To report, or not? Ethical and Legal dilemma.

Great Debates
1

Those of you who read the New York Times on Sundays will probably know of a column called “The Ethicist,” which appears in the Magazine. In this column, someone named Randy Cohen answers ethical dilemmas presented by readers.

I want to raise the issue presented in the most recent colum (login possibly required), because while i’ve mildly disagreed with Cohen before, this time i find myself in rather vehement opposition to his advice.

For those who can’t see the page i’ve linked to, here’s a summary.

A computer technician, while working on the company network, found a bunch of porn in the company presidents personal directory. According to the letter-writer, some of the images were of “young children—clearly less than 18, possibly early teens.” He asks whether he should call the police.

The ethicist says no. It’s not so much this advice that i’m disagreeing with, but some of the reasons that Cohen gives, which seem to me to be spurious at best, reprehensible at worst.

Here are some of the reasons he gives:

Fair enough. There are plenty of porn websites out there, and some use legal adults who may look younger than 18. It’s perfectly reasonable to argue that, if the models only look younger than 18, but are actually 18, then there’s no duty to call the cops. I’m assuming, in this thread, that the letter-writer is making a good faith assessment of the ages of the people in the pictures.

Then we get this:

That also is true, although if the pictures really are of underage children, then it shouldn’t be cause for stopping the investigation. Instead, and investigation should be begun to determine who actually downloaded the images.

Now, here’s one i really have a problem with:

Sorry, but i don’t buy the argument that, just because you got your kiddie porn for free, and didn’t put any money directly into the pockets of the kiddie pornographers, then everything is OK.

The ethicist continues this rather spurious line of reasoning, extending it to the boss’s behaviour:

Again, i really think this is irrelevant to the issue. Just because the boss might not be diddling kiddies in the park doesn’t make looking at kiddie porn OK.

The whole basis of the ethicist’s position, essentially, is that punishing the boss wouldn’t actually do anything to stop child pornography, because the boss is too far removed from the physical and financial sources of the abuse. He concludes that:

I really have a problem with this whole line of reasoning. I can accept that the real bad guys in the kiddie porn business are the ones who are directly exploiting the children, but i don’t buy the argument that this essentially lets the end user off the hook.

Some general observation:

I have no problem with porn as a general concept. I’ve looked at it, and sometimes still do. If the participants are consenting adults, whatever they want to do in front of camera, or look at on their computer, is fine with me. I’m even open to the argument that the current age cut-off for child pornography (18) could very reasonably be reduced to 16, in line the many states’ age of consent. But i do think that we need a cut-off, and that intentionally producing or seeking out porn showing minors should be punished.

2

I’m actually going to write to him about this. I agree that he totally botched the answer.

First of all, the pictures were said to be in the president’s personal directory (I assum My documents.) While it is possible someone else put them there, it seems extremely unlikely - especially if the pictures were around for a while.

The Ethicist assumes that the only action is to call the police. If the writer is a technician, I assume he reports to a CIO or equivalent. I would hope that the company has a policy about improper use of its computers, and this definitely violates it. (I’m assuming that the company in question does not producer porn.) The writer is likely violating company policy by not reporting it up his line and possibly to HR.

The writer owes more to the companyt than to the boss. Think of the impact if the cops find these images somehow, or some other employee sees them and sues? The employee owes it to the owners of the company, and to the board, to not cover up this stuff. If the President is innocent, there is a massive security hole -any third party that could put files into his directory could easily get proprietary files out of it.

I agree with you on the other things you raised - but the boss should be reported even if it was “legal” porn, assuming that the company has the normal rules.

3

Absolutely.

I realized, after posting the OP, that i hadn’t even touched on the professional, in-company issues that this case raises. I didn’t do a second post because i thought they might emerge in the course of the debate. Thanks for bringing them up.

