[dpark]

> We have visited the URLs provided by you

“You sent claims of CSAM hosted on someone else’s servers and we decided to download it.”

Hell no. I don’t want to see that and I don’t want it being ingested into systems I control. Of all the stuff here, “download some supposed CSAM to see if it’s real” is the absolute worst advice I can imagine.

[noosphr]

The above post contains csam, Dang please delete it without reading. Thanks.

[dpark]

You misunderstand the situation and what I was suggesting. GP was saying that AdGuard should have checked the contents of some random URL supposedly containing CSAM on archive.today.

This is not AdGuard’s job. Knowingly downloading CSAM is very likely illegal. And it also potentially opens them up for additional liability if they do determine that CSAM is present.

AdGuard seems like they did exactly the right thing, which is to send the report along to the party actually responsible for cleaning up the supposed CSAM.

[axiolite]

> Knowingly downloading CSAM is very likely illegal.

Put CSAM in a banner ad, and arrest everyone who was served that ad?

Post a CSAM photo behind plexiglass on a wall in a public space, and arrest everyone who walks by and glanced at it?

Just how stupid do you think lawmakers, judges, prosecutors, and police are? People get arrested for paying for, or sharing CSAM, not just stumbling on a website that might have something questionable. It is illegal to possess, but just loading a website is hardly possession... If it was, all of Facebook and Google's content moderators would be facing life-sentences.

[franga2000]

> Just how stupid do you think lawmakers, judges, prosecutors, and police are?

Very! Unimaginably so! A friend of mine from Germany received a GIF that contained ONE FRAME of CSAM from someone in a group chat, Whatsapp auto-downloaded it into the gallery, something auto reported it and a month later, cops showed up to take away all his electronic devices. This is apparently a thing people do there, like americans SWAT livestreamers. I think it took over a year for them to return his devices. He had to pay for a lawyer and buy a new phone and laptop. He wasn't charged with anything, but because the report was automated, there wasn't even anyone to sue for a false report.

[miohtama]

There is no such thing as not to sue anyone. Police can squeeze and lie as much as they want, but there are laws about the abuse of power, false police reporting, obstruction of justice. But it will be expensive as effectively you are going to the court against a state.

Also of course there is a person somewhere behind a keyboard who wrote the software which flags, correctly or incorrectly, files. Their name (Thorn) is kept strictly away from any public testimonial with NDAs with police, because eventually there will be class action lawsuits against them in the USA.

[lcnPylGDnU4H9OF]

> because the report was automated, there wasn't even anyone to sue for a false report

Is there a reason the legal entity which deployed the software can't be named? Seems like the next logical step, anyway.

[franga2000]

The thing is, it was technically a correct report. One frame of that gif did correpond to a known piece of CSAM (presumably they use some kind of perceptual hashing). The facts that 1) the gif was clearly a sick joke (he described it as a slow motion bullet shot from a movie, landing in something/someone and then flashing the one frame, presumably the intention being "haha, get shot with the child porn bullet"); 2) it was only one inconsequential piece, not a whole collection; 3) it was downloaded automatically from a group chat... are not in scope of the "did this user just upload CSAM to our servers" function (from what I understood, it was triggered by the picture being backed up to Google Photos or Apple's equivalent).

These are all things that, in a functioning system, the police officer receiving the report would take into account. If it's a first report, diaregard. If it's a second, check the file name that was also presumably in the report, see it's a Whatsapp folder and disregard it. If it's a third report or there are multiple pieces, get a warrant to run a CSAM scan on the person's device, go to their apartment, run it, see there's nothing else, close the case. If it's a clear "prank", start investigating the person who sent it.

But since the police are, in general, trigger happy lunatics, you get a full raid instead. And since computer forensics is hard and doesn't pay well, the investigation took many months instead of an afternoon. The fuckup was squarely on the law enforcement side, as well as in the law itself.

