What if child porn is encountered during research?

[jackadaniel at gmail.com (Jack Daniel)]

Echoing Mick's answers- talk to a lawyer, and your local Infragard is
probably a good resource.  Do not make assumptions as to what would or
would not be of value to law enforcement, allow the investigators to
make those decisions.

I am not a lawyer...but I would stop and document what I had done and
what I thought I had found as soon as I discovered something
potentially ugly and stop my investigation- then make contact with
legal and/or law enforcement before proceeding.

Jack



On Thu, Sep 10, 2009 at 12:00 AM, Michael Douglas <mick at pauldotcom.com> wrote:
> You *need* to consult a lawyer.
>
> Also it helps if you can reach out to your local law enforcement
> community *before* you get in such a situation. ?The local InfraGard
> chapter is pretty good where I'm at so I was able to get to know the
> agents who covered these cases.
>
> Excellent question, but I don't think there's a stock answer...
>
> - Mick
>
> On Wed, Sep 9, 2009 at 9:49 PM, Adrian Crenshaw<irongeek at irongeek.com> wrote:
> > While doing research on anonymizing networks, what is the best policy to
> > follow concerning inadvertently captured contraband (child porn, copyright
> > infringing files, etc.)? In the case of child porn, the authorities should
> > be notified under normal circumstances, but with anonymizing networks the
> > origin of the files is hard if not impossible to determine. Would it be
> > correct to just wipe the data after research on the network is done?? As I
> > understand it, even having it on your hard drive because of peripherally
> > relevant research would be a crime.
> >
> > Adrian
> >
> > _______________________________________________