4

I agree with mhendo and Voyager that the reasoning in that answer is a mess. If the company has a computer and network use policy like those we are familiar with, the network guy has a clear obligation to report the files to his immediate supervisor, preferably in the presence of an HR person. If he feels that this action would have disastrous repercussions for him, I think he would be justified to go to the police without alerting his supervisor. The police could attempt to determine whether the pics were illegal or not, and they would certainly alert the company that there was porn on the server. Silence is certainly not the only answer. I don’t think it’s even an acceptable answer.

5

I also find the columnist’s response pretty off-the-wall.

As has already been said, odds are that it is against company policy for the guy to have porn of any sort on his computer.

Just based on that, I’d say the whole column is wrong. It is an employee’s obligation ethically (and perhaps contractually) to report breaches of policy.

Even ignoring that, Cohen is suggesting that because the guy who wrote in can’t prove beyond a shadow of a doubt that the boss did anything illegal, he shouldn’t report it to the police, because being subjected to a police investigation of that nature would cause him harm.

Imagine, if you will, a world in which no one calls the police unless they can prove that a person committed a particular crime. Heck, we wouldn’t need most of our legal system at that point; the accuser could just tell a judge what the story is, and the judge could come up with an appropriate sentence.

And, with regards to the last quote:

Firstly, is that the entire intent of the law? According to who?

Secondly, Cohen is assuming that because there is a potential best-case scenario for the boss (that he did not pay for said porn, or that said porn is not actually of children), that an investigation should not happen to determine whether or not that is the case.

I could come up with any sort of best case situation for those accused.

“No officer, I use those empty beer bottles to add weight to my car in winter, and I only swerved into the other lane to avoid the 13 year old who was playing by the side of the road, honest!”

“Oh, well, in that case, you might be innocent, and it would put you through too much to conduct an investigation. You’re free to go.”
Seems to me that this is basically what Cohen is advocating.

6

I do computer support work and often see what is stored on folks’ personal directories so this isn’t a hypothetical situation for me.

Unless I see something that suggests the material is illegal it’s really none of my business - I have certainly seen tons of browser cookies with “XXX” in them and I haven’t said anything about that.

However, if I were to find what looked like child porn on any computer here, whether it’s the temp in the mailroom or the boss of bosses, I will most certainly go right to my supervisor and make an official report. We have all kinds of policies regarding appropriate use of company resources, so that’s one level, and obviously if someone is doing something criminally wrong then it needs to be handled officially.

My particular case may be a little different in that I work at a large law firm, so it’s entirely possible that someone could have this sort of material as part of a case (I know that we’ve had to unblock porn sites which happened to belong to clients, for example). That’s another reason that I wouldn’t go right to the cops. I would however bring it up. If it’s legit then nobody will fault me for doing my job. If it’s A Bad Thing then the guilty party needs to be brought to answer for it.

None of Cohen’s reasons strike me as reasons to ignore what appears to be highly illegal behavior.

7

I don’t agree with most child pornography laws as written, but it is not up to a computer technician to rewrite those laws for his own convenience. Whether or not children were harmed, whether or not the pornography was obtained for free, whether or not punishing the consumer is ethical or practical, the law is what the law is. We have people to make laws (legislators), investigate (police), determine whether laws were broken (juries) and pass sentence (judges) - none of them are computer technicians.

Just as I believe judicial activism is unethical, even more do I believe selective reporting or enforcement of laws is unethical. That doesn’t mean I always choose the ethical course when I myself don’t agree with a law - I’m not going to turn in people I know possess marijuana - but I don’t fool myself that remaining silent is an ethical stance. If I were being ethical, I’d turn everyone in, including myself, and raise public awareness of how stupid drug laws are by making people see that their pastors, teachers, policemen and politicians are smoking up, too, and society is not crumbling because of it, and the laws should be changed. The fact that I choose to behave unethically doesn’t mean I don’t know what the ethical choice is.

This clearly falls under the category of ethical questions that I like to call: “If you didn’t already know the answer, you wouldn’t be asking the question.” There is no ethical dilemma here, just a guy who wants permission to do what he already knows is unethical.

