The rush to encrypt...and its unintended victims

By: Julie Inman Grant, eSafety Commissioner, and Detective Inspector Jon Rouse AO, from the Australian Centre to Counter Child Exploitation 

 

There are times when the sheer volume and brutality of the child sexual exploitation material on the internet makes the problem seem insurmountable. In response, we are constantly seeking innovative ways to disrupt this online scourge—and over the past decade we have made progress. But now there are new developments afoot in the tech sector that threaten to arm the pedophile networks we are trying to disrupt.

Collectively, the two of us have been fighting online child sexual abuse for half a century. The type of material that we and our teams deal with does not bear close description.  But let us provide a few examples of the kinds of human casualties we see on the internet every day:

  • The live streaming of toddlers being sexually violated by family members for viewing by the highest bidders overseas;
  • Horrendous instances of children being coerced and forced to commit lurid sexual acts via the web cams in their bedrooms for predators, while the voices of their unwitting parents are being heard in the next room;
  • Traumatised adolescent victims of “sextortion” succumbing to persistent and escalating demands for daily payments, or for more sexually explicit self-produced material, for fear their images will be released online.

The new challenge we are facing is the headlong rush by the technology industry into what is known as “end to end encryption,” which threatens, under the false flag of privacy, to undermine many of the significant gains we have made in the fight against child exploitation. We fear it could create a virtual untrammelled hunting-ground for paedophiles to groom new prey, if we don’t take action now.

The long-term trauma experienced by victims whose sexual torture has been recorded and posted to the internet is incalculable. And in recent years this problem has been exacerbated by new technologies that mean perpetrators can sexually abuse children via livestreams without ever having  direct physical access to a child to commit their abuse.

The proliferation of social media, online gaming and mobile technologies provides a vast new repository for predators to reach their victims, anywhere in the world.  The devastating consequences of this are the thousands of innocent young people who are being manipulated, blackmailed and abused via the internet. We estimate that almost 70 per cent of the material being seized and viewed by our investigators can be classified as “coerced child sexual abuse material”—created by children with their iPhones in their bedrooms.

Because this is effectively an “arms race,” we too are harnessing technology and using more sophisticated strategies for disrupting online child abuse networks.  The internet is now made up of a complex web of players who all have a role in making their platforms inhospitable places for purveyors of online child abuse. None are more important than the major technology companies whose services have been abused and have provided fertile new platforms for predators to ensnare their victims.

That is why we have long worked with the likes of Microsoft, Google, Apple, Twitter and Facebook. These companies are endowed with tremendous intellectual and technological capacity, vast financial resources, and the best engineering and problem-solving capability on earth. And while we appreciate their respective contributions to the fight against child sexual exploitation, we can only imagine the advancements that could, and should have been made, if this embarrassment of riches were prioritised towards the safety of children on their platforms. 

Of particular concern is industry’s stampede to full encryption. As leaders of organisations dealing with the devastating consequences that online predation leaves in its wake, we must sound the alarm bells. For instance, Facebook’s proposal to end-to-end encrypt on all of its messaging services on WhatsApp, Facebook and Instagram will leave literally billions of potential victims out of the protective reach of law enforcement, governments and industry themselves. This is because under end-to-end encryption, only the sender and intended recipient can read the message or see what content is being shared. Facebook can no longer scan their properties for known child sexual abuse material (or terrorist content, for that matter) and can effectively absolve themselves of responsibility for the offences being perpetrated on their services.

We simply cannot let these product developments proceed without a robust discussion about the implications to their billions of vulnerable users.  We need to hold all companies to account and demand to know how they will mitigate these significant risks to children on their platforms – whether on Skype or FaceTime or YouTube or Twitch. We should compel them to invest in meaningful and innovative approaches to detecting child sexual abuse on encrypted services and to develop and deploy their services with “Safety by Design” at the core.

While there is no question that privacy and security are important, it is a false dichotomy to pit privacy and safety as countervailing interests, just as it is a false choice to say that security must be prioritised over privacy and safety.  Privacy, safety and security are three legs of the same stool—and when one leg is out of balance, the stool falls over.  Child sexual exploitation can no longer be a “back-burner issue” for the global tech platforms.  These companies have a moral responsibility to use their considerable resources to mitigate the harms that will inevitably follow these latest changes.

This is the text of an opinion article that appeared in The Australian newspaper on Monday 26 August

While there are threats to our kids on the internet, that is no reason to panic or despair.

There are a range of straightforward things parents and carers can do to minimise the dangers.

Some examples:

  • Stay involved in your child’s digital world
  • Build an open, trusting relationship
  • Help your child to protect their online privacy
  • Teach your child to be alert to signs of inappropriate contact:
    • Talk to them about what makes a good online friend
    • Teach them how to recognise if an online friendship has turned risky

For further tips on dealing with unwanted contact and grooming, visit https://www.esafety.gov.au/parents/big-issues/unwanted-contact


Sign up for eSafety News

Stay up to date with online
issues, new resources, events, and the latest research.