[aftbit]

This is one good reason we should not tolerate our devices auto-snitching on us to the police. Any tool can be weaponized. The legal system has a presumption of innocence, but it grinds painfully slowly, and the mere investigation can be extremely disruptive, even assuming they don't find anything further to pursue once they turn the eye of Sauron upon you.

[jeroenhd]

Quite stupid, actually. Stuff like CSAM is not to be messed around with. Having it in your cache is considered possession by police forces, even if the judge won't convict you if you can explain it. Even if the police doesn't come after you, it's the exact point in almost every jurisdiction where someone else's content suddenly becomes your problem, legally speaking.

You won't go to jail or life most of the time if you can explain how or why, but there are extremely strict rules around CSAM that you need to deal with. One of those is "don't look at it unless absolutely necessary". For AdGuard, I doubt this use would qualify for "absolutely necessary". Even police forces use dedicated software that doesn't keep too many copies around, and restrict how many people are allowed to look at the screens for screening computers.

The people applying mass censorship are using CSAM as a weapon. It'd be unwise for AdGuard to give them the extra ammunition by (admitting to) checking the CSAM content themselves.

Furthermore, if the complaint has merit and the content linked does contain CSAM, there is some pretty bad shit out there. I'm not prepared to look at pictures of raped babies or tortured children but I know full well that that content is out there on the internet.

[gorgonian]

> Just how stupid do you think lawmakers, judges, prosecutors, and police are?

Quite often pretty stupid, honestly. Or careless, ignorant, jaded, corrupt, etc etc

[lcnPylGDnU4H9OF]

https://www.merriam-webster.com/thesaurus/knowingly

You even quoted the word...

[Sporktacular]

Arrests aren't the only way a company can be harmed. Being flagged or investigated is enough of a legal burden and reputational hit that it could be catastrophic. "Stumbling" is not a part of any network protocol. Over a network, viewing a link is indistinguishable from downloading its contents.

[bostik]

Illegal to possess, and you would have accessed it to view content that is illegal to access as well?

The people who do this as part of their job do so under strict supervision, legal guard rails AND mandatory counselling. Which happens to include a number of content moderators.[0]

0: https://www.bbc.co.uk/news/articles/crr9q2jz7y0o

[solumunus]

You have way too much faith. Almost endless examples of injustice can be observed.

[xzjis]

There's another reason: the criminal justice system is structured in such a way that it requires material evidence to prove someone is guilty and punish them. It would be unacceptable to send an innocent person to prison, and you can't prove that someone has merely viewed content.

[franga2000]

We need a rule that people who haven't had to deal with the police and courts need to shut up about how police and courts work.

Even if nobody involved commits a crime and just does their job resonably well, getting your apartment raided, all your neighbours seeing that, your coworkers hearing about it, having to pay for a lawyer, losing all your electronic devices for months if not years and having to buy new ones, not being ablo to make proper plans because you never know when they might throw another court date at you...

But more often than not, they don't do their job well. They're sloppy, indifferent, they don't really understand computers or technology... You might get convicted just because a judge doesn't understand what downloading actually means.

And then you also get the ass-covering. They spent all this time and effort, but now it looks like you're innocent. Their bosses would be pissed, maybe you could even sue them. So they do their best to make even the smallest and dumbest charges stick. They look for other potentian crimes. They threaten you until you take a plea deal. They dissect and twist everything you said. Just so they don't have to admit they made a

"Innocent until proven guilty" might be true in the most technical sense. But being innocent doesn't help when your entire life is thrown upside down, everyone you know thinks you're a criminal, you're spending thousands on legal costs...

[vasco]

Nothing above links to anything suspicious mate, much less that.

[tremon]

That's not the argument. The argument is that "when someone relays to you a claim of illegal activity, you are not allowed to verify for yourself" is not tenable in a free society.

In this particular example, you have admitted to reading the subversive post and therefore your post should also be deleted.

[vasco]

You're engaging with my post so yours is also subversive ay lmao