What if child porn is encountered during research?

[arch3angel at gmail.com (Robert Miller)]

A couple things and maybe a rant...

Mick, Jack, and the others are absolutely right.  you need to consult 
with an attorney who not only knows these laws, but also is cyber wise.  
Get the advice of the lawyer and take that advice to people like 
InfraGard and local police.get to know them and build a line of 
communication with them, explain what you do, your website, and why you 
do it.  These relationships could be what saves Bob's butt when it comes 
time to deal with such things, and he will deal with them for sure.

I was helping a local repair shop a few years back, small shop and the 
guy really needed help.  I figured free time was something I had so I 
volunteered to help the guy build his business.  Now as everyone should 
know all sorts of things appear on the desk of a repair shop when 
dealing with computers, but the one thing I will always remember is the 
words of law enforcement and an incident was reported. NEVER, and I say 
NEVER tamper with evidence in such a case.  If you do ANYTHING to the 
data in ANY way you can legally be held as an accessory to the fact!  So 
what does that mean?  You have now placed yourself in the SAME line of 
fire as the individual who committed the act in the first place.  This 
is the same as you have a server with access to some friends, someone 
puts a bad thing on server let's say an ISO of Windows 2008, and somehow 
this is found out.  Guess who is responsible and pays the fines, YOU ARE! 

Here are the steps I would take if I was in the shoes of Bob....

Prior to do research contact an attorney and find out whats legal and 
what's not - know your bounds
Take knowledge from the attorney and seek out advice from InfraGard and 
law enforcement - know what is expected of you
Develop a WRITTEN log to track and document your research, not a digital 
log as these can be tampered with, if you wrote it its in your hand 
witting - know its yours and be able to prove it
Take newly developed Log form/sheet and have it review for legality by 
attorney, InfraGard, and law enforcement - know your doing things legal like
Begin research carefully following all the steps in your newly planned 
out log / step by step guide - know what to do and when to do it

Finally a rant or two...

Anyone who tells you to delete it, wipe the data securely, blah, blah, 
blah are some of the biggest morons I have seen in a while as this will 
do absolutely nothing but get Bob put in jail with ZERO chance of 
beating things!

Take everything said here from everyone who has said something and throw 
it out the window.  GO GET A LAWYER!!!!!!!!! :-)

P.s. can we find a different person for our dark research?  Every time I 
tell someone about what Bob does they look at me as if I am the one 
doing it, I just don't understand why :-)

Good Luck,

Robert Miller
arch3angel

Michael Douglas wrote:
> Jim, at one point that was the attitude of law enforcement.  I know, I
> was there... it was fugly.
>
> But unfortunately, the volume of these sorts of issues is such that
> *every* police department i've worked with in the past 5 years has a
> computer forensics "go-to guy" either internal or external.  As a
> result, assuming you approach them correctly, you're not going to get
> any flack.  I know... I'm there now.
>
> <warning -- I'm getting on my high horse>
>
> I'm *very* concerned with your approach, mostly from a moral
> standpoint.  If my turning over files is helpful in breaking a case,
> or just building a case, it is WELL worth the minor inconvenience of
> handing files over.  Just deleting files and walking away is not
> something I would ever encourage.
>
> "All that is necessary for the triumph of evil is that good men do
> nothing." (Edmund Burke)
>
> <off high horse>
>
>
> Again, please get a lawyer!  You have to know what protections you
> have in your jurisdiction.
> - Mick
>
>
>
> On Thu, Sep 10, 2009 at 7:42 AM, Jim Halfpenny <jim.halfpenny at gmail.com> wrote:
>   
> > 2009/9/10 Michael Dickey <lonervamp at gmail.com>
> >     
> > > Personally, I think I would wipe it clean off. That's not something I'd
> > > like to ever mess with or run afoul of.
> > >
> > > But there may be value in forensically examining the files or the victims,
> > > so it might be best to report the incident and turn over evidence.
> > >       
> > I for one would not expect a friendly or sympathetic response from law
> > enforcement if I approached them with such evidence. My gut instinct is to
> > securely delete and ignore, grave though the crime may be. If you are not a
> > law enforcement officer it's not your business to investigate crimes and
> > doing so could land you in hot water. IANAL but I don't think you are duty
> > bound to report a crime if the only report you can give is, "Paedophiles are
> > using anonymising tools on the Internet."
> >
> > Consult legal council. You may wish to document incidents where you are
> > inadvertantly exposed to such material and keep a copy of this log with a
> > solictor should you ever get into trouble.
> >
> > Jim
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> >
> >     
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090910/9c0eaca7/attachment.htm