[178689] in North American Network Operators' Group
Re: Large Ontario DC busted for hosting petabytes of child abuse
daemon@ATHENA.MIT.EDU (Landon Stewart)
Mon Mar 2 13:21:48 2015
X-Original-To: nanog@nanog.org
From: Landon Stewart <landonstewart@gmail.com>
In-Reply-To: <20150302180302.GB94073@mikea.ath.cx>
Date: Mon, 2 Mar 2015 10:21:41 -0800
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--Apple-Mail=_6D2E0ABD-35B2-4371-9714-2E1495600E05
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On Mar 2, 2015, at 10:03 AM, Mike A <mikea@mikea.ath.cx> wrote:
>=20
> On Mon, Mar 02, 2015 at 05:53:33PM +0000, Naslund, Steve wrote:
>> Don't know who this is but the legalities are pretty clear I think. =
The DC
>> is not required to know what data is stored but if the cops can prove =
that
>> someone DID know what was stored, that person can be criminally =
charged.
>> IANAL but I have worked with LE on a similar case and that is how it =
was
>> explained to us by the FBI. It will be hard to prove anyone knew =
however
>> since anyone that knew and did not report it committed a crime. =
Charging the
>> company will be a stretch unless they can prove that at least one =
corporate
>> officer knew. Otherwise the company will fire whichever employee knew =
and
>> say "He should have told us".
>>=20
>> This is all about who knew what and when.
>=20
> True in the USA, I think; but what about Canadian law?
AFAIK it's generally the same in Canada. If a provider is aware of =
(reported, accidental discovery or otherwise) the existence of child =
pornography on their network that existence must be reported to LE and =
the content must be cease to be publicly available.
What I've done in the past when such a report is received is created an =
archive of the whole directory and subdirectories in question, collected =
all the customer data related to the account including logs of logins =
and file transfers and sent that directly to law enforcement and through =
https://www.cybertip.ca/ <https://www.cybertip.ca/>.
Some information for Canadian service providers is in the reporting =
system itself:
https://www.cybertip.ca/app/en/service_provider_report
--Apple-Mail=_6D2E0ABD-35B2-4371-9714-2E1495600E05
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iEYEARECAAYFAlT0qjYACgkQgJOZ7bxis1OeWwCgof2F5iIuY8sq/xT3eaTjJFFd
/t0An0X7AgIrFJDc2Ra5a2snn59dH6iM
=EL8C
-----END PGP SIGNATURE-----
--Apple-Mail=_6D2E0ABD-35B2-4371-9714-2E1495600E05--
