Shared WiFi led to arrest of Cambridge teacher on porn charges

Shared WiFi led to arrest of Cambridge teacher on porn charges

1

A Martha’s Vineyard resident had no idea her willingness to share WiFi would bring State Police investigators to her door.

There are a number of web filters available for concerned Internet users. — Photo by Michael Cummo

The investigation, arrest and indictment in April of Josh Wairi, 27, of Somerville, a Cambridge fifth-grade teacher, on multiple federal child pornography charges began innocently enough last summer on Martha’s Vineyard.

Mr. Wairi, a teacher at the Graham & Parks School in Cambridge for nearly two years, visited the home of a friend and former co-worker, identified only by her initials in court documents, whose family owns a seasonal house on Hines Point, a secluded neighborhood in Vineyard Haven. The seasonal residents shared wireless Internet service with a neighbor, identified only by her initials.

Mr. Wairi visited several times last summer on vacation, according to court documents, and unknown to his friend, took advantage of the WiFi service of his host’s neighbor to access pornographic material. Months later, state police investigators appeared at the neighbor’s home on Hines Point looking for Mr. Wairi. He was arrested in April in Somerville.

The criminal complaint filed in U.S. District Court alleges, among other things, that Mr. Wairi, used his email account to trade and receive images of child pornography and also uploaded images and videos of children being sexually exploited, according to a press release from the office of U.S. Attorney Carmen M. Ortiz. The complaint further alleges that Mr. Wairi transferred the images and videos of child pornography to other users.

Mr. Wairi was indicted in May and currently remains in the custody of the U.S. Marshal service pending a status conference on September 3.

If convicted, Mr. Wairi could face a minimum of 15 years in prison for each production charge, a minimum of five years for the transportation charge, as well as a $250,000 fine, according to the office of the U.S. Attorney.

The case highlights the risks homeowners face when they open up access to their wireless Internet service, technology experts said.

Email spurs investigation

The criminal investigation began when Mr. Wairi uploaded four digital files suspected of being child pornography at 2:02 am on Sunday, July 14, 2013 using the American Online (AOL) email address hottjamess@aim.com, according to a criminal affidavit filed by U.S. Postal Inspector Scott W. Kelley.

Immediately, AOL Instant Messenger (AIM) automatically submitted a CyberTip to the National Center for Missing & Exploited Children (NCMEC).

NCMEC forwarded the report to the Massachusetts Internet Crimes Against Children (ICAC) Task Force. The CyberTip contained email exchanges that began July 13, 2013 between a user identified as hottjamess@aim.com, identified as Mr. Wairi in court documents, and another user, not identified in court documents.

Under the subject of “trade,” hottjamess wrote, “looking for boys 7-13yo if your interested in trading.”

A series of exchanges followed. On July 14, 2013, Mr. Wairi congratulated his Internet correspondent on his collection of videos and replied, “I was counting the videos that I have. They are about 45 plus I have about 60 more from [redacted reference] users. And You have many (if not all) of them already! I am attaching a photo here of all of the vids I have and also a link to my dropbox that has 15 of the vids already uploaded. I can upload any others that you like…”

Hottjamess, who signed his email James, expressed a preference for videos with “more than one boy.”

Armed with the Internet Protocol (IP address) investigators determined that it belonged to Verizon Online LLC. A subpoena served to Verizon yielded the customer’s name, identified only by initials in the affidavit, and a Vineyard Haven account address.

Law enforcement extended the review of IP login information for hottjamess@aim.com from July 11-16 and issued subpoenas to Comcast Business Communications and RCN Corporation in an attempt to identify email user hottjamess.

The results, received in January and February, pointed investigators to Josh Wairi of 88 Wheatland Street, Somerville. State Police began their investigation of Mr. Wairi with a visit to the Vineyard Haven address provided by Verizon.

In April, 2014, investigators spoke with the Hines Point homeowner and her neighbor. They confirmed that the resident allowed her neighbors to use her wireless Internet service.

