THE BLOG
08/26/2014 03:15 pm ET Updated Oct 26, 2014

Corporate Crackdown Could Quiet Cybercrime

It's all too easy to find a rogue online pharmacy that sells drugs to people who don't have prescriptions. In fact, these outlaw operations will sell drugs to children. But it should shock us that some of our most respected corporations don't seem to care about who their customers are -- even when they are illegal drug sellers.

Over the last five years, there has been a concerted effort to crack down on these rogue pharmacies. And that's a good thing. They will sell to anyone with Internet access and a way to pay. They often offer substandard medicines. They make addictive drugs, that legitimate pharmacies take great pains to track, easily available. Those drugs can kill you or someone you care about.

Over the last year, Digital Citizens Alliance successfully ordered tramadol, hydrocodone, codeine, and anabolic steroids without a doctor's visit, simply by finding the right website. We even had a 15-year-old call numbers we found online -- then tell the operators he was a minor -- and initiate prescription purchases with no resistance from the other end of the line.

However, it is too simple, and inaccurate, to blame the Internet for the rise of these illegal enterprises. It might be a cybercrime mastermind behind the website offering the goods, but there is nothing high-tech about the delivery of the drugs to your doorstep. In fact, the drug lords running these criminal enterprises would not be able to ship the drugs without the services of trusted, respected, established companies that we've all come to know after decades of service.

And that's really troubling -- we worry that some of the facilitators of online crime are not just unwilling accomplices, but are in fact, aware of what's happening and allowing such activity to go on.

Fortunately, we're not the only ones asking questions.

Just last month, federal authorities accused FedEx of knowingly shipping illegal drugs such as painkillers, sleep aids and other powerful medications that should only be used under supervision of a doctor. Prosecutors said: "FedEx delivered controlled substances and prescription drugs from online pharmacies to individuals who subsequently died or accidentally caused the death of others." (To be clear, FedEx doesn't face criminal charges for having a role in the deaths of these individuals.)

Last year, UPS agreed to pay $40 million to the federal government to end an investigation before it went to court. Reports indicated that UPS did not respond to warnings from drug task forces in Virginia, Kentucky and other states about rogue online pharmacies. Investigators said UPS made as much as $5,000 a day in shipping fees.

Even with these actions to stop the bad actors, law enforcement has much more work to do beyond just the two big carriers in the industry. I mentioned earlier the six packages filled with pills ordered by the Digital Citizens Alliance from operations that could be considered rogue online pharmacies. Two of those packages contained pills that, when tested, were not what we were promised. None of the packages we received were shipped through FedEx or UPS, but at least one package was shipped through another well-known rival carrier. In fact, the "pharmacy" even promised to use the logo of the well-known carrier on its website. Our experience leads us to think that the charges against FedEx and UPS are indicators of a widespread, systemic problem that will not be easily solved.

And there are plenty of other parts of the transaction where businesses can get a piece of the criminals' actions. We also looked at some credit card companies' role in the sales of illegal pharmaceuticals. We actually informed a credit card company of one pharmacy, and the processor stopped service to the pharmacy in a matter of hours. That company has made a major investment in consultants and enforcement to combat rogue online pharmacies.

There is a larger question worth asking: Do we want corporations deciding what is a high crime and what is just an unfortunate nuisance that can be worked into the business model? Whether the corporation is a 20th-century industry leader or 21st-century disruptor, all should treat all online crimes equally and seriously. We applaud those companies cracking down on -- let's say for example -- online child pornography and human trafficking. But does that give corporations the right to turn the other cheek to their potential involvement with rogue online pharmacies, as well as the sales of bogus and stolen credit cards, fake IDs made available and the theft of content creators' intellectual property?

We can't ask businesses to fight cybercriminals without help from law enforcement. At the same time, we should be able to expect that our best corporate citizens will not complicate matters for authorities and make the sales of illegal pharmaceuticals so damn easy. Think of it this way: If you rented an apartment out and found out your tenant was dealing drugs there, what would you do about it?