Can Law enforcement catch bad actors online anymore?

8 December 2016 - A Workshop on Other in Guadalajara, Mexico


Can Law enforcement catch bad actors online anymore ?

Workshop co-organizer(s):

  • Robert Guerra, Technical Community, SSAC Member, ICANN
  • Jeff Bedser, Private Sector, iThreat Cyber Group

Description of the  workshop

The exhaustion of the IPv4 address supply has been predicted since the end of the 1980s. However, the large scale adoption of mobile devices and their associated IPv4 addressing needs accelerated the exhaustion timetable, and placed increased pressure on network operators to conserve IPv4 address.

This pressure has resulted in a marked increase in the use of technologies, such as Network Address Translation (NAT), that allow pools of addresses to be shared across multiple endpoints. These mechanisms enable the reuse of the limited pool of available IPv4 addresses, resulting in the number of connected endpoints vastly outnumbering the number of addresses in use in the public internet.

This has three important implications for Internet technology developers, and those who depend on certain behaviors of the technology.

Application designers need to consider the fact that an IP address does not necessarily identify an endpoint.

Law enforcement and forensic functions need to consider that an IP address alone may not be sufficient to correlate Internet activity observations with an endpoint; and even an IP address associated timestamp generally may not suffice.

Data retention mechanisms and policies that record or reference an IP address need to refactor their actions and requirements to consider that in increasingly large parts of the Internet, an IP address is merely a temporary identifier. Potentially large volumes of ancillary data are required to match an IP address to an endpoint.

Description of the plan to facilitate discussion amongst speakers, audience members and remote participants

The workshop will be organized as a facilitated dialogue. Led by the moderator, subject experts will debate and discuss the key questions and issues. Subject experts will give opening comments, after which the moderator will turn to those attending the session and invited experts in the audience to engage in facilitated dialogue.

In addition to the background documents and papers that will be prepared ahead of the IGF, additional articles of interest, commissioned blogs, reference materials and social media conversations will be published and distributed ahead of the workshop.

Workshop panelists/session experts

The experts listed below have accepted the invitation to participate in the session. They are drawn from the Law Enforcement, Government, Academia, Civil Society, The Technical Community and Private sector stakeholder groups. A facilitated dialogue will be organized so that these experts can bring their knowledge and perspective to discuss and debate the challenges brought by IPv4 exhaustion and the challenges and opportunities presented by IPv6 adoption.


(1) Jeffrey R. Bedser is the founder and CEO of iThreat Cyber Group Mr. Bedser has led ICG on its journey from an internet investigative firm to a technology driven threat Intelligence Company. ICG was formed in 1997 as Internet Crimes Group. Mr. Bedser has been a facilitator, panelist and speaker for organizations such as POLCYB, ASIS International, Infragard, HTCIA, The Conference Board, ICANN and the FBI Training Academy at Quantico. Mr. Bedser has received media coverage on multiple occasions discussing topics surrounding cyber-crime and cyber security.

For the session, Jeff will help present an overview of the current challenges being faced by cyber investigators as IPv4 addresses are exhausted and the transition to a wider deployment of IPv6 takes place.

(2) Ben Butler has been with Go Daddy since 2001. In 2002, He formed the Go Daddy Abuse Department, and served as Director of Network Abuse for over 10 years. In this role, Ben helped create and enforce company and public policies dealing with every form of potential abuse that happens online, including spam, phishing, identity theft, copyright infringements, cyberbullying, child exploitation issues, and rogue internet pharmacies. He recently took on a new role as Director of the Digital Crimes Unit. Ben comes from a strong technical background including several years as a network and email administrator, and has experience in customer service, business management, and marketing.

Ben will bring a registrar perspective to the conversation and dialogue.

(3) John Curran is considered an Internet and telecommunications industry expert. Curran was one of the founding members and is the current President and Chief Executive Officer of the American Registry for Internet Numbers (ARIN), a Regional Internet Registry (RIR). He is also a Principal Associate at Isotropic, LLC., a cybersecurity and telecommunications service provider. Curran actively participates in the activities of the Internet Engineering Task Force (IETF) and has served as co-chairman of the Operations and Network Management Area and member of IPng (IPv6) Directorate.

