Network managers warned over child porn

Network managers must put in place proper procedures to deal with paedophilic images on a company's systems to avoid finding themselves potentially liable to prosecution, a security expert warned this week.

Neil Barrett, technical director of Information Risk Management, said that in the wake of the recent Wonderland Club prosecutions, companies needed to take steps to prevent being implicated in child sex rings.

Last week, University Press computer technician Ian Baldock was sentenced to more than two years' imprisonment after child pornography was discovered on his work computer.

Barrett warned that the Children's Act prohibits the possession of indecent images and could land a company in legal trouble if such images are stored on its servers. He warned that companies have a duty to check FTP logs on a frequent basis.

"If there are a great deal of images or video files associated with one account or member of staff, be suspicious, particularly if the logs show that downloads were made at unusual times," he said.

But George Gardiner, a senior partner at law firm Buchanan Ingersoll, said that although companies could "technically" be charged as accessories, it is "very unlikely" they would be prosecuted. "I think the police would be foolish to attempt to prosecute organisations because their infrastructure has been used," he said.

However, Barrett, who has advised the police on a number of cases, said it was important to inform the police straight away if companies discovered child pornography on any of their systems.

He said that firms do have some liabilities under the Children's Act. Just sacking the employee, he pointed out, puts a potential offender back on the street with a clean work record.

But Gardiner stressed that companies should not use draconian measures to offset fears of police investigation should an employee or contractor commit crimes using a firm's systems. "It's a balancing act between civil liberties, the right to privacy and the concept of innocent until proven guilty," he explained.

He too advised companies that uncover any child pornography to involve the police immediately. "In cases where contractors or employees have used company networks to download paedophilic material, such people have been frog marched to the police station. The industry attitude to kiddie porn is zero tolerance," he said.

First published in Network News