No, really. What does happen when an employee of a healthcare company attacks a website used by rape survivors to support one another? It’s not a hypothetical question. That actually happened. As I wrote earlier:

Due to a deliberate and sustained denial-of-service attack by a FetLife user, the Predator Alert Tool for FetLife reporting mechanism is unavailable. […] The attacker is not shy. She boasts about her actions on the BDSM/leather/kink dating website FetLife.com, where she goes by the username CarolyneTiler. Her legal identity is Caroline Tyler, a resident of Bradford, West Yorkshire in the UK.

[…]

The people whom Caroline Tyler is harming with her denial-of-service attack against Predator Alert Tool for FetLife are the people relying on PAT-FetLife as a way of communicating about dangerous people inside the kink/BDSM community.

Caroline Tyler’s motivations to attack PAT-Fetlife seem, at least in part, to be personally directed at me. However, attacking PAT-FetLife doesn’t harm me in any way. (I don’t use FetLife.) It harms people who want to remain involved in FetLife but who also want to have access to uncensored information about potential play partners. This kind of peer-to-peer reputation system (like “Yelp for BDSMers”), is something FetLife users have been requesting for years and that FetLife still refuses to provide.

If you’re worried about these attacks against PAT-FetLife hurting someone, it’s not me; it’s ethical kinksters on FetLife you should be worried about.

So, what happened? Well, in short order, several determined PAT-FetLife users collated information about Caroline Tyler and learned that she is employed by Egton Medical Information Systems, Ltd. (EMIS), a healthcare technology services provider, of all things. It’s certainly more than a little disturbing that a healthcare industry employee would actively attack a tool that rape survivors use to help keep themselves and others safe from sexual assaults. That’s a bit like calling 9-1-1 only to get shot by the cop who shows up “to help.” (True story.)

So, these PAT-FetLife users took it upon themselves to do something about the situation. The rest of this post is a statement these PAT-FetLife users shared with me, asking for your help in dissuading Caroline Tyler’s continued attacks against PAT-FetLife:

Caroline Tyler’s attacks on PAT-Fetlife are a direct attack on ethical kinksters on Fetlife and on survivors of sexual violence in general.

Context from maymay’s earlier posting:

When will the PAT-FetLife reporting mechanism be available again?

After Caroline Tyler’s first attack, I re-enabled PAT-FetLife. The next day, she again attacked the reporting form. This shows a deliberate intent to keep sexual violence survivors from accessing tools they use to communicate.

Unfortunately, also as discussed in my prior post, there is currently no technological way to prevent Caroline Tyler from continuing to make the PAT-FetLife reporting service unavailable. […] Adding new information to PAT-FetLife will therefore only be possible when at least one of the following happens:

  • Google Forms updates the PAT-FetLife back-end to their “new” Google Spreadsheets system. The timeline they provided for this is “in 2014,” so that could be a few months yet.
  • Caroline Tyler stops launching her denial-of-service attack on PAT-FetLife, either by her own choice or by being compelled to stop through social, legal, or other pressure.
  • A new version of Predator Alert Tool for FetLife based on the DAO technology I am currently exploring (mentioned above) is ready.

The last two bullet points – stopping Caroline Tyler’s denial-of-service attacks on PAT-Fetlife, and creating a new version of PAT-Fetlife – are how you can help. Coders with technical skills who want to help create a new Predator Alert Tool version should start by looking at the various PAT code repository websites. But even without new code, we can also help by speaking out against these attacks as follows.

Stop Caroline Tyler’s denial-of-service attacks on Fetlife

First, it’s worth noting that Caroline Tyler has been completely public about her actions and her identity. All the information in the Pastie page doxxing her is information she put online herself. She used her own name as her Fetlife username: She ain’t in the closet.

Second, the goal is not to get anybody fired, if only because then they’ll be even angrier and have more time to sit at home and continuing to launch DOS attacks. The goal is to stop the DOS attacks.

With that in mind, here’s specific ways you can help do that.

