: What do I do if a user uploads child pornography? If my website allows uploading images (which are not moderated), what action do I take if a user uploads child pornography? I already make
If my website allows uploading images (which are not moderated), what action do I take if a user uploads child pornography?
I already make it easy to report images, and have never had this problem before, but am wondering what the appropriate response is.
My initial thought is to:
Immediately delete (not just make inaccessible) the image
File a report with the National Center for Missing and Exploited Children with all information I have on the user (IP, URL, user-agent, etc.), identifying myself as the website operator and providing contact information
Check any other images uploaded by that IP user and prevent them from uploading in the future (this is impossible, but I can at least block their account).
This seems like a good way to be responsible in reporting, but does this satisfy all of my legal and moral responsibilities? Would it be better not to delete the image and to just make it inaccessible, so that it can be sent to the National Center for Missing & Exploted Children, the police, FBI, etc?
More posts by @Cugini213
1 Comments
Sorted by latest first Latest Oldest Best
First, you need to have something in the Privacy Policy/Terms of Service about what you intend to do. If you intend to file a report with the NCMEC. What information you intend to disclose with/without search warrant, etc.
I would recommend that should a User upload a child porn image, immediately make it inaccessible to the general public. You should then phone your local FBI Field Office and discuss it with them. Ask them what you should do with the image. Provide them with the information they need to go to a DC and serve a search warrant for a copy of the HDD (as that will likely happen if they create a case about it...they will need to receive a direct copy).
DO NOT DELETE THE IMAGE UNTIL CLEARED TO BY LAW ENFORCEMENT. What you have on your server when the image is uploaded is considered evidence of a crime. Deleting the image could constitute destruction of evidence which could in turn land you in hot water.
You also need to ensure you have logs saved for the activity. Additionally, you need to create a log of some sort (excel spreadsheet even) that documents what actions you took and when.
I would honestly recommend retaining a lawyer to go over everything. Technically it's not your legal obligation to report a crime in the US, however, possession and transmission of Child Porn is a federal crime, you want to make sure you're protected.
You will also want to log anyone elses actions on the server regarding the image.
Basically:
You receive a report of child pornography. You create a log (like I said, something as simple as an Excel spreadsheet will work)
You then verify whether it's child porn or not. If it appears like it is, make the image unavailable. Log both of these actions.
Retain any information about the uploader you have, including IP Address
Notify the FBI Office in the area of where your server's DC is located. Ask them for guidance on what to do further. Log this information. Continue logging.
Ensure anyone else with access to the Server logs any actions they take on the server (even if it's not related to the actual image...as minute as an apache process restart) in their own log.
Sign and notarize them and keep them on file. Turn over originals to FBI if asked.
You will want to include your source location when logging the items.
I say log the items for your personal protection and to document a chain of actions for the evidence should it be used in the prosecution of someone.
Remember, you're not required to do any of this, this is for your protection.
*Source: I was in the US Army Criminal Investigation Command and a Military Police Investigator between 05 and 11.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.