What would you think if I told you the police had accused 5,000 British citizens of a really unpleasant, despicable crime, the sort of thing where just being questioned is the kind of news that could destroy your family, career, and psyche, that some 39 of them had committed suicide as a result, but quite possibly every man-jack of them was innocent?
It would be like the Guildford Four case on steroids, right? All over the papers, public inquiries, years of litigation, every blowhard from Vanessa Redgrave to Tim Worstall joining the Free the 5,000 support group.
Well, they did it, and it's not. In June, 2006, this blog mentioned an article in the Times by Duncan Campbell - that's the Duncan Campbell of no-ricin not-plot fame, whose articles on this topic were retconned out of the Grauniad archive - which detailed the incredibly flaky evidence used by police in the Operation Ore child-porn case.
Amongst other things, the testimony of a US Postal Service inspector and a cop, both of whom swore that visitors to the website in question had to click a button marked "Click Here for Child Porn", was exploded as nonsense ('twas actually a banner ad).
Now Campbell is back, with even worse news. Recap: the Texas-based website Landslide.com provided hosting and payments services to a large number of porno sites, under a revenue-sharing agreement. In 1999, police seized the box on which the SSL-encrypted credit card numbers were handled. Operation ORE consisted in going through the list of cards.
Unfortunately, the original file includes some 54,348 credit cards known to have been stolen or otherwise compromised.
The site's operators had a curious relationship with credit card fraudsters. In its heyday, it was one of the easiest ways to get credit card merchant facilities, and hence an obvious opportunity if you had a list of other people's cards. As 65 per cent of revenue from its customers went to the owners, they had a strong incentive to look the other way. At least, until the suckers began to spot unusual transactions - then, they raised chargebacks through the Visa dispute procedure. As Landslide was the merchant under VisaNet definitions, it had to pay up, and it was this that eventually bankrupted the site. Naturally, this was an advantage to the crook, as the cost of chargebacks fell on someone else.
The killer fact? Many of the credit cards presented for payment don't correspond to the server log - to put it more brutally, a mysteriously large number of people were paying up in advance but not taking delivery of their smut. In fact, quite a lot of the websites that used Landslide contained no porn, nor anything else, existing purely for fraudulent purposes. The M.O. was to get hold of a list of cards - a black market exists - set up an account, and then run a script that would charge small amounts (say £25) to each, hoping that the payments would go unnoticed.
It should be quite clear from this that the police investigation in both the US and UK was spectacularly incompetent, overkeen to prove that they could keep up with Teh Interweb Menace, and probably conducted with one eye on future data-retention legislation. All prosecutions must stop, and there must be a full-dress public inquiry. The sheer scale of the case demands it.
This is, of course, an instance of everything we fear about the National Identity Register. Justice-by-database has the potential to generate injustice faster and more efficiently than any previous system. It's time to stop the machine - anyone whose credit card was compromised before August, 1999 is a potential target.
Don't miss the longer version of Campbell's report from PC Pro (pdf link). I'd actually forgotten the little ha-gotcha that if they didn't find anything on your computer, they'd charge you with "incitement".
Did I mention the Home Office must be abolished?