For the session, John will bring the North American Regional Internet Registry perspective to the conversation.

(4) Laura DeNardis is an American author and a globally recognized scholar of Internet governance and technical infrastructure. She is a tenured Professor and Associate Dean in the School of Communication at American University. She is a Senior Fellow of the Centre for International Governance Innovation (CIGI) and serves as the Director of Research for the Global Commission on Internet Governance. With a background in Information engineering and a doctorate in Science and Technology Studies (STS), her research studies the social and political implications of Internet technical architecture and governance.

Laura is an appointed member of the U.S. Department of State Advisory Committee on International Communications and Information Policy (ACICIP). She has more than two decades of experience as an expert consultant in Internet Governance to Fortune 500 companies, foundations, and government agencies.

For the session, Laura will bring an academic and research perspective to the conversation.

(5) Athina Fragkouli is the Legal Counsel at the RIPE Network Coordination Centre (NCC), where she is responsible for all legal aspects of the organisation. She defines the RIPE NCC legal framework, provides advice, and gives legal support for all RIPE NCC activities. Athina works with a variety of Internet stakeholders such as network operators, governments, and Law Enforcement Agencies (LEA). She also represents the RIPE NCC in a variety of fora such as technical meetings and EU-organised events.

Athina - Will bring a European Regional Internet Registry perspective to the panel. As well she will bring a rights based, european and privacy perspective to the conversation.

(6) Merike Kaeo is a recognized global expert in information security and author of “Designing Network Security.” Prior to joining Farsight Security, Merike served as Chief Information Security Officer for Internet Identity (IID), where she was responsible for maintaining IID’s vision and ensuring the company’s sensitive information and technologies are protected. Prior to joining IID, Merike founded Double Shot Security, which provided strategic and operational guidance to secure Fortune 100 companies. She led the first security initiative for Cisco in the mid-1990s. Merike is on ICANN’s Security and Stability Advisory Council (SSAC) and the FCC’s Communications Security, Reliability and Interoperability Council (CSRIC). She earned a MSEE from George Washington University and a BSEE from Rutgers University.

(7) Iranga Kahangama is a Policy Advisor for the Federal Bureau of Investigation. Currently, Iranga serves in the Executive Staff Unit of the Science and Technology Branch at FBI Headquarters in Washington, DC. Since 2015, Mr. Kahangama has been working on Internet Governance efforts with the Internet Corporation of Assigned Names and Numbers (ICANN) and Regional Internet Registries, i.e., ARIN, RIPE NCC, the Internet Engineering Task Force and other Internet Governance organizations, to foster Internet policies and practices that ensure effective international law enforcement investigations. Prior to joining the FBI, Iranga completed his Master degree in Public Policy from the Harvard Kennedy School of Government.

Iranga will bring a US and international law enforcement perspective to the conversation and dialogue.

(8) Dick Leaning has over 28 years’ experience in Law Enforcement, leading teams of investigators in the Metropolitan Police Service (London), UK National Crime Squad (NCS) and the Serious Organised Crime Agency (SOCA) and from 2009 within SOCA’s Cyber Crime Department. Dick has been the UK representative at the G8 High-Tech Crime subgroup of senior experts and Interpol’s European High-Tech Crime Working Group with responsibility for enhancing the abilities of law enforcement. Based in The Hague since September 2011, Dick joined the United Kingdom Liaison Bureau (UKLB) desk as a Europol Cyber Liaison officer, and has recently taken on the role of Seconded National Expert attached to…

Related Sessions

Main Session in Rio de Janeiro on Other

12 November 2007 | 1127 views

Main Session in Rio de Janeiro on Other

12 November 2007 | 1233 views

Best Practice Forum in Rio de Janeiro on Other

12 November 2007 | 852 views