Establishing Security Standards for Computers in Cells
It is essential that some formal principles about computer access for people in detention are immediately established, as this is basic to any serious attempt to nationally implement a computers in cells (CIC) program. The aim is to fully defend the CIC system against any abuses that could place the community, prisons or prison staff at risk. The security standards should become the base upon which other jurisdictions can securely form their computer systems.
It is proposed that these standards be universally accepted and adjusted as necessary as the agreed ‘gold standard’ of good prison management for computer access.
Through these security standards we intend to pre-emptively address any security concerns relating to the implementation of computers in prisoners’ cells.
The computers in cells system should be simple and safe, but also involve prisoners themselves in taking a measure of individual responsibility, just as everyone does within the general community. It is essential that authorities recognise the principle of individual responsibility as opposed to collective responsibility, and ensure that only those inmates who abuse the system should be punished. In the event that abuses of the computers in cells system does occur, transgressors must be dealt with individually.
Any new proposal within the prison system is a disturbance of the status quo. There will be a high level of emotional response from administrators and staff who are accustomed to operating in a tightly controlled and restricted environment and always resent any benefits to prisoners. Those who have little knowledge of IT and low education levels will be suspicious and distrustful of the computers in cells system. As a consequence, some administrators and staff have in the past deliberately sabotaged new systems, therefore it is necessary that we provide stated standards by which it can be judged to ensure that computers in cells are protected.
Obviously there will be different areas of risk concerned with stand-alone systems and those with internet access, all of which need to and will be addressed by the current supplier of prisoner computer services.
In relation to instances of abuse of the system, there are specific areas of concern to be addressed in order to maintain the integrity of the system. Those concerns include:
- Crime including sex offences
- Contacting victims
- Access to pornography
Case Histories of Breaches
(‘Clearing House’ – Opportunity to lodge experiences)
There have been examples of past cases whereby security breaches have occurred, however the current technology can address all of these issues.
Case History 1
In this instance it was reported that child pornography had been smuggled into Ararat prison, Victoria (Australia) through USB storage devices and memory cards.
Case History 2
In another situation at the Alexander Maconochie Centre, Australian Capital Territory (Australia) a prisoner used internet access to send a garbled message via email to The Canberra Times.
Case History 3
At Barwon prison, Victoria (Australia) an inmate was found with a disc containing dozens of offensive pornographic images.
Case History 4
Thirty Facebook pages across the United Kingdom were taken down after it was discovered that prisoners were using their profiles to taunt their victims.
Solutions to Security Breaches
Logging and Monitoring
Extensive logging of user sessions is recorded in the computer supplier’s server system logs for custodial staff to audit later if required. Custodial staff can remotely monitor or control prisoner desktops, for remote support or for clandestine monitoring.
Print Accounting and Identification
All printing is logged with the computer suppliers system so that the associated costs can be charged to the prisoners. All documents are marked with clear identification of the prisoner who printed them.
The computer supplier ensures desktop computers can be automatically shutdown at a nominated 'lights-out' time. Prisoners are unable to use the computers until the curfew is automatically lifted.
Unauthorised Memory Devices
Technologies such as high density USB storage devices, DVDs and 3G modems have been known to be smuggled into or out of prisons as a means of communication or for access to non-approved media. To address this, the computer supplier has explicitly disabled the use of any modem or USB storage device and has blocked access to optical media containing video or data content unless it has been analysed and approved by staff. Any attempt to access unapproved media will alert custodial staff.
Access to DVD or CD media may also be restricted to specific users or desktops. Although prisoners may try to smuggle such devices in and out the facility, they will not be able to access the content or upload content to the device.
Unauthorised Email Messages
Through the computer supplier’s system, prisoners are provided with access to a secure email so that they can contact a restricted and monitored amount of people (such as their solicitor and family members). Emails are filtered through a security system in order to monitor inappropriate information.
Unauthorised Website Access
The computer supplier blocks all access to any unapproved websites, of course including Facebook, Twitter, Gmail, and any other social networking sites that could give prisoners access to victims.
Current technology and security measures allow for the safe use of computers by prisoners. With recidivism rates over 40% it is important to implement CIC programs within Australian prisons. See the ‘Computers in Cells Proposal’ for in-depth analysis about how CIC will reduce recidivism creating a safer community.