8

What are the rules for having such material on a machine? I can certainly accept that someone who needs this kind of stuff for a client could have a README in the directory, or even have the directory name as appropriate for a case. My company is pretty lenient about many things, but there are limits. Porn is one of them, and use of company computers for a private business is another.

If you found actual pictures (not cookies) don’t the guidelines require you to report it? Not to the police, but to your superiors. If I had a legitimate reason for this stuff, I’d make sure anyone messing around on my computer would know - some people might even be offended.

9

Aren’t porn sites good places to pick up a lot of viruses and spyware? I would think that alone would make them off-limits to company computers.

10

One other thing.

The letter writer said that he’s a network tech guy, and was working on the network when he found the porn “in the president’s personal directory.” I was assuming that this is some type of company intranet, where each employee has his or her own storage space on the network, probably protected by a password. Apparently, many companies prefer employees to keep files etc. on a central server system that can easily be backed up by the tech people, rather than on dozens of local hard drives.

The porn might not be on the executive’s local hard drive at all, but if his directory is password protected, then this makes it even less likely that the pictures were downloaded by someone else.

11

A couple in my city were recently arrested for bringing a child into the country for the purpose of sexual slavery. In reading about the case, I learned that in similar cases across the country, these children are sold not just for performing sexual acts, but also for being the objects of torture.

Since the president of the company has photographs of what appears to be underaged children, unless there is accompanying proof that these children are actually eighteen, there is good reason to assume that the president is interested in kiddie porn. The police need to do the actual investigating.

I would not go to the CEO of the company with the information. Going to your own superiors just passes the buck. You might help to rescue abused children if you report it to law enforcement.

I do not treat all laws equally and think that it is unethical to do so.

12

I don’t know - I can’t imagine that there’s a rule stating “Certain types of naughty pictures are officially OK”. We do expect a certain amount of personal use of things like phones and internet access (that’s explicitly stated in a company rule) however in general when it begins to affect work or the work environment then that’s where steps get taken to correct the behavior.

That being said, we are not the police and we don’t go firing off emails any time we find evidence that someone did something that might be inappropriate. If we did then people would never come to us with any questions or problems and that would have a far greater impact on the stability of our technology then someone with a folder full of Pam Anderson pics. We already have the ability and the right to look at every single file, read every email and check every web page but there are many reasons not to.

I’ll give you an example of what I might do if I encountered something X-rated; let’s suppose that someone asked me to find a missing file on their PC and in the course of digging around I found some generic adult pics in their My Documents folder. Assuming that they weren’t using them as their desktop wallpaper or other public display, I’d say something like “You know, if somebody were to see this it might be construed as inappropriate use of company resources and people could get into trouble. If it’s not business-related you probably ought to get rid of it right away.”

If the person is a chronic offender (which in my eyes would mean I warned them once and they did it again) or it appears to be something illegal (like kiddie porn) then I’m handing that over to my manager.

It’s like being a highway patrolman - if you’re going 70mph I might pull you over, check your license and if you’re clean I’ll remind you that you really ought to obey the speed limit and let you go with a warning. If you were weaving all over the place, smell like Night Train or have prior convictions on your record then you’re not getting away with a warning. We’ve had situations like this before and we do have some discretion. Generally once people realize that we can tell everything they are doing they keep it out of the office.

13

That would be, rightly, a CLM. It is saying to HR and the IT management that the person did not trust them to do the right thing. Having IT involved allows a copy to be made of the incriminating evidence, which might be very valuable in the investigation. If IT management didn’t do anything, then I’d go to the police - but first I might make a copy of the stuff, with enough context to show where it came from.

Valgard, that sounds very reasonable. Some companies have infractions that lead to immediate termination - porn might be one for mine. If it is considered not a big deal unless someone else sees it, then I can see a warning.

14

Likewise. We have a policy for this: report incident to manager, then gather evidence and report to security.

