Tech & Work

Limited options for tech who suspects boss accessed Internet porn from tech's PC

When a tech discovered that someone was using his computer to access Internet porn, he was concerned. When he discovered the culprit could be his boss and the material was child porn, he got worried and turned to our readers for help.


On May 12, 2003, our "What Would You Do?" column presented a particularly sticky scenario in which a tech discovers that someone has been using his computer to access pornographic Web sites, possibly child pornography. To make matters worse, the tech has reason to believe his boss is the perpetrator. Understandably, this scenario provoked a large quantity of impassioned responses. In the following, I will present a summary of the key points raised in these responses, pertaining to both how the tech should proceed now and how he can best protect himself in the future.

"What Would You Do?" column gets new format
A note from the editor: Since first appearing, Becky Robert's "What Would You Do?" column has received overwhelming support from TechRepublic members. Discussions typically receive over 100 posts and our inboxes fill with comments and suggestions.

Originally, each column was divided into two sections: One presented a compilation of a previous column's discussion, and the other offered a totally new scenario for the reader to consider. While this allowed us to maintain a high level of continuity between the columns, it also limited the space we could devote to each section. Members routinely asked for more detail in the scenario or a more in-depth recap of the previous scenario's discussion. In response to these requests, we've decided to split the "What Would You Do?" column into two parts.

On the first and third Monday of each month, Support Republic will publish a new "What Would You Do?" column. Each column will be completely devoted to a new scenario or an in-depth summary and review of a previous scenario's discussion. We hope this new format gives readers more of what they want, thus strengthening the column.


What should the tech do now?
The vast majority of responders expressed the view that this is a case of suspected child pornography, so the tech is morally and legally obliged to expose the responsible party. At minimum, the tech should immediately secure the evidence by one or more of the following methods:
  • Ghost his computer.
  • Write up a complete statement of his findings.
  • Print every relevant log and screenshot.
  • Cease to use his computer to avoid destroying the proof.

Next he should gather all the corroborating evidence he can, such as:
  • Office logs showing who was in the building and at what times.
  • Documentation showing where he was at the time his computer was used.

To whom should the tech present his evidence?
This was, perhaps, the most controversial aspect of the ensuing discussion. Five different options were discussed, none of which are mutually exclusive:
  • Confront his boss
  • Take the evidence to HR
  • Hire a lawyer
  • Call the police
  • Notify the FBI (or the equivalent organization outside of the U.S.)

Which of the above approaches is most likely to produce the desired results of an incarcerated offender and a still happily employed tech depends upon three key factors:
  • Company attitude towards whistle-blowers
  • Whether the suspected child pornography is real or simulated
  • The strength of the evidence for his boss being the guilty party

If the company doesn't have a solid reputation for supporting whistle-blowers, then the tech’s most viable option—if he wants to keep his job—is to go to his boss directly with the aim of persuading him to cease from using the tech’s computer. Member Gmarvin suggests, “Talk to the boss first. Tell him you saw what he was looking at, and don't appreciate it being done from your workstation. Furthermore, ask him directly, 'Are you trying to frame me?' I would. Why else would he use Phillip's workstation rather than his own? Even if it's legal porn, it could kill Philips' career.”

Catch up on previous columns
If you have missed any of the previous "What Would You Do?" columns, or read a scenario but never found out what happened, check out this article, which chronicles the first six months worth of these columns.

Unfortunately, there is no way for the tech to know whether the child pornography is real or not, so even if he does feel sufficiently confident in taking the issue outside of the company to the police or the FBI, he should probably avoid expressing his suspicions concerning the identity of the perpetrator. Instead, he should simply present the evidence he gathered and leave it to the authorities to make the accusations. As member JimHM said, “What proof do you have it was him?” He could easily turn it around and say Philip was there also.

According to member Dlw6, if the child pornography was real, it is definitely a matter for the police. Dlw6 wrote: “Use of the Internet makes viewing child porn a federal crime. Thus, this situation isn't much different from finding a dead body in the dumpster: Call the cops, because it's now a crime scene”. On the other hand, if the child pornography was simulated, it becomes an internal matter with the correct course of action depending upon company policy and politics.

Self-preservation vs. doing what is right
Several members expressed the opinion that regardless of how the tech chooses to report his findings, he'll inevitably lose his job. Member Raja Venkatesh asserted, “Philip's day is ending soon in this office. On any condition he is going to be fired... Otherwise the boss would not have chosen his PC.” Member Elmouba shared this point of view and said, “You are new in that place; it means that you're lucky enough to get an IT job in this crazy job market. Do not loose it… Do not confront your boss. It might be harmful for you, in the future and the IT field.”

But what if there’s a chance that the child pornography is real? Is it morally acceptable for the tech to do nothing for the sake of preserving his job? Most members thought not. “I would not hesitate to call the authorities,” Jfuller said. Ridge Montana wrote, “Child porn is a serious crime and needs to be dealt with by the proper authorities.” “Report,” was all that Bathman needed to say. And finally, Rkahler wrote, “It's more important to act in the interest of children than it is to keep a job.”

Self-protection
Assuming that the tech is successful in retaining his position or in securing a new one, he needs to seriously consider how to protect himself from falling victim to similar schemes in the future. TR members made a number of helpful suggestions:
  • Set a boot-up password in the BIOS.
  • Change all passwords as often as policy allows.
  • Log your arrival/departure times.
  • Install keystroke recording devices and/or software.
  • Setup a password-protected screensaver to start after one minute of inactivity.
  • Always shut down your computer when leaving the office.
  • Request a notebook computer and never leave it unattended.

Which of these the tech should implement largely depends on the company's IT policy. He might not have control over screen savers or permission to purchase and install hardware.

What did the tech actually do?
At the time of writing we have lost contact with the tech—if you are out there we hope that these discussions have been helpful and we wish you the best of luck.

Editor's Picks

Free Newsletters, In your Inbox