Canadian police have seized 1.2 petabytes of data, in what is expected to be the largest ever seizure of online child porn. Officials have said they intend to take legal action against the data center which held the images.

The files were retrieved from an un-named Ontario data center, and are expected to implicate up to 7,500 users in 100 countries, once police password-cracking software works its way through the material. In a departure from previous approaches to this kind of case, the police want to go after the data center which held the images, according to a report in Motherboard.

Profiting from illegal material

“What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material,” Scott Tod, deputy commissioner of the Ontario Provincial Police (OPP), told Motherboard. “They store it and they provide a secure website that you can log into, much like people do with illegal online gaming sites.”

OPP traced some users onto a file-sharing service which is hosted by a legitimate Ontario company which makes millions of dollars (police say the service provider took $18 million in revenue in three months). The police had to invest in extra storage to handle the 1.2PB which was seized, and are now investigating the hoard, while considering action against the service provider.

Going after the service provider is a very unusal step, as owners and operators of data center space have normally been considered to be unaware of any criminal material. Legally, data centers don’t have an obligation to screen all their customers, but are required to report any wrongdoing if they become aware of it - so any legal action against the data center would be based on evidence that the service provider knew what material was being held there.

Warrants required

Others have warned that under Canadian law, the police may need specific search warrants to analyze some of the data on the seized hard drives.

Taking down the whole host is a new approach, as investigators normally go undercover on peer-to-peer sites, where they find and engage individuals involved, Hanni Fakhoury, senior staff attorney at the Electronic Frontier Foundation, told Motherboard.

The material which has been seized contains around 1.5 million password-protected compressed RAR folders. Police do not know how much of it is illegal until it has been decrypted, but a statement says that the activity it saw in the file sharing site amounted to illegal material being traded “in volumes that we’ve never seen before.”

The files include IP addresses for 7500 possible users of the site(s). These haven’t been identified yet, OPP says 2200 of them are in the US, 843 are in Germany, 534 are in Japan, 457 are in Russia, 394 in Canada, 380 in the UK and 374 in France.