We do leave our footprints behind us when we travel through the web. Police in Illinios believe that they may have apprended a serial killer based on tracking his passage through cyberspace.
An online generated map, sent by the suspect to taunt a local paper which ran a story on one of the victims, was used to locate him.
An Illinois State Police search of online mapping companies led to an exact match between features on the newspaper-received map and one found on Expedia.com.Was the person they captured a serial killer, involved in the deaths of at least 10 women near the Mississippi? It's uncertain. Their suspect was found hanging in his jail cell three days after his capture. It was ruled a suicide. Was he the person who committed the crimes, or might someone else have had access to the account he used to get online?
On June 3, Microsoft Corp., which tracks access to that Web site, gave the FBI a computerized spreadsheet showing that only someone with the Internet Provider address 18.104.22.168 days prior to the mailing to the Post-Dispatch accessed the Expedia.com site and searched the West Alton area. Technology even showed the person zoomed in 10 times to better define the map's location.
The police should be applauded for their efforts in trying to find a serial killer. But should we be worried about how they were able to track someone from traces left on the net? The Associated Press article raises the questions of how such abilities might be used in the future, and how widespread their use may become. There are a number of issues that will come up as the use of computer forensics becomes more common in criminal investigations. One that I'm thinking about is what expectations of privacy we might have in the files on someone else's computer which show our movements through their web site. Another is how evidence like that in this case would have been presented to a jury.