Police Could Access Photos In Laptop Spying Case; IT Admins Placed On Leave

rated by 0 users
This post has 8 Replies | 1 Follower

Top 10 Contributor
Posts 25,896
Points 1,174,490
Joined: Sep 2007
ForumsAdministrator
News Posted: Tue, Mar 9 2010 2:09 PM
A few weeks ago we covered a controversial case that erupted in Pennsylvania's Lower Merion School district. A student at the district, Blake Robbins, was disciplined for activities that allegedly occurred in the privacy of his own home. The district's evidence for said activities was a photo taken by Robbin's school-issued notebook without his knowledge or consent. Robbin's parents were similarly unaware that the laptops had remote monitoring capabilities and sued the school district for breach of privacy.

The school district revealed today that its two IT administrators, Carol Cafiero and Michael Perbix, have been on administrative leave (with pay) since the story originally broke two weeks ago. It's also come to light that the information the students' webcams captured was accessible to more than just the IT administrators—information provided by the two admins has revealed that the photos were published on a specific unknown website that was made available to local police for the purpose of assisting in laptop recovery.


Harriton High School's campus (currently under renovation).

The school district continues to insist that laptop cameras were only activated when a system was thought to have been lost/stolen, despite the fact that this doesn't explain how Blake could have been caught acting out at home with a laptop that was neither lost nor stolen. The additional information that's surfaced in the last two weeks, however, does explain how the disclosure system could leak even if the webcam remote access was implemented in good faith by all of the parties involved.

We now know that an activation order passed through at least two separate groups and three in some cases. First, a school administrator (presumably including embattled vice principal Lindy Matsko) had to issue the request. That request was then passed to the IT staff. We don't know how many IT staff had access to the cameras—two administrators have been placed on leave but the district has some 7,000 kids enrolled, over 500 teachers, and the various administrative staff of each separate building. It's entirely possible that other, lower-ranking staff also had permission to activate the webcams.

Finally, there's the private website, where we know photo/video footage was at least occasionally made available to the Lower Merion PD. There are now at least three levels (School, IT, PD) where access or access requests could have potentially been abused. Depending on how requests were logged, who could order them, and what justification had to be provided it's entirely possible that everyone in the chain of command acted in good faith on false data.

Unless the IT administrators acted carelessly or with deliberate disregard for student privacy they're probably the least to blame for the problem. It wasn't the IT staffs' responsibility to ensure that parents and students were properly informed of potential privacy ramifications, they weren't tasked with deciding whether or not to activate the cameras in any particular scenario, and they presumably made no decisions as to whether or not information gathered from a webcam should be used to penalize a student.

According to Carol Cafiero's lawyer, Charles Mandracchia, the IT staff had no reason to think anything was amiss. ""It was their duty to turn on the camera," Mandracchia told WTXF-TV of Philadelphia in an interview last Friday. "But they would only do that if they received a request from the two high schools, the two buildings, because they had no direct contact with the students, they didn't know the students...Every time a tracking device was activated, it was activated at the request of an administrator or another IT person."

As the case progresses we're starting to get a sense for who wasn't at fault—hopefully we'll soon have a clearer picture of who is.
  • | Post Points: 95
Top 10 Contributor
Posts 4,821
Points 45,700
Joined: Feb 2008
Location: Kennesaw
rapid1 replied on Tue, Mar 9 2010 2:56 PM

The bad thing here is that these laptops were supposedly "private property" of each student and there family even if on a usage basis. These kids had them in there room's on a large basis I would imagine. This opens up all kinds of nasty things, the more people who had direct access the uglier it gets. What if and I'm not even saying this did or did not happen, but if I found out someone was able to on demand watch my teenager in there private bed room not to mention anywhere the laptop was I would be very upset. I mean someone could be watching your kids getting dressed or in other situations unclothed in there own "safe" bedroom. Thats just messed up besides the fact that no one knew this was even possible, on the family basis, nor did they assent to it at all.

OS:Win 7 Ultimate 64-bit
MB:ASUS Z87C
CPU:Intel(R) Core(TM) i7 4770 ***
GPU:Geforce GTX 770 4GB
Mem:***ingston 16384MB RAM
  • | Post Points: 5
Top 25 Contributor
Posts 3,784
Points 40,585
Joined: Jan 2010
Location: New York

Wow these stories are getting bigger and bigger as days past... But one good thing is the kid can't be convicted of the crime with those pictures as they were obtained illegally... Don't you think these people learn form others mistake??? (Both the kids and people spying...)

