Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Jul 2011 10:20:09 -0500 (CDT)
From:      Robert Bonomi <bonomi@mail.r-bonomi.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: Tools to find "unlegal" files ( videos , music etc )
Message-ID:  <201107191520.p6JFK9d3033870@mail.r-bonomi.com>
In-Reply-To: <4E258C98.8010109@my.gd>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> From owner-freebsd-questions@freebsd.org  Tue Jul 19 08:55:07 2011
> Date: Tue, 19 Jul 2011 15:54:32 +0200
> From: Damien Fleuriot <ml@my.gd>
> To: freebsd-questions@freebsd.org
> Subject: Re: Tools to find "unlegal" files ( videos , music etc )
>
>
>
> On 7/19/11 1:57 PM, Robert Bonomi wrote:
> >> From owner-freebsd-questions@freebsd.org  Tue Jul 19 05:54:52 2011 
> >> Date: Tue, 19 Jul 2011 12:54:38 +0200 From: Damien Fleuriot <ml@my.gd> 
> >> To: "C. P. Ghost" <cpghost@cordula.ws> Cc: Frank Bonnet 
> >> <f.bonnet@esiee.fr>,
> >>         "freebsd-questions@freebsd.org" 
> >>         Subject: Re: Tools to find "unlegal" files ( videos , music 
> >>         etc )
> >>
> >>
> >>
> >> On 7/19/11 11:06 AM, C. P. Ghost wrote:
> >>> On Tue, Jul 19, 2011 at 8:55 AM, Damien Fleuriot <ml@my.gd> wrote:
> >>>> On 19 Jul 2011, at 08:15, Frank Bonnet <f.bonnet@esiee.fr> wrote:
> >>>>> In France it's illegal and I have my boss's instruction :
> >>>>>
> >>>>> - find and delete the files that's all.
> >>>>
> >>>> Bon courage then...
> >>>>
> >>>> A file can not be illegal per se, so you won't be able to detect 
> >>>> these by looking up names or contents.
> >>>
> >>>> Even then, if a file is labeled as personal, privacy protection 
> >>>> applies and it is *unlawful* for you to process it.
> >>>
> >>>> (That is in the same way that your employer is strictly forbidden 
> >>>> from peeking inside your email messages clearly labeled as personal, 
> >>>> even if they were received on your work mailbox.)
> >>>
> >>> Exactly!
> >>>
> >>> Speaking with my university sysadmin hat on: you're NOT allowed to 
> >>> peek inside personal files of your users, UNLESS the user has waived 
> >>> his/her rights to privacy by explicitly agreeing to the TOS and 
> >>> there's legal language in the TOS that allows staff to inspect files 
> >>> (and then staff needs to abide by those rules in a very strict and 
> >>> cautious manner). So unless the TOS are very explicit, a sysadmin or 
> >>> an IT head can get in deep trouble w.r.t. privacy laws.
> >>>
> >>
> >> The poorly written IT TOS of a company can never bypass the law, 
> >> regardless of anything you agreed to in your company's TOS.
> >
> > "male bovine excrement" applies.
> >
> > For example, if it is part of the _terms_of_emplyment_ -- which one 
> > *agreed* to, by going to work there --that you (the employeee) give 
> > permission for the company, or it's agents, to examine any file you 
> > store on the system.
> >
> >> It *is* unlawful for them to even open your files as long as they are 
> >> clearly labeled as private.
> >
> > Oh my.  making back-ups is unlawful.  Replacing a failed drive in a 
> > RAID array is unlawful.  Re-arranging storage allocation is unlawful.  
> > *SNORT*
> >
>
> You're playing dumb. On purpose. 

False to Fact.  

Using satire to make a point, yes.

Obviously, it is _not_ unlawful to 'even open' a file that is 'labelled as
private'.  

Herr Ghost subsequently clarified that he meant 'opened by a person' -- which,
if _that_ is an accurate description of the law in question,  means that a 
purely mechanical process, such as a loop running file(1) on all files, and
logging a filtered subset of that output would _not_ qualify as 'opening' 
under the law, either.

>                                  That's called trolling. That's frowned 
> upon, both by the community and by the list's charter.

Irrelevant, and immaterial.

> Just because you sign a bit of paper doesn't make everything it contains 
> law.
>
> I do not have to remind anyone of the number of cases where, for example, 
> ISPs got condemned for abusive terms in their contracts, and said terms 
> nullified.

