05-12-2003, 02:53 PM | #1 (permalink) |
I change
Location: USA
|
Was this part of your IT training? Too Hot to Handle...
Troubling Discovery
They found child porn and reported it. Later, they got fired. What happened? By InformationWeek May 12, 2003 For Dorothea Perry and Robert Gross, the course of action seemed clear enough when Gross, an IT support specialist working at New York Law School, opened a folder on a faulty PC last June only to discover thumbnail images of naked young girls in sexually explicit positions. The IT colleagues reported the finding to their manager, setting off a chain of events that resulted in the arrest of the professor who used the computer and, last month, his guilty plea. An open-and-shut case, right? Not by a long shot. Within a few weeks of reporting what they saw on the PC of professor Edward Samuels, a copyright law expert, Perry and Gross found themselves on slippery footing with their employer, Collegis Inc., an IT outsourcing company under contract to New York Law School. Both workers were put on probation for a range of issues unrelated to the child-porn finding, and in October, they were fired. Collegis insists there's no connection between the two developments, but the broad outlines of the case still raise questions about IT's responsibility in dealing with the serious problem of child pornography on workplace computers: Do businesses have clear policies that forbid employees from storing child pornography on computers and guidelines for what system administrators should do if they encounter it? Should the law, as it does in at least one state, South Carolina, require that IT professionals report incidents of suspected child pornography? And is it really necessary for help-desk technicians to delve into personal files when troubleshooting or is that an invasion of privacy? Perry and Gross maintain they did nothing wrong and, in January, they filed a $15 million lawsuit, charging New York Law School and Collegis with retaliation for their "discovery of and complaints about" the child pornography, which they contend was a form of sexual harassment and, as such, a violation of New York City's human-rights law. The workers "had a right to a workplace free from degrading and offensive pornography," explains their lawyer, Louis Pechman. (In addition, the complaint charges, Perry's dismissal was in retaliation for a previous job-discrimination lawsuit she filed against the law school, which was settled in 1997.) Collegis has moved to dismiss the January suit on grounds that New York City's human-rights law doesn't apply "to the plaintiffs' claim that discovery of child pornography in a hidden file on a computer not owned by Collegis violated their rights," according to Collegis lawyer Cleat Simmons, who responded via E-mail to InformationWeek. In a separate correspondence with InformationWeek, Collegis CEO Tom Huber said Perry and Gross' actions in reporting the pornography to their supervisor were consistent with company policy, and that New York Law School and Collegis cooperated fully with law enforcement in handling the case. Perry and Gross lost their jobs, he wrote, for reasons "completely unrelated" to that. As recounted in Perry and Gross' lawsuit, circumstances leading up to the legal face-off were just another day in the lives of New York Law School's PC support team. On Sunday, June 2, Perry began to assess problems on the PC used by Samuels, who thought his system might be infected with a virus. For two hours, Perry tried to fix it, uninstalling and reinstalling antivirus software, but the system continued to malfunction. The next day, Perry gave the PC to Gross to back up, fearing it might crash and lose valuable data. In the process, according to the suit, Gross opened a folder titled "my music," within which was another folder, named "nime," then another, "nime2." It was here, Gross said in an interview, that he encountered the illicit content. "I didn't have to click on any files when I went into the folder," says Gross. "There were thumbnail images, so I was pretty much instantly exposed to that." If Gross hadn't opened those folders, he wouldn't have come across the offensive images in the first place. But Perry and Gross say it wasn't unusual for them to check the content of folders when troubleshooting; a large file, for example, can be an indication that a virus is at work. Indeed, the techies say they took great care to ensure all user-created files were preserved following help-desk calls from the law school's faculty because they never knew when a professor's PC might contain, say, the chapters of a book in progress or class notes. When Gross saw the thumbnail pictures, he consulted with Perry, who reported the incident to their supervisor, Margaret Perley, another Collegis employee on site at the school, according to the complaint. In a meeting on or about June 13, the suit continues, Perley told Perry and Gross that she had contacted New York City's district attorney's office about the incident. On June 20, the New York City police confiscated Samuels' PC. Samuels was arrested Aug. 14, and a subsequent search of his home turned up more child porn. Last month, Samuels pleaded guilty to 100 counts of "possessing a sexual performance by a child," a felony, and a few days later he resigned his tenured position at New York Law School. Sentencing is scheduled for June 23. So how did Perry and Gross, who took action when they came across the illegal pictures, find themselves within weeks on probation, then out of work? New York Law School defers to Collegis. "We feel that Collegis, as their employer, would have made that decision based on their own policies and review of employees," says Alta Levat, the school's associate dean for public affairs. Collegis