Online watchdog the Internet Watch Foundation (IWF) this month issued new advice on how IT managers should deal with child pornography discovered on corporate systems.

The IWF's chief executive, Peter Robbins, said that the police have clarified the circumstances under which IT staff may deal with illicit material without themselves risking prosecution. Like other experts in this field, Robbins pointed out that IT professionals must be cautious, however, keeping their exposure to illegal material to a minimum in order to stay within the law. He added that they must handle discoveries carefully, to ensure that evidence is preserved, criminals can be brought to justice and business is not brought into disrepute.

Robbins said the IWF has an important role in educating firms about their responsibilities and helping to enforce the law in this area, but added that it needs the support of firms and the public to remove illegal and offensive content from the UK internet. "We work on the basis of removing content by offering hotlines for alerts and complaints. Because most of the content is hosted elsewhere we have to work with other non-governmental bodies around the world," he added.

In the UK, the IWF gets a lot of support from ISPs and credit card companies. "Because of this we have managed to remove a lot of the content from the UK, but it still exists," said Robbins. In fact illegal content hosted in the UK was cut from 18 percent of the total in 1997 to under one percent at the end of 2003.

But, despite this fall, child pornography is still accessible online in the UK. The IWF hopes that further reductions will be made when firms and IT managers receive more information about how to deal with discoveries of child pornography on their systems. "[In the past] the law did not help people who wanted to report it," said Robbins. "In fact they were very frightened about what would happen if they did. But a change in the law recently protects anyone that has been legitimately exposed, meaning that they can report it to us or another body. Before the memorandum of understanding [between the police and the Crown Prosecution Service] it would have been illegal to look at [child pornography at all] - even for a systems administrator [accidentally exposed to such material while policing the network]."

A memorandum of understanding [MoU] to be signed off by the Crown Prosecution Service and the Association of Chief Police Officers will clarify the scope of the Sexual Offences Act. According to the MoU, IT managers will be allowed to preserve images of child pornography as long as they do so in order to provide access to either the IWF or a law enforcement agency. Previously, in theory, IT personnel might have faced prosecution even if they unintentionally stumbled across such illicit material.

Robbins said there is a lot of ignorance in this area. "Part of our role is to raise awareness about [changes such as the MOU]. We did some research and found that most people did not know about the changes. In this area IT managers are our target audience. They have reached very sophisticated levels with their filtering, blocking and monitoring, but if they don't understand the law they will not report breaches." Robbins said IT managers could be crucial allies in the campaign against child porn. "We must raise awareness about the protection that [IT managers] now enjoy. They can help us to take down content without worrying about whether their actions will be seen as illegal," he added.

More...