Internet Watch Foundation fights Child Sexual Abuse images online
Internet Watch Foundation fights Child Sexual Abuse images online

The Internet Watch Foundation (IWF) has announced it is to work more closely with the online industry to speed up the identification and removal of Child Sexual Abuse images online.

In a press release issued today, the IWF has announced it will provide hashes or digital fingerprints of Child Sexual Abuse images found online. These hashes will enable companies such as Google, Yahoo, Facebook, Twitter, Microsoft and other web companies to automate the identification and blocking of images.

In a technical blog written by Harriet Lester she has given more detail around the way the hashes are created and what the IWF is planning. There are three different hash schemes in use. MD5 and SHA-1 hashes are widely used across the IT industry. IWF has also created created hashes based on PhotoDNA, a technology originally developed by Microsoft.

Only five companies have signed up at launch

Internet Watch Foundation launches hashes programme
Internet Watch Foundation launches hashes programme

Facebook, Twitter, Microsoft, Yahoo and Google have signed up to this initiative immediately and this is important as they have the greatest reach of the major Internet companies. What would be good is to get a clear statement from them as to how far they will go. For example, will they scan their existing storage on a regular basis to catch images as they are identified? Will they run real-time programmes to catch data as it moves through their system in the form of email attachments?

There are also a lot of other social media channels, cloud storage vendors and ISPs who need to step up here. While most of them will denounce Child Sexual Abuse images, their actions are not so strong. When pressed, many will openly say that it is not their job to police the Internet.

In order to get images removed they require evidence of the URL where the images are available and proof that the police are involved before acting. The often used excuse here is that they cannot actively search for such images either at rest or in transit because to do so would break privacy laws. Making it even even harder is the spread of encryption, generally a good thing, but which does mean it is impossible to apply hashes to encrypted files.

The IWF has in the past reached out to corporate players. One of the big challenges today is the ease with which hackers store their files on other people’s machines. Providing the hashes of known Child Sexual Abuse images and other data to corporate users so that they can scan anything entering or leaving the company network would be a big bonus and there is a need to create a programme to promote this.

There are other groups where this approach can be deployed. Internet Café owners should be persuaded to help but many see this as the thin end of the wedge and that if they help in this issue, they will come under pressure to police other content which will impact their business. Public WiFi providers including coffee shops should get support from their ISPs to enable them to detect customers who are using access to their free WiFi in order to download images.

Friendly WiFi blocks harmful images for public WiFi
Friendly WiFi blocks harmful images

One initiative that will help public WiFi providers is the Friendly WiFi service launched just over a year ago. It already works with Starbucks, Tesco and IKEA to monitor traffic and deliver a safe Internet experience.

This has been a success so far but there is a lot more to be done before it is ubiquitous.

Recently Nomad Digital signed up to the IWF to help police Internet access across the various transport networks it supports worldwide.

Will it make any difference to the spread of Child Sexual Abuse images?

Anything that reduces the spread of such Child Sexual Abuse images has to be welcomed. The biggest hurdle is that most of the images are traded, exchanged and stored on the Dark Net. Until recently, this meant that there was no interest whatsoever in deleting or removing these images.

Over the last year, however, things are slowly changing. There seems to be a small band of hackers who are willing to expose some crimes on the Dark Net that they find objectionable. The problem is establishing a realistic link with such people that works for both sides. One solution could be for a bounty to expose sites and even provide lists of hashes in the same way security companies provide bounties for security exploits.

Conclusion

This is a welcome initiative by the IWF but there is much more than need to be done in order to make it effective. The first thing we now need to see is information about takedown rates and prosecutions. That will provide evidence that this is indeed working.

The next step is wider adoption by the whole Internet industry, not just in the UK but across Europe, United States and the rest of the world. Only then will there be any trust that we are beginning to see progress made in impacting the spread of Child Sexual Abuse images.

LEAVE A REPLY

Please enter your comment!
Please enter your name here