2009/9/10 Adrian Crenshaw <[email protected]> > If the CP in question is encountered while servicing a computer with a > known user/owner then reporting it is the ethical right thing to do. > However, in the case of darknet research it's next to impossible to know > where it came from, and if it was reported everytime a new image/video was > found you would be in calling an FBI field office every 20min. This has a > huge chilling effect on such research, or at least the publishing of such > research. I'm asking a lawyer I know on the issue, and in the mean time > being careful where I click. > > Adrian
You made the point much better than I did. I'm uncertain of the value of submitting evidence without context. Legal council is clearly essential. Let us not assume what law enforcement wants from the white hat community while at the same time not assume they have a full understanding on what this research can offer. Now would be a good time to ellicit a response from governments as well as law enforcement on how researchers should tackle this issue. The child exploitation issue asside, researchers can be exposed to all sorts of material of value to law enforcement. Suppose you obtain a copy of an online banking trojan, you have evidence of a crime and something that the posession of which could entail legal liability. By the same measure shouldn't this be reported to the police? Here there is a higher probability that the evidence could provide law enforcement with a lead but the subject matter being far less emotive leads me to believe far fewer people would stand up and say you absolutely must report this crime. Jim
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