  1. Offering legal help: If you are or know a lawyer who takes on sexual violence cases, internet crimes cases, or both, contact maymay directly. If you are or know a programmer, talk to MM about how you can use those skills to help out.
  2. Contacting Caroline Tyler directly: If you’re on Twitter or Google Plus and can send a message to Caroline’s @-mentions or notifications (by following the previous links), remind her that her actions in taking down PAT-Fetlife are harming other people. Notably, after MM’s earlier updates, it appears Caroline Tyler removed her FetLife, LinkedIn, and other social media profiles (despite archives of each existing)—but if you see her appear in those places again, drop her a note there, too. In the mean time, you can chime in on the threads of her FetLife friends, such as this one.
  3. Contacting Caroline’s employer: We wrote and sent several emails to Caroline’s employer, EMIS, and encourage you to do the same. Templates are provided here. Click the “Send this email to EMIS HR personnel” link below the email you want to send to pre-fill your email program with the template:
    • Dear sir or madam:

      It has come to our attention that one of your employees, one Caroline Tyler, has been performing a Denial-Of-Service attack upon a rape reporting tool. Pursuant to Part 5, item 36 of the Police and Justice Act 2006, such attacks are illegal with penalties for those found guilty of such an attack being up to 10 years of imprisonment. As such, we are informing you that we are in the process of seeking legal advisement for pressing criminal charges. As you should already be aware, should such activity have been done using equipment belonging to your company, charges may extend to your business as well.

      Regards,
      YOUR_NAME

      Send this email to EMIS HR personnel

    • Dear Sue Mosley, Katy Standish, and Matt Murphy:

      I am a user of a program called PAT-fetlife, a volunteer-created anti-rape database for the social networking website Fetlife. An employee of EMIS, Caroline Tyler, an IT systems support consultant, has identified herself as engaging in “hacking” activities, specifically launching an ongoing denial-of-service attack on PAT-Fetlife and then boasting on Fetlife about doing so. The creator of PAT-Fetlife is currently seeking a lawyer.

      EMIS may wish to launch its own investigation into the matter, as a DOS attack on a volunteer-created database intended to address the public health issue of rape is directly counter to the mission of EMIS to create databases to improve public health and does not improve the reputation of EMIS as a whole.

      A brief outline of the ongoing incident can be found here:

      http://days.maybemaimed.com/post/92305706015/why-attacking-predator-alert-tools-backfire-on-attackers

      More details, including screen-shots of Caroline Tyler publicly boasting on Fetlife about the DOS attack can be found here:

      http://maybemaimed.com/2014/07/19/why-attacking-predator-alert-tools-backfire-on-attackers/

      Sincerely,

      YOUR_NAME

      Send this email to EMIS HR personnel

    It is reasonable to contact EMIS HR personnel, Caroline Tyler’s employer (as is easily gathered from her LinkedIn profile), in this case because as the originating computer(s) are not known, Caroline Tyler MAY be using work computers to carry out the DOS attack, which is undoubtedly against company policy.

    EMIS describes itself as “The UK’s leading supplier of healthcare software to GPs and a major software supplier to high street pharmacies.” In a nutshell, they make remotely accessible databases for health care. Hence, as PAT-Fetlife is a database to address the public health issue of rape, Caroline Tyler is acting to destroy something of the exact nature as the things she spends her work life building. According to GlassDoor, EMIS usually hires unskilled people and trains them in IT work, so there’s a good chance that Caroline Tyler acquired the skills and knowledge she’s using to attack PAT-Fetlife from working at EMIS.

    EMIS may have policies against their programmers engaging in illegal “hacking” in their free time. Even if they don’t, this will be embarrassing if it’s smeared across the papers (“EMIS Worker Attacks Anti-Rape Program”).

    If you’re in the medical/pharmaceutical or programing industry, particularly in England or otherwise in their hiring/selling region, please mention this to EMIS; these are the specific industries they are in and you are better positioned to exert social pressure on EMIS to curb the behavior of their employee.

Donate Bitcoin

Flattr this!