[Cryptography] Encryption and anonymity as top tools for images of child sexual abuse

Tom Mitchell mitch at niftyegg.com
Mon Sep 30 00:16:06 EDT 2019

On Sun, Sep 29, 2019 at 4:35 PM John Young <jya at pipeline.com> wrote:
> NYTimes lengthy report on out of control growth of images

> https://www.nytimes.com/interactive/2019/09/28/us/child-sex-abuse.html
> Silicon Valley giants are pilloried for failing to bar abusers.

Not sure this is a cryptography topic except to law enforcement when
they cannot read computer
data that they think might be there and track contacts trees down.
Since companies have privacy
liability encryption will continue to be a requirement as laptops are
constantly being stolen.

 I just watched the early episodes of "Unbelievable" on Netflix and am
reminded that there are multiple bad guys out there.
 It did incite anger here. So time for me to calm down.  You can hit
delete if the below reads like a fish flopping on the ice.

One part of this seems inside out ...
If they know of abusers then they can notify the "SV Giants" with a
lawful order to bar them from their platform.
Apparently they do know but lawful orders are lacking.
   "Last year, tech companies reported over 45 million online photos and videos"

The law does not allow a US company to take unilateral extra legal
action against anyone.
Vengeful tort law is expensive to the company.

It is also a global issue so there are multiple legal jurisdictions to address.
Privacy laws domestic and international effectively demand that
personal data be encrypted.
Timelines in the article go back to 1984...well before the first
iPhone.  That makes it hard
to focus on solutions for the now.

Federal funding for some of this is almost flat but arrests have
increased more but they do not follow that chart with
a spending increase goal.  Will 20% more money deliver 20% more
arrests and convictions or is the limitation
a quality of incriminating evidence issue.

If the "hash" matching tools that count things like this are not
sufficient for law enforcement
to prosecute then the hits are less worthy for a tech company to act on.
Reporting has increased dramatically but is this a measure of tool improvement,
hardware deployment and increased CPU time or is it something else?
We have discussed
the tools that are not true encryption hashes and in the end a human
must look and looking requires
a warrant in the US last I heard.

State and federal laws are not flat (equal) and the international
complications of the law are real.
The international election meddling is beyond the reach of our Justice
department.  That needs
addressing too.

I suspect all missing children are not all involved in digital image
crimes but the "International Center for
Missing and Exploited Children" adds their real problem and child
counts to this article...

A real  quandary is I am not involved in this and thus have no clue
how to craft tools or laws to
address this issue.  If nothing else the "most of us are good" bit is
a very limiting factor
for discovering solutions.

Digital imaging is ubiquitous.  Old images are unlikely to vanish and
new ones will accrete to the pile.
Is local digital storage the fuel for growth or is it cloud or deskside storage.
The iPhone 4: 8, 16, or 32GB flash memory,  iPhone 7:  32, 128, or 256 GB
and the iPhone 11 Capacity 64GB 128GB  256GB
Moto Z (Droid) micro SD Up to 2 TB

Difficult... topic

          T o m    M i t c h e l l ( o n   N i f t y E g g )

More information about the cryptography mailing list