In the past fortnight, Sydney has been gripped by the Madeleine Pulver case. An intruder surprised the young schoolgirl while she was home alone and forced her to wear a potentially explosive collar bomb around her neck, leaving her frantic and hysterical while police bomb experts first determined that there was no explosive device, then detached it from her after 10 long hours.
The extradition order has revealed how police were able to use a combination of first hand witness accounts, email access points, CCTV footage, and multiple co-operating agencies to home in on their suspect, who had departed Australia to the United States.
The progression of the manhunt shows the value of an interconnected, extended “web” of online and offline information drawn together to achieve a single, focused goal.
Do you know if big brother is watching you?
The intruder left a USB stick on a lanyard which stored a pdf copy of the printed note that had been given to the schoolgirl. Now, if you’ve ever used a flash drive, when you delete a file, you can’t just bring that file back. It appears that the person using the flash drive didn’t realise that deleted files could easily be brought back – in fact a quick search on google offers many different methods to retrieve deleted flash drive files. The recovered files revealed slightly different versions of the demand letter that was last saved.
But it was the suspect’s use of a newly created Gmail account that began the unravelling of the case. The pdf document and printed letter quoted an email address to use for communication with the suspect, presumably for whatever demands would be made at a later stage.
Police were able to track where the Gmail account was initially created – Chicago Airport. They were then able to track where that email account was accessed, using the IP address presumably provided by Google, who own Gmail, and the ISPs who serviced the accounts.
The access was pinpointed to a library in Kincumber, NSW and at a video store in Avoca, NSW. The suspect apparently didn’t realise that even if you are using an alias email, IP addresses are very sticky, and in the case of the library and video store, those connections were quite basic in their internet services and wouldn’t have the sophistication to “hide” the IP addresses.
Police used the CCTV footage from the library and from a liquor outlet adjacent to the video store to match visitors to the description given by the victim. The car the suspect drove, a Range Rover, was then matched to the RTA database – and the associated license photo, of a Paul “Douglas” Peters, was a good match for the CCTV footage. Police then confirmed with immigration authorities that Peters was indeed at Chicago Airport on the day the Gmail address was created.
Police were even able to use credit card history to show Peters purchasing a USB flash drive at a local Officeworks store identical to the one left with Madeleine Pulver, providing even more verification that police were concentrating their efforts on the right suspect.
From there, it was a case of working with US agencies to determine where the suspect was living in the US, and arrange for an arrest. Local airport CCTV footage was examined and also firmed up their suspicion of Peters.
If you look at the above process, and consider it took only a fortnight to review CCTV footage, access IP address information from Google and relevant ISPs, and cross-reference information from the RTA and immigration and then local US authorities, the case has taken very little time to get to an arrest and subsequent extradition order.
Consider all the different sources of information that had to come together in order to find the person suspected of this crime – Google email databases, motor vehicle and license registry, multiple CCTV footage sources, immigration and passport databases, and credit card purchase history, not to mention actual witness statements.
It illustrates how well the unified power and application of information can result in a positive outcome – in this case, the arrest of a person thousands of kilometres from where the alleged crime was perpetrated.
How do you feel about authorities being able to draw on this secure information? Would it be warranted for any criminal circumstance or otherwise? Feel free to share your opinion and perhaps personal experiences below.
Ritchie's Room 
In a nutshell, if you’re not doing anything wrong, you shouldn’t be a problem. I can, though, see the flipside and the point made by the civil libertarians. The fact that Big Brother knows what I’m doing is a scary thought. I won’t sit on the fence though….transparency is a positive thing.
Definitely a double edged sword, and in this case the information was crucial to apprehending a suspect. There is a lot of data out there, available to a lot of different agencies and departments, and that whole issue is worthy of a blog on its own.