For Dorothea Perry and Robert Gross, the course of action seemed clear enough when Gross, an IT support specialist working at New York Law School, opened a folder on a faulty PC last June only to discover thumbnail images of naked young girls in sexually explicit positions. The IT colleagues reported the finding to their manager, setting off a chain of events that resulted in the arrest of the professor who used the computer and, last month, his guilty plea. An open-and-shut case, right?

Not by a long shot. Within a few weeks of reporting what they saw on the PC of professor Edward Samuels, a copyright law expert, Perry and Gross found themselves on slippery footing with their employer, Collegis Inc., an IT outsourcing company under contract to New York Law School. Both workers were put on probation for a range of issues unrelated to the child-porn finding, and in October, they were fired.

She approached the FBI because it was unclear how the case was proceeding or even if there was a case, says Perry, (right), with Gross.

Collegis insists there's no connection between the two developments, but the broad outlines of the case still raise questions about IT's responsibility in dealing with the serious problem of child pornography on workplace computers: Do businesses have clear policies that forbid employees from storing child pornography on computers and guidelines for what system administrators should do if they encounter it? Should the law, as it does in at least one state, South Carolina, require that IT professionals report incidents of suspected child pornography? And is it really necessary for help-desk technicians to delve into personal files when troubleshooting or is that an invasion of privacy?

Perry and Gross maintain they did nothing wrong and, in January, they filed a $15 million lawsuit, charging New York Law School and Collegis with retaliation for their "discovery of and complaints about" the child pornography, which they contend was a form of sexual harassment and, as such, a violation of New York City's human-rights law. The workers "had a right to a workplace free from degrading and offensive pornography," explains their lawyer, Louis Pechman. (In addition, the complaint charges, Perry's dismissal was in retaliation for a previous job-discrimination lawsuit she filed against the law school, which was settled in 1997.)

Collegis has moved to dismiss the January suit on grounds that New York City's human-rights law doesn't apply "to the plaintiffs' claim that discovery of child pornography in a hidden file on a computer not owned by Collegis violated their rights," according to Collegis lawyer Cleat Simmons, who responded via E-mail to InformationWeek. In a separate correspondence with InformationWeek, Collegis CEO Tom Huber said Perry and Gross' actions in reporting the pornography to their supervisor were consistent with company policy, and that New York Law School and Collegis cooperated fully with law enforcement in handling the case. Perry and Gross lost their jobs, he wrote, for reasons "completely unrelated" to that.

As recounted in Perry and Gross' lawsuit, circumstances leading up to the legal face-off were just another day in the lives of New York Law School's PC support team. On Sunday, June 2, Perry began to assess problems on the PC used by Samuels, who thought his system might be infected with a virus. For two hours, Perry tried to fix it, uninstalling and reinstalling antivirus software, but the system continued to malfunction. The next day, Perry gave the PC to Gross to back up, fearing it might crash and lose valuable data.