Survivor Protection & Takedown Policy
Content Removal Requests & Privacy Protections
What We Protect Automatically
We maintain multiple automated protection systems that run every time the site is rebuilt:
- Protected victim names — Names on our protected list are automatically replaced with "[Victim Name Redacted]" across all auto-generated pages (document previews, people pages, deposition transcripts, YouTube transcripts, Skype messages).
- Protected family member names — Family members of survivors receive the same name redaction.
- PII pattern detection — Email addresses, phone numbers, Social Security numbers, passport references, and dates of birth are automatically detected and redacted from document text previews, transcript segments, and people page snippets.
- Survivor face images — Known survivor face images are censored (displayed as black boxes) and the image files are permanently deleted from our servers.
- Minor/child images — Images identified as depicting minors are censored and deleted.
- Face recognition exclusion — Our facial recognition system is configured to never identify or label survivor faces, even when their images appear in source documents.
How to Request Content Removal
Email us:
To help us act quickly, please include as much of the following as possible:
- The EFTA ID or page URL where the exposure appears
- The type of content to remove (name, photo, passport, contact details, email, etc.)
- The page number within the document, if applicable
You do not need to:
- Prove your identity
- Prove you are a survivor
- Provide private information about yourself
- Explain the nature of your involvement
Third-party reports on behalf of survivors are equally welcome. You may report content exposure you have identified even if it does not involve you personally.
What We Will Remove
Tier 1 — Immediate removal (no verification needed)
The following content types are always removed upon request, without verification:
- Personal identifying information (PII) — email addresses, phone numbers, physical addresses, passport information, Social Security numbers, dates of birth
- Images of minors — any image identified as depicting a minor
- Images of survivors who have not voluntarily gone public — face images, body images, personal photos
- Family member information — names, photos, and contact details of survivor family members
Tier 2 — Name redaction (basic corpus check)
Requests to redact a person's name from all auto-generated text on the site require a brief internal review:
- We check whether the name appears in victim context in the EFTA corpus (FBI victim lists, abuse testimony, recruitment-related documents)
- If victim context is found, the name is added to our protected list immediately
- If the requestor provides a Jane Doe docket number from related proceedings, that is also sufficient
What We Will Not Remove
To preserve the public accountability function of these records, we do not remove:
- Documentary evidence of perpetrator conduct — flight logs, financial records, staff communications, business correspondence
- Investigative findings backed by EFTA source documents
- Publicly filed court documents from CourtListener/RECAP
- Congressional deposition records
- Information about individuals who appear exclusively in perpetrator, associate, or staff contexts
This distinction is critical: removing PII protects privacy without hiding evidence. An email address or passport number is never proof of a crime. A flight log or financial transfer record may be.
How We Verify Without Requiring Private Information
We understand that requiring survivors to prove their victimhood is itself harmful. Our verification process is designed to prevent abuse of the takedown system without burdening legitimate requestors:
- Tier 1 requests (PII, images) are processed without any verification. Removing someone's email address or phone number from a page can never hide evidence of criminal conduct.
- Tier 2 requests (name redaction) are verified against our corpus: we check whether the name appears in documents related to victimization (FBI victim lists, abuse testimony, recruitment records). This check is internal — we do not ask the requestor for any information beyond the name itself.
- Ambiguous cases default to protection. If someone's role in the corpus is genuinely unclear, we err on the side of redacting the name. This can always be reversed later if new information emerges.
Anti-Abuse Protections
We are aware that bad actors may attempt to use takedown requests to hide evidence of their involvement. Our safeguards:
- PII removal is separate from evidence removal. We will always remove a person's phone number or email address. We will never remove a finding that documents their conduct.
- Corpus context check. For name redaction requests, we check whether the name appears in victim context (FBI victim lists, abuse testimony) versus perpetrator context (flight logs, staff lists, financial records). Names appearing exclusively in perpetrator/associate context are not eligible for victim-style redaction.
- Evidence is never removed. Regardless of who makes the request, investigative findings backed by EFTA source documents are preserved.
- All takedown decisions are logged internally for accountability.
Response Times
| Request Type | Target Response |
|---|---|
| PII removal (email, phone, passport, etc.) | 24 hours |
| Image censorship (survivors, minors) | 24 hours |
| Name redaction (with corpus check) | 48 hours |