CEO Huber, in his letter to InformationWeek, writes that Collegis "would never dismiss an employee for doing the right thing." The reasons for the terminations, he adds, "will become clear as the case progresses through the legal system." Perry and Gross had good track records as employees prior to reporting the child pornography, attorney Pechman contends, but found themselves being nitpicked afterward. "We think the timing speaks for itself," he says. The suit charges the IT workers lost their jobs because their complaints "set into motion an embarrassing and very public condemnation" of a well-known professor. The suit includes excerpts from recent performance appraisals for Perry and Gross that suggest they were--at the time of the reviews anyway--very good employees. Still, on June 20, the same day the police executed a search warrant on Samuels' office computer, Perry was put on probation for tardiness, excessive phone usage, having visitors at her office cubicle, and dressing provocatively, the suit says. On July 16, Gross was hit with his own probation letter for tardiness, failure to respond to a help-desk call, and lack of knowledge about a Norton application used by PC administrators. Perry says she satisfied the school's first concerns, but on Sept. 13, she was slapped with an extension to the probation for other reasons. In a letter signed by a Collegis VP, according to the suit, Perry was accused of not complying with directives given by supervisor Perley; of not "fully, accurately, and proactively" communicating with Perley; and of being "combative." In early August, Perry had taken matters into her own hands by going directly to the FBI. Perry says she took that action because it was hard to gauge how the case against Samuels was proceeding, or even if there was a case. Perley "told us the police detectives didn't have enough information," Perry says. (Through a Collegis spokesman, Perley expressed support for Huber's letter but otherwise declined comment.) The New York district attorney's office says the case against Samuels--approximately 10 weeks from the discovery of the images until his arrest--proceeded normally. Gross' probation also was extended, according to the suit. In October, both employees lost their jobs. Perry and Gross stand by their actions. "What we did was totally right," Perry says. They say they received no training from Collegis or New York Law School that would have prepared them to deal with the discovery of child porn on a workplace computer. "I've never met anyone or heard of anyone receiving any training for this situation," says Gross. Collegis CEO Huber writes that thoughtful observers will "reserve judgment on Collegis until all the facts have been presented." Perry and Gross, meanwhile, are still unemployed. They want to keep working in IT--that is, if anyone will hire them. "It's very hard to get a job and have to bring up this whole situation every time I go for an interview," Gross says. It's possible the full story about what happened between the time Perry and Gross reported the child pornography and their dismissal will only come out in court. .................. This makes me think of the whole issue of how much responsibility is too much? And how IT is put in some sticky situations being the censor and sometimes informant, detective, and cop in the workplace. Does this make you stop and think and maybe there should be a policy....or three?
__________________
create evolution |
05-12-2003, 03:49 PM | #2 (permalink) |
Junkie
|
Sorry, but if child porn is on anyone's computer and an IT person finds it, they should be required to report it. It just sickens me that they would be fired for getting this clown put in jail.
__________________
"Fuck these chains No goddamn slave I will be different" ~ Machine Head |
05-12-2003, 04:35 PM | #3 (permalink) |
Watcher
Location: Ohio
|
For me it's too early to decide if they got screwed or not. The article does not answer why they got toasted. For the sake of argument I will surmise they got booted (get it?) for reporting and subsequently embarrassing the professor.
That would be wrong. He committed the crime. There are no proper search laws for an IT tech doing the job, so they didn't violate search and seizure law. As IT is my chosen, though yet to be employed in field, this could have some direct bearing on my welfare. Photo lab dudes and dudettes, along with teachers, healthcare professionals, etc. have the responsibility to report certain things they see. With that responsibility they have procedures to follow, and protection if they do. It would be good for someone to apply this to ITers as well. There are many dastardly things kept on computers, many techs will find them while looking for bugs, that "lost" file, things of that nature. I can tell you that at least once while, or after, fixing a computer some idiot, I mean "user," accused me of "breaking" or "hiding" something. This always comes back to the user's technical ignorance, but I'd hate to be blamed for child porn, a virus, stolen credit card numbers, illegal entries. Nor would I accept being punished for exposing those who are at fault. It's always made me uncomfortable that sometimes, no matter how much I try and tell someone, they remain utterly, completely, convinced I "broke it." I couldn't accept that on the scale we're talking.
__________________
I can sum up the clash of religion in one sentence: "My Invisible Friend is better than your Invisible Friend." |
05-12-2003, 06:45 PM | #4 (permalink) |
Dopefish
Location: the 'Ville
|
IF they just find porn, eh big deal we all do that. But if its child porn, they crossed a big line. They did the right thing reporting it. Now if their jobs were lost because of it, they have every right ot sue.
