TAKEITDOWN.HELP For Lawyers & Law Enforcement — US
takeitdown.help/us/legal
United States DOC · US-LLE · LAST REVIEWED 2026-07-09

For Lawyers & Law Enforcement

We preserve victim-authorized evidence of non-consensual intimate imagery, sexual deepfakes, and related extortion — as sealed, court-grade packages the adult victim or their representative transfers to counsel, law enforcement, or another competent authority.

01 Legal basis 4 statutes
47 U.S.C. § 223a

TAKE IT DOWN Act — notice-and-removal; FTC enforcement since May 19, 2026. Recognizes victim or authorized-person requests.

18 U.S.C. § 2703(f)

Lets governmental entities require providers to preserve records pending legal process.

FRE 901 / 902

Authentication and self-authentication of digital and electronically-generated records.

17 U.S.C. § 512

Familiar authorization-under-penalty-of-perjury structure for a representative.

02 What the evidence package contains 6 artifacts

Not "just a screenshot." Each package is a structured record that can be re-hashed, replayed, time-checked, and signature-checked by counsel, investigators, or forensic examiners.

WACZ

Replayable web archive of the page and its subresources — not just an image.

HAR

Full HTTP request/response log: URLs, status codes, headers, timings.

Screenshot

Human-readable full-page visual of the captured state.

PDF

Filing-friendly printable rendering.

Console log

Browser console output — explains blocked resources or script failures.

Request trace

Supplemental network metadata; cross-checks capture completeness.

Blocked, unavailable, or authenticated content and platform-side changes are logged as limitations — never filled in.

03 How it is sealed & verified 9 controls
SHA-384

Per-artifact byte fingerprint; any change alters the digest.

Merkle root

One signed root protects every artifact hash.

ECDSA P-384

Root signed by the production key managed in AWS KMS.

RFC 3161

DigiCert timestamp binds the sealed hash to trusted external time.

Signed manifest

URL, capture time, inventory, hashes, versions, signature, timestamp chain.

Custody log

Ordered: capture, hash, sign, timestamp, export, verify, transfer.

CloudTrail

Multi-region log of KMS signing and key access.

S3 Object Lock

Compliance-mode retention; sealed objects can't be overwritten or deleted.

Audit checkpoints

Independent signed checkpoint chain to detect later tampering.

Anyone can verify a sealed package offline — without trusting takeitdown.help. The verifier re-hashes every artifact, recomputes the Merkle root, checks the ECDSA P-384 signature and RFC 3161 timestamp, reconciles the manifest against the custody log, and returns a pass/fail report naming any mismatch. The WACZ archive replays in standard tooling.

04 Daubert alignment 5 factors

Aligned to the reliability factors — without guaranteeing any court will admit a particular record.

Testability

Re-hash, signature-, timestamp-, manifest-, and replay-checked offline.

Known error rate

Measured against a documented validation corpus.

Standardized primitives

SHA-384, ECDSA P-384, RFC 3161, WACZ, HAR — published formats.

Standards & controls

Versions, manifests, signatures, timestamps, custody, CloudTrail, Object Lock.

General acceptance

Hashing, signatures, trusted time, web archives, immutable storage, custody logs.

Police & investigators

Pre-removal preservation. Captures the public record before takedown, deletion, or re-encoding alters it.
Metadata matrix. URLs, account identifiers, timestamps, hashes, signed manifests, verifier output, custody records.
Independent transfer. Subpoenas, warrants, and charging decisions remain with law enforcement and courts.

Lawyers & counsel

Authentication-ready. Supports FRE 901 foundation and FRE 902(13)/(14) certification workflows.
Forensically neutral. Neutral as to liability and identity; every manifest, hash, and custody entry is inspectable.
Representative authority. Victim authorization is preserved so counsel can confirm agency and standing.
Institutional intake
legal@takeitdown.help

Sealed-package transfer and technical-annex access after institutional verification. Do not email intimate content.

Disclaimer

takeitdown.help is an automated evidence-preservation utility — not a law firm, forensic laboratory, court, or government service. It does not guarantee removal, admissibility, or prosecution. Whether a preserved record is admissible, reliable, or sufficient is determined solely by the relevant court or competent authority. Full technical methodology is available to qualified professionals on request.

