The raid started out as routine. Investigators had heard that a convicted sex offender in Seattle was talking to others about sexually abusing a child.
When they raided Brian Rubenaker’s home, they found he was trading in child pornography. But just as disquieting as the pictures of sexual abuse was the computer program that Rubenaker, 45, was using — it signaled to investigators that they were looking at a new front in their battle against illicit images.
Federal investigators said this was the first time they had come across the Google Hello program, a now-defunct instant messaging system for photos, in a child-pornography case.
Links from Rubenaker’s computer eventually produced hundreds of leads that spanned continents. Last month, two Virginia men were among the latest offenders to be sentenced to prison for participating in a sophisticated, members-only ring that shared child pornography.
The years-long investigation into shadowy groups on Google Hello and the Multiply social network has revealed that pedophiles are using powerful encryption tools in social media and other programs to illegally share child pornography. Child-porn rings are also using a simple — but highly effective — tool to keep prying investigators at bay.
Would-be ring members are increasingly being asked to share photographs and videos of children being sexually abused in order to gain entry, investigators say. Because sharing child pornography is a crime — it re-victimizes abused children — law enforcement officers are prohibited from offering images and videos in sting operations. As a result, officials say, it is becoming more difficult to monitor child-porn rings.
U.S. Immigration and Customs Enforcement agents who investigated links radiating from Rubenaker’s computer also said that possibly as a result of the security tactic, they had come across numerous instances of men sexually abusing their own children to gain “entry tickets” to members-only child-pornography rings.
Rubenaker’s links led investigators to 24 people who traded images and videos with him, according to Brian Bujdoso, an ICE special agent. One contact, an Ohio man with the screen name “Jamokie,” whose real name is Michael Janosko, had in turn shared child pornography with a third man, whose screen name was “Bigbaddaddie,” officials say. That turned out to be a 31-year-old father from Calgary, Alberta.
When Canadian authorities raided the man’s home, they found that he had been sexually abusing his daughter. (The Washington Post is withholding the man’s name to protect her identity. )
“He was molesting his child; he had started molesting that child from the age of 6 months,” Bujdoso said. “He was making those images so he could gain access to better images of child pornography.”
Bujdoso said the Google Hello program allowed users to share pictures while simultaneously allowing conversations among members about the photos.
While social-networking and photo-sharing programs are widely used to share innocuous photos and videos, Bujdoso said that pedophiles had recognized their value — and were taking advantage of privacy and encryption settings to keep investigators at bay.
When Canadian authorities investigating the Calgary case logged into the Google Hello program, they immediately heard from a 30-year-old Kentucky man with the screen name “Babyho.” The Canadians passed the tip back to U.S. officials. When investigators tracked Jason Hawkins down, they found he had shot a series of videos as he fondled girls who appeared to be preschoolers. Hawkins, who has been sentenced to 60 years in prison, traded the movies with other members.
“To gain a higher status, to gain other untraded images, you have to offer something that other people have not seen,” said Matthew K. Dunn, a supervisory special agent at the ICE Cybercrimes Center, which is run out of a nondescript office building in Fairfax County. “It’s similar to any other organization — if you have something unique, you gain a higher status.”
By the time Google ended its Hello program in 2008, investigators had tracked down more than 400 leads of men illegally sharing child pornography, Bujdoso said. The images and videos included the abuse of young boys and girls.
The spider web of leads eventually led to a man in Pittsburgh, said James Kilpatrick, an ICE special agent.
The man, who has not been identified, told investigators about a different ring on the Multiply social network that had even more stringent security procedures. New members had to prove they were not law enforcement officials by providing original child pornography. Members had to keep sharing photos and videos to remain in good standing with the group.
With help from the Pittsburgh man, ICE investigators identified other members of the ring, along with photos and videos depicting horrific child sexual abuse. The self-described “den mother” of the group, Stephen Sims, had told would-be members of the ring “to share child pornography with him to demonstrate the candidate was not a law enforcement officer and had the capacity to supply group members with child pornography,” according to an affidavit filed by government investigators when they sought an arrest warrant in U.S. District Court.
Sims, 57, of San Leandro, Calif., was sentenced to 17 years in prison in January by a federal judge.
The investigation also led to the arrests of two Virginia men, Ryan Chiles, 22, of Hampton, and Fred Woolum, 59, of Lexington. Both pleaded guilty. Chiles received a sentence of eight years and Woolum was sentenced to 15 years. Sentences are to be handed down soon for other members of the ring.
Dunn said investigators cannot be certain how effective they have been in combating the spread of child pornography: “Where we think we’re making a difference is in catching the worst of the worst.”
Staff researcher Magda Jean-Louis contributed to this report.