimes which are not making front page news; overtime tends to get authorized when innocent people get murdered. Otherwise, the resources only go where they are needed and justified. Much as Edward Snowden’s leaks would have us believe that we’re all living in a panopticon prison and that anything we say or do online is available to the big bad NSA, unless you are inciting, funding or threatening terrorism, the serious intelligence agencies have much better things to worry about than your addiction to Vicodin or preference for MILF porn, so whilst everything may be on file, sorry guy, but you just aren’t worth the time, expense or effort.

In much the same way as overtime gets approved for serial murderers, the U.S. Senate made noise about Silk Road, it became a massive investigative priority for several agencies in New York –not buyers, but the infrastructure facilitating the marketplace. Such is the way that large federal agencies work; the objective is to strike the source. The United States Secret Service’s mandate in investigating counterfeiting operations is plant suppression; catching the counterfeiters, taking apart the shop and making the convictions stick, rather than disrupting distribution or arresting end users in possession. The means by which they sought to approach putting down SR was buy working their way up the chain via sellers, not far at all from what the USSS do.

Criminal intelligence gathering run by LE doesn’t have the budget national security intelligence does, but its all so much less an ‘all seeing eye’ than a resource which acts as a gigantic fact gathering database, used as a tool to help deploy other resources in the most efficient manner possible. The objective of intelligence may not to catch you for a specific crime, but rather, to fill as much of a picture in as possible, so that an investigator knows which pieces of a jigsaw are missing, and then aggressively attempt to bridge those knowledge gaps to finish the jigsaw, allowing them to either pressure you into quitting the game if they can’t convict you, or, preferably (and especially so if you don’t look like a hard target), convicting you.

Case study: $50 to break a murder case.

In a jurisdiction I won’t name, a whole team of detectives was looking for two highly dangerous, unidentified criminals. Owing to specific aspects of the modus operandi employed by these two criminals in their prior offences (manner in which people were restrained, the weapons used, the targets hit), they were known, from an intelligence perspective, to be motivated, reasonably professional, and not affiliated with any gangs which would typically give the police better lines to follow. A number of suspects had been identified owing to their connections to previous investigations; obviously, the police’s interest in these parties was not public knowledge. Money only goes so far, and you cannot conduct protracted surveillance operations on a large number of suspects without the intelligence needed to justify it. The police had, in addition to the publicly acknowledged offenses ascribed to this team, deduced that when they were starting out, they had been involved in certain other crimes, including amongst them a particular armed robbery. One day, for very little money (enough to buy some heroin), the detective bought from an amateur, drug using armed robber who he had cultivated a rapport with, the supposed name of the person who had done that particular armed robbery, from the ‘early days’ of these two criminals. Was the fact the drug dealer gave the police a name proof positive (or even close to it) that the guy named was an armed robber? No, but it was crucial for the ongoing investigation the police were working, because the name matched one of those names from the previous investigations. This is what’s called a “parallel connection”, and when intelligence and surveillance assets were made available to investigate the people this parallel pointed to, over a long period of time, it broke the whole case wide open. The name he gave, and two other people connected to that name, went down. Two are doing life. H

There’s no way of preventing the existence of all intelligence; but you can certainly take proactive steps to prevent exposure to the human aspect of the intelligence machine.

Next Part: we’ll look at real world and digital informers.

Updated: 2014-12-24