Internet Society Belgium hosted an event on “Is Privacy Killer the solution to Child Sexual Abuse?” (https://www.internetsociety.be/events/child-sexual-abuse/)
This event was well held as a physical meeting, applying Chattan House rules: the principle is that participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed. This rule was well perceived by participants, as it enabled to debate about possible ideas without risking of being pointed to have said something bad or incorrect.
Here are some outcomes of this meeting.
- It was clear for participants, that breaking end-to-end encryption may appear first as a solution to analyse child abuse content exchanged through the Internet… but is causing a much bigger risk by endangering all communications sent through the Internet. Moreover, for people knowing they are making something illegal, they would rapidly switch to a better encrypted solution (such as Pretty Good Privacy) making legislation inadequate;
- Some other ideas were also discarded, such as better controlling money, this because child sexual abuse was more perceived as a “disease/sickness” by most participants, and not necessarily a money-based “business”.
- While no single solution was found to solve all issues, many ideas contributing to reduce Child Sexual Abuse and to be able to track, pursuit and condemn criminals were proposed (important note: not all people agreed to all solutions, it was a debate! Sometimes people may agree on the principle — as the need of user education — but not necessarily how it should be applied and what’s the exact content, which should need further work).
- We had a consensus on the following points:
- work on user education side, including use of social networks and sexual education at school;
- create honeypots to catch criminals; those honeypots could use Artificial Intelligence to generate content able to attract criminals, while avoiding exploiting real criminal content (inspiration: thispersondoesnotexist.com)
- we could better act on server-side with more control on data, and use encryption to solve the issue; a good inspiration example is stopncii.org;
- we could use more security techniques — including biometrics — combined with anonymization: for instance, to have age verification on some social platforms without having to reveal identity, could prevent adults from appearing as young children while they aren’t;
- metadata of exchanged content, combined with Artificial Intelligence and Big Data, can assist in helping to identify criminals, even if content itself is not disclosed;
- if exchanged content can be inspected and changed by someone between sender and receiver, this may help criminals to invalidate evidence; on the contrary, encryption, with digital signatures and non-repudiation principles, can help to prove culpability and to condemn criminals;
- As a conclusion, while no single solution was found to solve all issues, there are many ideas contributing to reduce Child Sexual Abuse. Those concrete ideas can lead to proposals to be able to track, pursuit and condemn criminals, and most of them are using encryption and modern techniques. Those solutions would not have contra-productive effects, as lowering encryption may cause. Encryption brings solution to Child Sexual Abuse Material.
Is Privacy Killer the solution to Child Sexual Abuse? No. We need more encryption.