Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Jul 2011 10:20:09 -0500 (CDT)
From:      Robert Bonomi <>
Subject:   Re: Tools to find "unlegal" files ( videos , music etc )
Message-ID:  <>
In-Reply-To: <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> From  Tue Jul 19 08:55:07 2011
> Date: Tue, 19 Jul 2011 15:54:32 +0200
> From: Damien Fleuriot <>
> To:
> Subject: Re: Tools to find "unlegal" files ( videos , music etc )
> On 7/19/11 1:57 PM, Robert Bonomi wrote:
> >> From  Tue Jul 19 05:54:52 2011 
> >> Date: Tue, 19 Jul 2011 12:54:38 +0200 From: Damien Fleuriot <> 
> >> To: "C. P. Ghost" <> Cc: Frank Bonnet 
> >> <>,
> >>         "" 
> >>         Subject: Re: Tools to find "unlegal" files ( videos , music 
> >>         etc )
> >>
> >>
> >>
> >> On 7/19/11 11:06 AM, C. P. Ghost wrote:
> >>> On Tue, Jul 19, 2011 at 8:55 AM, Damien Fleuriot <> wrote:
> >>>> On 19 Jul 2011, at 08:15, Frank Bonnet <> wrote:
> >>>>> In France it's illegal and I have my boss's instruction :
> >>>>>
> >>>>> - find and delete the files that's all.
> >>>>
> >>>> Bon courage then...
> >>>>
> >>>> A file can not be illegal per se, so you won't be able to detect 
> >>>> these by looking up names or contents.
> >>>
> >>>> Even then, if a file is labeled as personal, privacy protection 
> >>>> applies and it is *unlawful* for you to process it.
> >>>
> >>>> (That is in the same way that your employer is strictly forbidden 
> >>>> from peeking inside your email messages clearly labeled as personal, 
> >>>> even if they were received on your work mailbox.)
> >>>
> >>> Exactly!
> >>>
> >>> Speaking with my university sysadmin hat on: you're NOT allowed to 
> >>> peek inside personal files of your users, UNLESS the user has waived 
> >>> his/her rights to privacy by explicitly agreeing to the TOS and 
> >>> there's legal language in the TOS that allows staff to inspect files 
> >>> (and then staff needs to abide by those rules in a very strict and 
> >>> cautious manner). So unless the TOS are very explicit, a sysadmin or 
> >>> an IT head can get in deep trouble w.r.t. privacy laws.
> >>>
> >>
> >> The poorly written IT TOS of a company can never bypass the law, 
> >> regardless of anything you agreed to in your company's TOS.
> >
> > "male bovine excrement" applies.
> >
> > For example, if it is part of the _terms_of_emplyment_ -- which one 
> > *agreed* to, by going to work there --that you (the employeee) give 
> > permission for the company, or it's agents, to examine any file you 
> > store on the system.
> >
> >> It *is* unlawful for them to even open your files as long as they are 
> >> clearly labeled as private.
> >
> > Oh my.  making back-ups is unlawful.  Replacing a failed drive in a 
> > RAID array is unlawful.  Re-arranging storage allocation is unlawful.  
> > *SNORT*
> >
> You're playing dumb. On purpose. 

False to Fact.  

Using satire to make a point, yes.

Obviously, it is _not_ unlawful to 'even open' a file that is 'labelled as

Herr Ghost subsequently clarified that he meant 'opened by a person' -- which,
if _that_ is an accurate description of the law in question,  means that a 
purely mechanical process, such as a loop running file(1) on all files, and
logging a filtered subset of that output would _not_ qualify as 'opening' 
under the law, either.

>                                  That's called trolling. That's frowned 
> upon, both by the community and by the list's charter.

Irrelevant, and immaterial.

> Just because you sign a bit of paper doesn't make everything it contains 
> law.
> I do not have to remind anyone of the number of cases where, for example, 
> ISPs got condemned for abusive terms in their contracts, and said terms 
> nullified.