References 11 links
For Lawyers & Law Enforcement — US · Desktop
TAKEITDOWN.HELP Legal — US
9:41
TAKEITDOWN.HELP A Custodire AI Initiative
EN
United States

For Lawyers & Law Enforcement

We preserve victim-authorized evidence of NCII, sexual deepfakes, and extortion — as sealed, court-grade packages transferred by the victim or their representative.

DOC · US-LLE · REV 2026-07-09
01 Legal basis 4 statutes

47 U.S.C. § 223a

TAKE IT DOWN Act — notice-and-removal; FTC enforcement since May 19, 2026. Recognizes victim or authorized-person requests.

18 U.S.C. § 2703(f)

Lets governmental entities require providers to preserve records pending legal process.

FRE 901 / 902

Authentication and self-authentication of digital and electronically-generated records.

17 U.S.C. § 512

Familiar authorization-under-penalty-of-perjury structure for a representative.

02 Evidence package 6 artifacts

Not just a screenshot. Each package is structured, replayable, hash-checked, time-checked, and signature-checked.

WACZ

Replayable web archive of the page and its subresources — not just an image.

HAR

Full HTTP request/response log: URLs, status codes, headers, timings.

Screenshot

Human-readable full-page visual of the captured state.

PDF

Filing-friendly printable rendering.

Console log

Browser console output — explains blocked resources or script failures.

Request trace

Supplemental network metadata; cross-checks capture completeness.

Blocked, unavailable, or authenticated content is logged as a limitation — never filled in.

03 Seal & verify 9 controls

SHA-384

Per-artifact byte fingerprint; any change alters the digest.

Merkle root

One signed root protects every artifact hash.

ECDSA P-384

Root signed by the production key managed in AWS KMS.

RFC 3161

DigiCert timestamp binds the sealed hash to trusted external time.

Signed manifest

URL, capture time, inventory, hashes, versions, signature, timestamp chain.

Custody log

Ordered: capture, hash, sign, timestamp, export, verify, transfer.

CloudTrail

Multi-region log of KMS signing and key access.

S3 Object Lock

Compliance-mode retention; sealed objects can't be overwritten or deleted.

Audit checkpoints

Independent signed checkpoint chain to detect later tampering.

04 Daubert alignment 5 factors

Aligned to reliability factors — without guaranteeing a court will admit any particular record.

Testability

Re-hash, signature-, timestamp-, manifest-, and replay-checked offline.

Known error rate

Measured against a documented validation corpus.

Standardized primitives

SHA-384, ECDSA P-384, RFC 3161, WACZ, HAR — published formats.

Standards & controls

Versions, manifests, signatures, timestamps, custody, CloudTrail, Object Lock.

General acceptance

Hashing, signatures, trusted time, web archives, immutable storage, custody logs.

Verify any sealed package offline — re-hash artifacts, recompute the Merkle root, check the ECDSA P-384 signature and RFC 3161 timestamp, reconcile the manifest and custody log, get a pass/fail report. No need to trust takeitdown.help.

For police & investigators
Pre-removal preservation. Captures the public record before takedown or re-encoding alters it.
Metadata matrix. URLs, identifiers, timestamps, hashes, signed manifests, verifier output, custody records.
Independent transfer. Subpoenas, warrants, and charging decisions remain with law enforcement and courts.
For lawyers & counsel
Authentication-ready. Supports FRE 901 foundation and FRE 902(13)/(14) certification workflows.
Forensically neutral. Neutral as to liability and identity; manifest, hashes, and custody are inspectable.
Representative authority. Victim authorization is preserved so counsel can confirm agency and standing.
References 11 links
Institutional intake
legal@takeitdown.help

Sealed-package transfer after institutional verification. Do not email intimate content.

Disclaimer

takeitdown.help is an automated evidence-preservation utility — not a law firm, forensic lab, court, or government service. It does not guarantee removal, admissibility, or prosecution. Admissibility is determined solely by the relevant court or authority.

C A Custodire AI Initiative
Legal — US · Mobile