Note: The articles title is misleading :D (i thought they were getting files off their computer Sad)

  • | Post Points: 5
Top 75 Contributor
Posts 1,248
Points 11,580
Joined: Jan 2005
Location: Florida

The kid was not commiting a crime. He was eating candy which they thought was 'pills'. Like "Mike and Ike" candy looks like pills to begin with.

The biggest thing with this though is that if there is any nudity that shows up in any of the pics, this becomes a child porn case and things will really explode.

Smooth Creations LANShark "Blue Flame" + ASUS G73JH-A2 + ASUS EeePC S101H

"I frag therefore I am!"

  • | Post Points: 20
Top 25 Contributor
Posts 3,784
Points 40,585
Joined: Jan 2010
Location: New York
Inspector replied on Wed, Mar 10 2010 9:44 AM

I thoght that this was a different story...

  • | Post Points: 5
Top 10 Contributor
Posts 4,821
Points 45,700
Joined: Feb 2008
Location: Kennesaw
rapid1 replied on Thu, Mar 11 2010 1:54 AM

Yeah infinity that's exactly what I was talking about. With the number of people who had access to all of these laptops these people would own half the state if not the whole thing if any information pointed at that possibility being a truth. Not that they won't anyway with the number of people that are going to end up involved in this after the original case is settled.

OS:Win 7 Ultimate 64-bit
MB:ASUS Z87C
CPU:Intel(R) Core(TM) i7 4770 ***
GPU:Geforce GTX 770 4GB
Mem:***ingston 16384MB RAM
  • | Post Points: 5
Not Ranked
Posts 1
Points 5
Joined: Mar 2010

I agree with "rapid1" in that as the investigation goes on that the violation in privacy will go a lot deeper. I'm going to assume that the laptops create a log of when the cameras were activated, and if so all students should be given info on how to access that log to see if their camera was activated. I hate to be a untrusting soul of human nature, but I'll bet money that some of the people that have access to these camera, HAVE been spying and peeping tom on these kids for reasons other than lost or stolen laptops. Its disgusting. I think that all the computers of anyone and everyone that were used to access this spying software. Should be scanned and I put money on the fact that some perverted dumbass will have saved screen shots and videos of what will be somebody's nightmare. Think about it how would you like it if you found out that video of your son or daughter or youself getting dressed or undressed or whatever was out there because of this technology.

  • | Post Points: 5
Not Ranked
Posts 1
Points 20
Joined: Mar 2010
racedad68 replied on Fri, Mar 12 2010 5:11 PM

According to one site (http://strydehax.blogspot.com), one of the features of the software is it does NOT log what it's doing on the laptop being monitored. No only that, but it deletes the image files it captures after sending them back to home base. It's possible some of those files could be recovered even though they've been deleted, but it's going to require more than a casual inspection plus a little luck. It appears likely that the only way to know what was actually done is to obtain the logs from the IT servers--which of course are maintained by the very people in the best position to record images without authorization. The school system has been ordered by the judge not to delete any such logs, but that order came days after the lawsuit so if somebody was doing something illicit and those logs still exist, then that somebody is an idiot on top of everything else.

  • | Post Points: 20
Top 10 Contributor
Posts 4,821
Points 45,700
Joined: Feb 2008
Location: Kennesaw
rapid1 replied on Sat, Mar 13 2010 12:22 AM

Yeah but racedad68 there fall down is going to be the servers. Especially in a server such as these being county servers which while maybe not junk are also not top of the line. The further you get away from this years technology the easier in many cases at least in the 2000' to recover a goo bit if not all data. Thats why they tell you to destroy a HD if you throw it away, and the older that drive is to a certain amount means more will be retained. I would not put it past some individual from the IT team when a situation like this is going on, or coming to light in this fashion to know or maybe have even backed up the information.

OS:Win 7 Ultimate 64-bit
MB:ASUS Z87C
CPU:Intel(R) Core(TM) i7 4770 ***
GPU:Geforce GTX 770 4GB
Mem:***ingston 16384MB RAM
  • | Post Points: 5
Page 1 of 1 (9 items) | RSS