Utah Bill will Require IT Workers to Report Child Porn they Encounter


#1

Utah State Rep. Craig Hall wants to make reporting of child porn found on PCs by IT folk mandatory.

FTA:

The proposal would require computer technicians to report child pornography to law enforcement or a federal cyber tip line if they encounter the material, but they would not be required to go searching for it. If they find it and don't report it, they could be given up to six months in jail and a $1,000 fine.
http://www.ksl.com/?sid=38235604&nid=148

Honestly, I thought that it was a felony, or at least a serious misdemeanor if you didn’t report this stuff anyway.

I know it’s rather unenforceable, but I’d personally get behind this. I’m a lowly helldesk guy, but I know that if I ever come across child porn on any of the machines I manage, I’m reporting FIRST, directly to the store’s local police, then I tell my manager. I don’t need to be incentivized with a law or fines and jailtime if I don’t report it. Who the fuck wouldn’t report it? Psychopaths are all I can think of.


#2

Would you report a photo of someone’s toddlers playing in the bathtub? Topless selfies of a teenaged girl who may or may not be of legal age? Both of those things have been prosecuted as child porn. By reporting actually innocuous photos like that you’re putting your client into a world of shit, and by failing to report what some overzealous prosecutor deems actionable you’re putting yourself in a world of shit.


#3

At work on the helldesk, my job isn’t to make judgement calls like that. And honestly, if I see something that looks to me like child porn, I’ll absolutely report it. It’s that simple. These are work machines anyway. The only photos that are supposed to be on them are in the webcache, and photos of displays that our visual merchandisers take so they can keep track of layouts. I rarely deal with our designers, who have photos of lots of other stuff.

In any case, I don’t think someone who’s partaking in child porn would be satisfied with a photo, if pedophilia is like any other fetish.

But I do recognize the gray area. And I appreciate the retort.

Honestly, it’s a gawd-awful mess. I don’t think teenagers sending each other sexts is child porn, and I’d rather they didn’t get prosecuted for that kind of stuff.

I think one of the important features of the bill is that nobody is required to go looking for child porn. That’s an easy way to get yourself off the hook. Nearly 100% of my job has nothing to do with looking at people’s personal files. And they’re not supposed to have “personal” files anyway on our machines.

I fucking uninstall iTunes and delete the music library when I come across it. They can fill up their iPhone at home, or use Starbuck’s wifi. Our corporate network handles fucking payment info (different segment, obviously, but still, it’s the company’s network and workstations, not the user’s.)

If I come across something I think is child porn, I’ll report it. Immediately. With all the info I have. I’ve never come across anything even questionable on my corporate network. I think the “worst” I’ve seen is a photo of one of my users holding their kid who’s just in a diaper. Not child porn.


#4

Also, I’m pretty sure not reporting child porn is a crime anyway already.


#5

Also, we have a man in Utah, who is also IT folk, Paging @slybevel you have anything to say about this?


#6

Hey, I have a question, IT guys. If you’re working on a computer and you see a folder full of .jpg files, do you start opening them to make sure they’re not contraband?

EDIT: Woops, I see @LDoBe just answered that one. Never mind.

I wonder if they’re handing out job aids with helpful precise definitions of “child” and “porn.”


#7

Well I work on servers so thats a different thing entirely. The worst I personally saw at work was way back in the NT4 days and a file share had been filled up past quota when some idijit up loaded a .mov file of the SouthPark pilot.
A bunch of my coworkers were all honestly offended where I had already seen it at Spike and Mike a month or so earlier so I was like oh thats totes funny shouldn’t be on a file share but whatever. I think the poor guy got reported to his manager for it. I would have just deleted the thing after going oh not work related bye bye.
One of my coworkers had to investigate performance issues for the citrix environment and they tracked it down to a specific user and then watched/spied on his desktop to find this guy log in and immediately go out to the internet and start up like 4 porn vids and leave them running. Again this was NT4/win98 days so that was a big resource hit. Security escorted that guy out. My coworker however was better humored about it she was just like really dude at work on the Citrix session?
And I have heard stories from and old coworker who went into security. Oh man I do not envy those guys sometimes.
I am kinda you know I don’t really care what gets you excited for the most part, but bob damnit do not be so dumb as to look at that stuff on your work machine during work hours.
In some ways I am glad the corporate firewall blocks so much extra stuff now.


#8

I think I like this, but I’d be VERY concerned about the specific wording of the bill-

As @L_Mariachi and @LDoBe already mentioned, there’s the issues of generally innocuous stuff that might still fall under the mandatory reporting: teenage selfies, baby bathtime, anatomy pictures for medical students or artists.

There’s also the question of what degree of privacy a person can expect. If you tell something to a doctor or lawyer, they can only report it if you are at high risk of harming someone. If you tell a teacher something relating to abuse, they have to report it no matter what. if you tell a priest, they can’t tell anyone, and have been known to face prison rather than comply with a subpoena. The question is whether the guy who fixes your computer is exempt from reporting illegal activity, required to report it, or something in between.

I’m mainly worried about three possible abuses a law like that could make possible- One, opening the door to mandatory reporting of other crimes, like copyright infringement or activism “cyberterrorism”. Two, stretching the definition of probable cause to include things like encription, using Tor, etc. Three, the ability to use a third party (your local computer shop) to circumvent what the 4th amendment prohibits law enforcement from doing.

Once again, I like the idea of kiddie porn getting reported- I’m just very concerned with the specific wording of the law.


#9

Personally, no. Not without a reason. 99% for ethical reasons and my own version of “do unto others.”

On the rare occasion I’ve had to look into something file wise (usually because of using up too much space!), it’s turned out to be wedding photos or something else that, you know, technically is still a waste of resources that’s inappropriate. No one’s going to have much sympathy for the person enforcing the rules on it.

And that’s what 90% of the violations are (at least in a corporate environment). People trying to install a weather app, coupon clipping apps, app to stream local radio. It’s all bad on IT resources and when it comes to our attention, we have to deal with it.

There’s too much of it to go proactively, manually tracking it down.

When I do run into something serious, I report it. But I’ve only twice run into porn at all.

If I’d gone looking for it, I might have. But mostly I would have seen a lot of wedding photos.

Is it a good idea to have a law requiring reporting child porn? Absolutely. Is this the best law to do that? Maybe?


#10

Praise be to the dogs, I’ve only ever (accidentally!) run into adult porn on a few systems I worked on years ago.

I’ve been on corp networks and deleted massive libraries of music and videos that didn’t belong there. Only once did I hear back about it, and I was well covered in that instance.

In my early days of recovering drives, I’d search out meaningful stuff by filetype and try to recover that first, but I was running into too much stuff that I didn’t want to know about. I went to recovering what would come of the file tree, dumping it all to DVDs, and letting the client sort through the ashes.

Maybe it’s just me, but I’m always way more comfortable honestly saying,

“I have no idea what all was on there, but it looks like we got a lot of it. You’ll have to tell me if the important stuff made it.”


#11

This topic was automatically closed after 391 days. New replies are no longer allowed.