NetClean Report 2019

Executive
summary

The NetClean Report 2019 is based on two different enquiries. One with law enforcement as is always the case in the NetClean Reports, and one enquiry designed to understand businesses’ response to the problem of child sexual abuse material in their IT environments. The report also includes a third section where we present an overview of technologies and methods available to businesses to stop child sexual abuse material.

In preparation for the NetClean Report 2019 we surveyed law enforcement officers to garner their opinions and insights into the problem of live-streaming. We also looked at trends, how child sexual abuse material is stored and how technology developments present both challenges and opportunities.

In the business part of the report we questioned companies with more than 5,000 employees, to see whether they have policies, action plans and technology in place that address the fact that their IT environment might be used to facilitate the consumption of child sexual abuse material.

Live-streamed child sexual abuse

The results showed that live-streamed child sexual abuse is increasing. However, opinion is split on whether this crime can be classed as frequently occurring, or uncommon.

Voluntarily and induced (through grooming or sexual extortion) self-produced live-streamed child sexual abuse were both reported to be common types of live-streamed material in investigations. However, distant live-streamed child sexual abuse, such as paid for webcam shows, were reported to be less common.

Victims and offenders

Both victims and offenders of voluntarily or induced self-produced live-streamed child sexual abuse were reported to come primarily from the US and Europe. Important to note is that a large proportion of the respondents are from the US and Europe, and that most police officers work primarily on cases close to where they are based. Therefore the result does not necessarily represent the global situation.

Victims of distant live-streaming were reported to come primarily from Asia (a majority from the Philippines), but also from Europe, Russia and the US. Offenders of distant live-streamed child sexual abuse were reported to come from North America and Europe, but also Asia, Russia, Australia and New Zealand.

There was a big difference in opinions as to whether there is an overlap between offenders who groom/extort children and offenders who order distant live-streaming, splitting the opinion of the surveyed police officers in half.

A large majority of respondents reported that it is common to find other types of child sexual abuse material in investigations that include evidence of live-streamed child sexual abuse.

Storage spaces

Laptops, mobile phones and USB sticks are the most common spaces to store child sexual abuse material, but it is also very common to store material on cloud services. Mobile phones are the type of storage space that is increasing the most, followed by USB sticks and external hard drives, and cloud storage.

The survey showed a wide spread of how much material is already known to the police when they start analysing a new case. In some cases all the material is previously unseen, in some cases all material is already known, with most cases landing in between these polarised findings.

Apps and services

A large number of apps and services are used for producing, sharing and storing child sexual abuse material. The surveyed police officers reported that Skype is the most common app used for live-streamed child sexual abuse. For cloud services, Dropbox and Google services were most frequently reported to be used for storing and sharing child sexual abuse material. Snapchat, Facebook and Kik were the most commonly mentioned social media platforms.

Encryption and AI

The biggest trends reported were an increase in cloud storage, encryption and smartphones. Encryption were reported to be the biggest challenge for law enforcement, but darknet and cloud storage were also frequently mentioned. The technological developments that were seen as most helpful to law enforcement in child sexual abuse investigations was Artificial Intelligence, but also different investigation software and sharing of data/intelligence.

Business policies and action plans

Nine in ten businesses reported having a policy in place that states that it is prohibited to handle child sexual abuse in the company’s IT environment. Eight in ten reported having an action plan to deal with the discovery of child sexual abuse material in place.

Technology in place

Eight in ten businesses also reported having technology in place to comply with their policy. Six in ten use filter solutions, often as part of an employee monitoring tool. One in ten businesses reported using a detection solution.

One in ten reported having found child sexual abuse material in the organisation’s IT environment.

Comments on the findings

The NetClean Reports include insights by experts who work in different ways with the issue of child sexual abuse. You will find their comments after each different section in this report. Their observations add additional context and depth to the survey findings.

The result of the surveys provide an overview that helps us as a society to understand child sexual abuse crime better. As for NetClean’s core clients (businesses and large organisations), it is important to us that we do not only say that it is important for businesses to protect their IT environment, but also comprehensively – why.

For more information about our knowledge building work, please read all our reports. Follow our work by reading our blog, and for an overview of technologies used to stop and detect child sexual abuse material see section three of this report and our blog series: Technical Model National Response.