Report Says ComputerCOP Software Cops Give Away Is “Spyware”

For about as long as the World Wide Web has been around, ComputerCOP has marketed its software to concerned parents and local law enforcement agencies as a way to protect children from the evil that lurks online. And for the past two decades-plus, the software has sold in droves as police chiefs and officials purchased the discs and then distributed them to the community free of charge, often as part of community outreach events.

But a recent investigative report by a San Francisco-based digital rights group says ComputerCOP is only perpetuating the problem it claims to be fighting against and may actually undermine privacy issues.

“As official as it looks, ComputerCOP is actually just spyware,” Dave Maass, investigative researcher for the Electronic Frontier Foundation (EFF), wrote. “… Law enforcement agencies have purchased a poor product, slapped their trusted emblems on it, and passed it on to everyday people.

“It’s time for those law enforcement agencies to take away ComputerCOP’s badge.”

More than 245 local law enforcement agencies have handed out hundreds of thousands of free copies of ComputerCOP to families across the country – all in the name of public safety, according to the EFF report. Maass said in an interview that agencies usually purchase around 5,000 copies at $5 a pop using asset forfeiture funds, which allow the agencies to say they didn’t use tax dollars to buy the software. But he said there’s no proof that the software is at all effective and contends that ComputerCOP is not helping to protect children from unscrupulous parties online.

“You’re guaranteed to get a nice round of media coverage,” Maass said of police-sponsored events at schools, libraries, and other locations where the free discs are distributed, and which the media tends to always cover in a positive light. “Families are definitely scared of the Internet a lot and the public likes free things.”

ComputerCOP’s online-tracking software searches and retrieves images and text on a child’s computer for a parent to review. But Maass and his colleague say it also features a keystroke-capturing function (also called a keylogger) that lacks the basic security safeguards needed to protect a family’s personal information from unauthorized users. Specifically, they claim that information could be transmitted over the Internet to third-party servers without encryption.

“The software advertises a false sense of security for parents,” Maass said.

The investigation also found that ComputerCOP markets its product with several misleading endorsements. For instance, ComputerCop included in its marketing materials a letter from the Treasury Executive Office for Asset Forfeiture, in which the head of the division called the software an “effective law enforcement aid,” but the Treasury has since issued a fraud alert about the letter. Also, the company said its product was approved by the American Civil Liberties Union (ACLU), a claim that Maass said the ACLU told him they would never make.

Stephen DelGiorno, the head of ComputerCOP operations, did not address the alleged ACLU endorsement in an email to TINA.org, but said flatly that the software does not compromise personal information and there have been no “documented reports” of misuse.

“There is no database collection or servers with stored information for third-party spying,” he said. “ComputerCOP software or distributing agencies have no database, no phone numbers, no emails, no tracking information … ”

DelGiorno added that the keylogger feature captures only a parent’s selected keywords and a “small subset of words from the product’s keyword library, such as ‘meet up.’”

So far, the response by law enforcement to the report has been somewhat muted. The San Diego County District Attorney’s Office issued an alert last week but only said that the potential security problem could be “easily corrected” by turning off the keylogger feature.

More information about computer security can be found here.