__________________
If you won't dress like the Victoria Secret girls, don't expect us to act like soap opera guys. |
05-12-2003, 08:12 PM | #5 (permalink) | |
ClerkMan!
Location: Tulsa, Ok.
|
Quote:
__________________
Meridae'n once played "death" at a game of chess that lasted for over two years. He finally beat death in a best 34 out of 67 match. At that time he could ask for any one thing and he could wish for the hope of all mankind... he looked death right in the eye and said ... "I would like about three fiddy" |
|
05-12-2003, 08:13 PM | #6 (permalink) |
Loser
|
Sorry,
You commit the crime, you do the time. Period. I hate this political, technical bullshit. Justice should be justice. If necessary, slightly penalize or reprimand the one who violated the statute, policy, etc. But the person, who did the real crime, should get the real punishment. Now THAT is the liberal bullshit I do hate. |
05-12-2003, 08:37 PM | #7 (permalink) |
Guest
|
Just an aside here, but it really amazes me, in this day and age, that these high level academics are so stupid as to even have this shit on the computers in their offices in the first place!
Seems to me there was a TSG link on Fark not too long ago about the head of a big university library that just got popped for the same thing. Back on topic.... If your computer is buggy to the point you have to have somebody in, you'd want them to be thorough, so it better be clean. Sounds like maybe the school leaned on the company, for the sake of the contract, out of petty vengence. And then they'll wonder why performance and morale drop. |
05-12-2003, 08:51 PM | #8 (permalink) |
Insane
Location: Plugged In
|
If there was a suspected virus on the PC, and there were strange folders, my belief is that it was reasonable to open the folder.
Anyway, in the sysadmin positions I've held I had reasonable access to all data on all servers, but was expected and held liable if I disclosed any of that information to unauthorized persons. Mind you, it probably wouldn't have been considered reasonable access if I went poking around the accounting system each week checking salary numbers. Thankfully, I never ran into anything like kiddie porn. If I had, I would have reported it to my manager (executive level). If they wouldn't have acted, I would have taken it to law enforcement. |
05-13-2003, 05:39 AM | #9 (permalink) |
"Officer, I was in fear for my life"
Location: Oklahoma City
|
Many workplaces have acceptable use policies (AUP's) that employees know about. Some of those put it in writing and let the employees know, others don't. Along with these AUP's, admins have access to all emails and router logs (web sites visited).
These policies are in place so management can make sure employees are not spending to much company time doing personal things on the internet. I have a friend who got upset because the self proclaimed IT person in her office was monitoring all the email in the office, internal and external. Her stance was like, but if I do it while on my break they shouldn't be able to see it" until I pointed out that she was still using the company equipment, resources and bandwidth. I don't think these folks should have been fired for this. I'd report kiddie porn in a heart beat. As someone once said: It's great to be the Administrator, the Administrator watches everyone. But, who watches the Administrator? |
05-13-2003, 06:21 AM | #10 (permalink) | |
will always be an Alyson Hanniganite
Location: In the dust of the archives
|
Quote:
|
|
05-13-2003, 08:27 AM | #11 (permalink) | |
Insane
Location: Plugged In
|
Quote:
|
|
05-13-2003, 12:20 PM | #12 (permalink) |
Cracking the Whip
Location: Sexymama's arms...
|
From a human resources perspective, porn (kiddie or no) can never be allowed on a company computer just because of the potential for sexual harassment lawsuits.
That is beside the point that it has no place at work, taking up time and company resources. My ex still works at a company where the IT department found the PRESIDENT storing porn on his COMPANY SHARE on the network. Nothing happened, of course. The hypocrisy was that several plebs in this company had been fired and escorted off the premisis for this same offense.
__________________
"Of all tyrannies, a tyranny exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end, for they do so with the approval of their own conscience." – C. S. Lewis The ONLY sponsors we have are YOU! Please Donate! |
05-13-2003, 12:41 PM | #13 (permalink) | |
Getting it.
Super Moderator
Location: Lion City
|
Quote:
The person who did the (child porn) crime is "doing the time". The professor plead guilty. The facts about why the two IT workers were fired are all circumstancial at this point. Are they or aren't they getting screwed? Most likely they are but the article is all heresay. The way I see, the issue of the child porn and the firing are two competely different subjects until a definative link is made between the two (ie they were fired for reporting the porn and thereby embarrassing a tenured member of faculty).
__________________
"My hands are on fire. Hands are on fire. Ain't got no more time for all you charlatans and liars." - Old Man Luedecke |
|
05-16-2003, 02:38 AM | #16 (permalink) | |
Crazy
|
Quote:
nice to hear that this porn-hoarding behavior isn't only practiced by us plebs! |
|
Tags |
handle, hot, part, training |
|
|