15

Agreed on not doing an end-run around your manager/HR/IT. We have procedures in place to handle problems and from the few times when I’ve had to get involved those procedures get followed and swiftly, up to and including calling the police as required.

I’m not sure what the lower boundary is at our firm on adult material - certainly if it’s affecting anybody’s job or the work environment then that crosses the line. I doubt that anyone would say that some dirty pics are “no big deal” but I also know that we’ve got some discretion and it’s oftentimes much more productive all around to remind someone about what is inappropriate behavior - we are all grownups. Maybe that’s just where I work, especially considering it’s a law firm there’s a great work atmosphere.

That said, if I were to discover tomorrow that there’s a definite rule stating “Report any porn to HR” then I will do so - I’m not going to jeopardize MY job because somebody else couldn’t use their home PC to look at spanky.com.

16

It strikes me that sticking porn in a boss’s workspace is a very good way of stitching him up. Mud sticks.

I’m trying to remember a case in the UK where a guy got into serious trouble, and it turned out that it was his (middle aged) brother who had been collecting the porn.

I also remember sorting out a lass’s computer, it had got hijacked by some porn site, she thought it was quite funny, I was certain that she had no interest in the stuff.

Ethically my dilemma would be that reporting the boss would be like detonating a bomb under him, guilty or innocent he would have a seriously hard time.

Probably I would quietly delete it, or maybe start watching last access date/times.

I would only report him if I was absolutely certain that it was really him, and that it was not accidental.

Passwords don’t impress me - I would need to be very, very sure.

Unless of course, I hated the guy, and was the person who planted the stuff in the first place.

17

I definitely would not do that - child porn is a serious criminal matter and I’m not a cop or lawyer so I don’t have the skills to deal with it, and that’s waaaay outside my responsibilities. That is something that needs to be given over to the people who are tasked with handling such matters; if they need me to help figure out whether somebody else saved the stuff on the CEO’s computer, fine, I have skills in that regard. If they determine that it was not what it appeared to be, great.

What you’re suggesting could open you up to some MAJOR problems - like having to explain to the police why you “quietly deleted” evidence of a crime.

18

Well, rather than deleting it, I would probably watch the access dates.

If I were sure (or 90% sure) that the boss was deliberately downloading porn, then I would have no qualms about reporting him. I find child porn disgusting.

19

Mm, I still think that you are asking for trouble if you do that. Generally speaking any decent-sized company will have policies on what can and can not be on their computers, and there will be people who are tasked with knowing when folks are running afoul of both company policies and potentially the law.

Personally, I am not responsible for those things where I work (and I don’t want to be!) - if I act on my own and try and conduct some kind of investigation, I might be allowing violations of company policy to go on (or actually violating some policy), aiding/abetting a criminal act or even committing a crime myself. It’s not up to me to take on HR’s duties, they are the ones who need to handle it, so my only duty is to make them aware of a potential problem and render whatever technical assistance may be needed.

Again, I want to stress that I’m only talking about situations where it appears that there is some kind of crime or severely nasty situation going on. I’m not running screaming off to HR because of a centerfold photo.

20

I’m not sure how relevant this is to this particular discussion, but I feel its worth mentioning.

As reprehensible as kiddie porn is, or perhaps because so, but also because of the vast increase in accessible porn in general (via the internet) I feel a person should err on the side of caution when considering ‘reporting’ this kind of thing. Because, right or wrong, there is no single crime that is more tainting, more ‘guilty by association’ than child molestation. And possessing kiddie porn is just viewed as molestation by proxy. It is literally thought of as even worse than murder. Even than serial murder.

My point is that even, or especially, with kiddie porn the ends cannot justify the means because there is always a chance, often a very large chance, that things are not what they seem. But once you open that can of worms, it cannot ever, ever be unopened. No matter if it is later proven, 100%, beyond the slightest doubt, that the person was completely innocent, their career, their family, their life will be ruined merely by the accusation.