Posted by Virus Bulletin on Feb 27, 2015
Subject may make many feel uncomfortable, but it is essential that we know how to deal with it.
The mere mention of "child pornography" on the Internet makes many a security expert feel uncomfortable, and not just because of the natural human reaction to the idea of children being abused. It is often used, together with terrorism, as a trump card in discussions on government surveillance and encryption backdoors.
Yet child sexual abuse material (CSAM), as it is officially termed, does exist on the Internet. And there are real children who are abused and whose images are shared on the Internet. Hence for those whose jobs require them to access the shadier corners of the Internet, as well as for those who handle abuse reports, it is something they may well be exposed to at some point.
Exposure to such material can have a serious impact on the emotional wellbeing of the employee. It has also serious legal consequences: merely accessing such images is illegal in many jurisdictions.
Therefore, I was pleased to learn that M3AAWG has published a document that sets out best common practices for handling CSAM. Though it does not constitute legal advice, the document would be a good starting point for employers wishing to write protocols that can then be provided to employees whose role involves any potential exposure.
The document can be downloaded as a PDF here.
Posted on 27 February 2015 by Martijn Grooten