No, but you _do_ have to specify the jurisdiction in which it happened.
The rules _are_  different in different jurisdicitons.

> > Under the laws of _what_ jurisdiction?
> >
> Files are considered to be work related UNLESS they're clearly 
> labeled/named as private.

AH. _those_ rules *don't* apply to me.

> In which case the employer may not open said files in the absence of the 
> employee.
> Just because you do it doesn't make it legal.

But, you see, It _is_ entirely legal where *I* live.

> >> To open them, they would require a judge's injunction, for example in 
> >> cases of pedo pornography or the like.
> >
> > I guarantee you that _I_, as a system administrator, don't need a court 
> > order to do such things.  And, if you claim otherwise, you better be 
> > prepared to cite the statues that prohibit it.
> Again just because you do it doesn't make it legal.

Repeating, What I do *is* entirely legal.

> Regarding statutes that prohibit it, see above, plus:
> European Fondamental Rights: 
> Code du travail: 
> 6901852&cidTexte=LEGITEXT000006072050&dateTexte=20080513

*NONE* of the above are applilcable to me.

> > This is a corporate environment, it is in the terms of employment that 
> > company computers are for "business use only", that anything on the 
> > machines is 'work done for hire', and thus property of the company.
> >
> I hope we'll agree to disagree here.

"you don't know what you don't know" applies.  I don't mean that offensively,
but you have made an unwarranted, unjustified, assumption as to what laws
govern _my_ actions.

> Jurisprudence allows reasonable use of work computers, given that the 
> employee respects L120-4 of Code du Travail.
> This one here clearly acknowledges an employee's right to a reasonable 
> personal use of his employer's internet connection:
> exte=JURITEXT000019166094&fastReqId=2101417007&fastPos=1

Again, none of that applies to my situation.

> >>>> You may want to look for files that are unusually large. They could 
> >>>> possibly be ISOs, dvdrips, HD movie dumps...
> >>>
> >>> Not to forget encrypted RAR files (which btw. could contain anything, 
> >>> including legitimate content, so be careful here).
> >>>
> >>
> >> It would be unlawful to try to brute force the files' password ;)
> >
> > The last I knew (admittedly a number of years ago), encryption was 
> > illegal in France, EXCEPT where the encryption key is on file with the 
> > Government. Many multi-national corporations made sure to route their 
> > 'secure' traffic
> > _around_ France for that specific reason.
> >
> > Find an encrypted file, and demand that the user show that the key is 
> > on file with the gov't.   *EVIL*GRIN*
> >
> You are not entitled to such a demand.

*IF* it is illegal to have encrypted materials without the key on file with
the gov't,, then it would seem reasonable, on discovering such, to demand
proof that the file -- being that it is  _on_my_property_ --  in question 
is _not_ illegal.

> The same way I just can't barge in to your house and demand to see your 
> permit to build there.

Under some circumstances, I _can_.

To wit: If you're building on _my_ property, I _do_ have the right to demand 
proof that you are doing it 'legally'.

> The same way I just can't demand your driver's license unless I'm law 
> enforcement.

Under some circumstances, I _can_.

To wit: If you want to drive _my_ car, I most certainly can demand proof 
that you have a license.

> By the way, you're wrong again. Encryption is perfectly legal in France 
> up to a specific key length, above which you are supposed to register it 
> with the government.

As I said, "a number of years ago", that _was_ the situation -- I'm glad 
to see that France has relaxed their stance on  the matter.

*LOTS* of countries had lots of 'stupid' rules about ecnryption and 
encryption  technology.  the USA used to require an 'international arms
dealer' certification to export any encryption technology

BTW, the reason I can *legally* do those things you say are unlawful is
that I am _not_ in France,  Nor even anywhere in the EU.  The rules _I_
have to play by _are_ different.

Want to link to this message? Use this URL: <>