No, but you _do_ have to specify the jurisdiction in which it happened.
The rules _are_  different in different jurisdicitons.

>
> > Under the laws of _what_ jurisdiction?
> >
>
> http://www.acbm-avocats.com/spip.php?article37
>
> Files are considered to be work related UNLESS they're clearly 
> labeled/named as private.

AH. _those_ rules *don't* apply to me.

> In which case the employer may not open said files in the absence of the 
> employee.
>
> Just because you do it doesn't make it legal.

But, you see, It _is_ entirely legal where *I* live.

> >> To open them, they would require a judge's injunction, for example in 
> >> cases of pedo pornography or the like.
> >
> > I guarantee you that _I_, as a system administrator, don't need a court 
> > order to do such things.  And, if you claim otherwise, you better be 
> > prepared to cite the statues that prohibit it.
>
> Again just because you do it doesn't make it legal.

Repeating, What I do *is* entirely legal.

> Regarding statutes that prohibit it, see above, plus:
>
> European Fondamental Rights: 
> http://www.europarl.europa.eu/charter/pdf/text_fr.pdf
>
> Code du travail: 
> http://www.legifrance.gouv.fr/affichCodeArticle.do;idArticle=LEGIARTI00000
> 6901852&cidTexte=LEGITEXT000006072050&dateTexte=20080513

*NONE* of the above are applilcable to me.

> > This is a corporate environment, it is in the terms of employment that 
> > company computers are for "business use only", that anything on the 
> > machines is 'work done for hire', and thus property of the company.
> >
>
> I hope we'll agree to disagree here.

"you don't know what you don't know" applies.  I don't mean that offensively,
but you have made an unwarranted, unjustified, assumption as to what laws
govern _my_ actions.

> Jurisprudence allows reasonable use of work computers, given that the 
> employee respects L120-4 of Code du Travail.
>
> This one here clearly acknowledges an employee's right to a reasonable 
> personal use of his employer's internet connection:
>
> http://www.legifrance.gouv.fr/affichJuriJudi.do?oldAction=rechJuriJudi&idT
> exte=JURITEXT000019166094&fastReqId=2101417007&fastPos=1

Again, none of that applies to my situation.

> >>>> You may want to look for files that are unusually large. They could 
> >>>> possibly be ISOs, dvdrips, HD movie dumps...
> >>>
> >>> Not to forget encrypted RAR files (which btw. could contain anything, 
> >>> including legitimate content, so be careful here).
> >>>
> >>
> >> It would be unlawful to try to brute force the files' password ;)
> >
> > The last I knew (admittedly a number of years ago), encryption was 
> > illegal in France, EXCEPT where the encryption key is on file with the 
> > Government. Many multi-national corporations made sure to route their 
> > 'secure' traffic
> > _around_ France for that specific reason.
> >
> > Find an encrypted file, and demand that the user show that the key is 
> > on file with the gov't.   *EVIL*GRIN*
> >
>
> You are not entitled to such a demand.

*IF* it is illegal to have encrypted materials without the key on file with
the gov't,, then it would seem reasonable, on discovering such, to demand
proof that the file -- being that it is  _on_my_property_ --  in question 
is _not_ illegal.

> The same way I just can't barge in to your house and demand to see your 
> permit to build there.

Under some circumstances, I _can_.

To wit: If you're building on _my_ property, I _do_ have the right to demand 
proof that you are doing it 'legally'.

> The same way I just can't demand your driver's license unless I'm law 
> enforcement.

Under some circumstances, I _can_.

To wit: If you want to drive _my_ car, I most certainly can demand proof 
that you have a license.

> By the way, you're wrong again. Encryption is perfectly legal in France 
> up to a specific key length, above which you are supposed to register it 
> with the government.

As I said, "a number of years ago", that _was_ the situation -- I'm glad 
to see that France has relaxed their stance on  the matter.

*LOTS* of countries had lots of 'stupid' rules about ecnryption and 
encryption  technology.  the USA used to require an 'international arms
dealer' certification to export any encryption technology


BTW, the reason I can *legally* do those things you say are unlawful is
that I am _not_ in France,  Nor even anywhere in the EU.  The rules _I_
have to play by _are_ different.





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?201107191520.p6JFK9d3033870>