Business & Finance
02:07 PM
Connect Directly

Legal Brief: When The Unthinkable Becomes A Reality's informal poll shows that 51% of respondents' companies don't have policies regarding child pornography.

Child-pornography images are showing up in the most unlikely places--the desktops of professors and senior executives, lawyers, teachers, and others you would never have suspected, even your trusted employees. What would you do if the police heard about this before you did, directly from another one of your employees?

Suddenly, your carefully crafted Internet-use policy doesn't give you the coverage you expected. How should you deal with the contraband you discover on your company's computers? How should you handle the police, the employee who is implicated, and the employee who called the police?

The time to think about these questions is now. Being prepared, and preparing your employees, can make the difference between a difficult situation and a public-relations and legal disaster. To do that, you need to have a policy in place and procedures that implement that policy. Then you need to make sure that those policies and procedures are communicated to your employees.

First, review your existing Internet-use policy. Does it contain a provision dealing with criminal activities? What about pirated software and music? Have you created a procedure through which people can report abuses of the policy?

Next comes the hard part. You need to decide whether to report criminal activity to authorities or handle it as an internal matter. Many companies elect not to report employees' criminal activities to law enforcement. They handle these activities as a violation of company policy. Should your decision for handling discovered criminal activity depend on the type of activity involved? Are you more likely to forgive music pirating than child pornography? You need to work out these issues in advance and consult with your legal advisers. Failure to take action when you discover criminal activity may result in the company itself facing criminal charges.

Once the parameters are decided, create written policies and procedures that deal with criminal activities that are found on your computer system. They should include a description of the kinds of actions that are illegal, as well as a statement that they are only some examples. They should also include to whom and how violations should be reported. Make sure employees know that ignoring procedures is a violation of company policy and can be disciplined as such. Make sure the policy is signed by everyone.

Then you need to establish methods of investigation. Investigating child pornography is especially tricky. It doesn't take much for the investigator to violate the law. Possession, downloading, printing, or saving child-pornography images, in any format, or delivering it to anyone else is illegal, even when you intend to report it to legal authorities. When child pornography is suspected, law enforcement or private consultants trained in this area should be called, and the computer isolated immediately.

For a checklist on preparing an appropriate policy, see "Tips For Writing A Criminal-Activity Policy".

Parry Aftab is a cybercrime expert and a privacy and security lawyer. She can be reached at

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.