100,000 happy pictures: a new tool in the cyber ‘arms race’ against child sex offenders | Technology
Lhe Chief of the Gendarmerie, Dr Janis Dalins, is on the hunt for 100,000 images of happy children – a toddler in a sandbox, a nine-year-old winning a prize at school, a sullen teenager unwrapping a present at Christmas and pretending not to care.
The search for these safe and happy images is the goal of a new campaign to crowdsource a database of ethically sourced images that Dalins hopes will help create better investigative tools for use in the fighting what some have called a “tsunami” of child sexual abuse. online material.
Dalins is the co-director of the AiLecs Lab, a collaboration between Monash University and the Australian Federal Police, which develops artificial intelligence technologies for use by law enforcement.
In its new My Pictures Matter campaign, people over the age of 18 are invited to share safe photos of themselves at different stages of their childhood. Once uploaded with information identifying the age and person in the image, these will go into a database of other safe images. Eventually, a machine learning algorithm will be created to play this album over and over again until it learns what a child looks like. He can then go in search of them.
The algorithm will be used when a computer is seized from someone suspected of possessing child sexual abuse material to quickly indicate where they are most likely to find images of children – an otherwise slow and laborious process whom Dalins met while working in digital. forensic medecine.
“It was totally unpredictable,” he says. “A person gets caught and you think you’ll find a couple hundred pictures, but it turns out this guy is a huge hoarder and that’s when we go days, weeks, months to sort this stuff out.”
“That’s where triage comes in; [the AI] says if you want to look for this stuff, look here first because the stuff that’s probably bad is what you should see first. It will then be up to an investigator to review each image flagged by the algorithm.
Monash University will retain ownership of the photograph database and impose strict restrictions on access.
The AiLecs project is small and focused, but part of a growing number of machine learning algorithms that law enforcement, NGOs, businesses and regulators are deploying to combat the online dissemination of material of child sexual abuse.
These include those like SAFER, an algorithm developed by the non-profit group Thorn that runs on a company’s servers and identifies images at the point of download and web crawlers like this. operated by Project Arachnid which scours the internet for new sources of known child sexual abuse material.
Whatever their function, Dalins says the proliferation of these algorithms is part of a larger technological “arms race” between child sex offenders and authorities.
“It’s a classic scenario – the same thing happens in cybersecurity: you build a better encryption standard, a better firewall, and then someone, somewhere tries to figure it out,” he says.
“[Online child abusers] were among the most safety-conscious people online. They were much more advanced than the terrorists in my time.
“A veritable tsunami”
It is an uncomfortable reality that there is more child sexual exploitation material being shared online today than at any time since the internet was launched in 1983.
UK authorities have faced a 15-fold increase in reports of child sexual abuse material online over the past decade. In Australia, the eSafety Commission described a 129% spike in reports during the early stages of the pandemic as “a veritable tsunami of this washing of shocking material across the internet”.
Acting Security Commissioner Toby Dagg told Guardian Australia the problem was a “global problem” with similar spikes recorded during the pandemic in Europe and the United States.
“It’s huge,” Dagg said. “My personal view is that this is a slow-moving disaster that shows no signs of slowing down anytime soon.”
Although there is a common perception that violators are confined to the back alleys of the internet – the so-called dark web, which is heavily guarded by law enforcement – Dagg says there has been a hemorrhage considerable in commercial services that people use every day.
Dagg says the full suite of services “from top to bottom of the tech stack” – social media, image sharing, forums, cloud sharing, encryption, hosting services – are being exploited by offenders, especially where “Security has not been adopted as a core principle of the industry”.
The flood of reports of child sexual abuse material came as these services began scanning their systems for it – most of the material detected today is already known to authorities because offenders collect and trade it as “sets”.
As many of these internet companies are based in the United States, their reports are directed to the National Center for Missing and Exploited Children (NCMEC), a non-profit organization that coordinates reporting on the issue – and the 2021 results are revealers. Facebook reported 22 million child abuse images on its servers in 2021. Apple, meanwhile, only disclosed 160.
These reports, however, do not immediately result in takedowns – each must be investigated first. Even when entities like Facebook make good faith efforts to report child sexual exploitation material on their systems, the volume is overwhelming for authorities.
“It’s happening, it’s happening on a massive scale, and therefore you have to conclude that something went wrong,” Dagg says. “We are evangelists of the idea of security by design, that security should be built into a new service when it comes to market.”
A fundamental design flaw
The evolution of this situation owes much to the way the Internet was built.
Historically, the dissemination of child sexual exploitation material in Australia was limited due to a combination of factors, including restrictive laws that controlled the importation of adult content.
Offenders often exploited existing adult entertainment supply chains to import this material and had to form trusted networks with other like-minded people to obtain it.
This meant that when one was taken, all were taken.
The advent of the Internet changed everything when it created a frictionless means of communication where images, videos and texts could be shared almost instantly with anyone, anywhere in the world.
University of New South Wales criminologist Michael Salter says the development of social media has only gone further.
“It’s a bit like setting up a kindergarten in a nightclub. Bad things are going to happen,” he said.
Slater says a “naive futurism” among early Internet architects assumed the best of every user and failed to consider how bad faith actors might exploit the systems they were building.
Decades later, offenders have become very good at finding ways to share libraries of content and form dedicated communities.
Slater says that legacy lives on, as many services do not scan their systems for child sexual abuse material and those that do often scan their servers periodically rather than taking preventative measures like scanning files at download point.
Meanwhile, as authorities catch up to this reality, dark new frontiers are also being opened up by technology.
Lara Christensen, senior lecturer in criminology at the University of the Sunshine Coast, says “virtual child sexual assault material” – video, images or text of anyone who is or appears to be a child – poses new challenges.
“The key words are ‘seems to be’,” says Christensen. “Australian the legislation goes beyond the protection of actual children and recognizes that it could be a gateway to other documents.
Although this type of material has been around for a few years, Christensen worries that more sophisticated technologies are opening up a whole new specter of infringements: realistic computer-generated images of children, real photos of children designed to look like fake, transformed photographs and text stories.
She says each creates new opportunities to directly harm children and/or attempt to groom them. “It’s all about accessibility, anonymity and affordability,” says Christensen. “When you put those three things in the mix, something can become a huge problem.”
A human in the loop
Over the past decade, the complex mathematics behind the algorithms for countering the wave of this criminal material has evolved considerably, but it is still not without its problems..
One of the biggest concerns is that it’s often impossible to know where the private sector got the images they used to train their AI. These may be child sexual abuse images or photos taken from open social media accounts without the consent of those who uploaded them. Algorithms developed by law enforcement have traditionally relied on images of abuse captured by offenders.
This risks re-traumatizing survivors whose images are used without their consent and fueling the biases of the creators of the algorithms through a problem known as “overfitting” – a situation where algorithms trained on bad or limited returns poor results. .
In other words: teach an algorithm to look for apples and it might find you an Apple iPhone.
“Computers will learn exactly what you teach them,” says Dalins.
This is what the AiLecs lab is trying to prove with its My Pictures Matter campaign: that it is possible to build these essential tools. with the full consent and cooperation of those whose childhood images are used.
But despite all the advances in technology, Dalins says child sexual abuse investigations will always require human involvement.
“We’re not talking about identifying things for the algorithm to say x and that’s what goes to court,” he says. “We don’t see a time in the next five or ten years where we fully automate a process like this.
“You need a human in the loop.”
Members of the public can report illegal and restricted content, including child sexual exploitation material, online to the eSafety Commission.