Deletion of a file not evidence of lack of intention to possess
The Ontario Court of Justice concluded from the nature of programs on an accused’s computer in a child pornography case that he was a sophisticated computer user, and therefore that inferences about his control and knowledge of material could be drawn in R. v. Thompson. In addition the court rejected a “deletion” defence with regard to possession of child pornography.
Police became aware of the accused when an officer investigating internet child exploitation on several occasions was able to obtain child pornography, through a file-sharing program, from an IP address which was later determined to belong to the accused. As a result a search warrant was executed at his residence and various electronic devices were seized, resulting in the discovery of further child pornography videos and images. As a result he was charged with various related offences: accessing child pornography, making child pornography available, and possession of child pornography.
Often in child pornography cases a defence which is raised is that the child pornography somehow came to be on the computer without the knowledge of the accused: the forensic evidence in this case made that argument untenable.
First, the evidence showed the accused to be a sophisticated computer user who appeared to have configured his computer to conceal the existence of the contraband files. He had installed a program which allowed him to create separate virtual operating systems on his computer, and in fact had created five such systems. The possibility of doing this, the trial judge noted, was unknown to most computer users, and was a technique which “can be used to obscure or hide the contents of the computer” (para 20). Beyond that, the computer contained a program which could be used to wipe clean the unallocated space on a hard drive, which is a location where remnants of deleted files are sometimes found. In addition, the computer contained programs which could be used to change the users IP address, or to conceal that IP address from the rest of the world. Further, the computer had installed and was running uTorrent, a common file-sharing application), and a number of videos and images were recovered which met the definition of child pornography. Some of those images matched the files which the police had downloaded through the file-sharing program from the accused’s IP address.
The only logical inference from the nature of the programs on the accused’s computer, the trial judge held, was that the accused had knowingly searched for and downloaded the material on his computer, and therefore that he was guilty of accessing child pornography. By the same token, the evidence of that collection of programs led also to the conclusion that he was guilty of making child pornography available.
On the possession charge, the accused pointed to the fact that the vast majority of the video files had been recovered from unallocated space, which meant that they had been deleted at some point. He argued that this should lead to the conclusion that this should lead to the conclusion that, although he accessed the material, the Crown had not proven that he intended to possess it. The trial judge rejected this position as well, however, holding that “He sought them out, downloaded them and at least temporarily saved them” (para 40). This was sufficient to prove possession as well, and so the accused was found guilty of that charge in addition.