That same week, state police received an additional CyberTip that hottjamess@aim.com uploaded eight suspected images/videos of child pornography with graphic titles. A court issued an Internet search warrant and law enforcement found an account, HOTTJAMESS, on an international site commonly used to trade and view images of children being sexually exploited, according to Mr. Kelley.

On April 16, officers went to the home of Mr. Wairi. “Upon arrival, law enforcement entered the building and knocked on the door of Apartment 204,” according to the affidavit. “After knocking and announcing themselves several times and receiving no answer, law enforcement executed a forced entry into that apartment.”

Josh Wairi was inside, as were several computers, cameras, thumb drives, photo albums and numerous external storage devices, filled with photographs of children, according to the affidavit.

“Among other things, Wairi admitted he spent time in Vineyard Haven during the summer of 2013 with XX,” according to the affidavit. “He confirmed his previous email address of hottjamess@aim.com. Wairi admitted he used this email account to trade and receive images of child pornography. He admitted to using an international website to locate images of child pornography and then contacting various users via email in order to trade images and videos of children being sexually exploited. Wairi admitted his user name for the international site was “hottjamess”. Additionally, Wairi admitted to uploading images and videos of children being sexually exploited to Dropbox. He confirmed he used Dropbox as a means to transfer the images and videos of child pornography to other users and to other emails.”

During the course of the police interview, Mr. Kelley said, Mr. Wairi “admitted to secretly videotaping and using a camera cell phone to videotape children changing in and out of clothes on more than one occasion. He also admitted to setting up and hiding a video camera in a locker room in order to videotape children changing in and out of clothes.”

Mr. Wairi also told police, he had posted an advertisement on Craigslist where he offered his babysitting services.

State Police Sergeant Jeff Stone of Oak Bluffs, and trooper Rob Smith of the ICAC Task Force, who participated in this investigation, declined to comment while the case is being adjudicated.

Protecting your WiFi

In the case of Mr. Wairi, WiFi access was freely provided and there was an element of trust. The neighbor, and Mr. Wairi’s host, had no idea that he was accessing pornographic sites. But the case provides a reminder of the risks associated with easily accessible WiFi.

WiFi can be easily protected from anyone who is not a hacker, Edgartown information technology manager Adam Darack said in a telephone conversation with The Times.

“There are many different types of encryption you can use for your WiFi, which can’t be accessed without using software to hack into it,” he said. “I don’t think there are many people trying to hack WiFi on Martha’s Vineyard, though.”

He advised using Wi-Fi Protected Access II (WPA2) as an easy, sophisticated encryption. “Use a password that’s hard to figure out but not so hard that you won’t remember it,” he said. “And don’t tell anyone. No matter what encryption you use, if you tell someone your password, it doesn’t matter how good your protection is.”

All of the Island’s six libraries provide computers and wireless Internet access for the public. No Island libraries limit Internet access from their computers, but each has a use policy that insists that patrons not access illegal material on the Internet.

Library directors that the Times talked to said it is not their policy to limit information but just the opposite — to make information available. Vineyard Haven library director Amy Ryan said that it is her understanding that her library’s Internet service provider will report Internet and email use that contain key words associated with illegal use of the library’s computers.

Chilmark library director Ebba Hierta said that the software she is aware of uses word filters to limit access to undesirable sites, but it has important drawbacks. “We don’t want that,” she said. “If someone were researching a health issue they might not find important information because they used the name of a body part in their search.”

Ms. Hierta is one of several Island library directors who have experienced patrons accessing sites in violation of the policy. She told The Times that they present offending users with a printed copy of the policy and will take away a user’s computer privileges if they have to address the issue a second time. She said that to date that has been enough for the one embarrassed patron, who claimed he got to a site by mistake, to move on to something else.

The federal government stepped in years ago to help protect children from Internet abuse. The Federal Trade Commission adopted amendments to the Children’s Online Privacy Protection Act Rule (COPPA) that strengthen kids’ privacy protections and give parents greater control over the personal information that websites and online services may collect from children.

Unlike the libraries, the Island schools all use software-based systems to limit students’ access to undesirable websites and their ability to have free reign on social media sites on school computers and networks.

Tony Omer contributed reporting to this story.