“The State of the Net”

 

Last week I attended the “State of the Net” conference in not-so-snow-bound Washington DC. It’s the first one of these  now annual events I have been to and I would definitely like to go again. There was a stunning array of speakers drawn from politics,  regulators, journalism, geeks, academics, advocates, lobbyists, and entrepreneurs.  I managed to sit in on all the plenary sessions and learned a lot of new stuff,  some of which  I will tell you about here. However, obviously,  since I was on a panel I couldn’t attend all the break outs so this is not going to be a comprehensive report of everything that happened. I believe if you go to the web site videos of each session are available.

The challenge of anonymity

By way of preamble, on the flight over I finished “The Dark Net” by Jamie Bartlett. It’s beautifully written and therefore easy to read.  As the title suggests the book is not exactly a detailed appraisal of all the positive things the internet has given the human race although Bartlett does, of course, allude to these.  That said I doubt you will find a better exposition anywhere of how some of the whackos, terrorists  and criminal fraternities of the world have flourished thanks to the creation of cyberspace.  Are such groups and individuals threatening civilization as we know it? Does the downside outweigh the upside of the internet? Definitely not, at least not yet. But anonymity through encryption are the keys to the success of these undesirable elements and while, right now, one might easily dismiss people’s anxieties as self-serving paranoia promoted by police and intelligence agencies it is nevertheless hard not to feel a mite unsettled about where it could all lead.  I mean if, 25 years ago, you had said that, one day in the not-too-distant-future,  videos of kittens dancing with each other would be readily available, simultaneously, on billions of screens in every country of the world, who would have believed you?

As Bartlett’s book reveals some (by no means all) of those pushing the anonymity/encryption agenda most vigorously have pretty near total contempt for western or indeed any other kind of democracy. It is a terrible conundrum.

How are we going to balance the legitimate uses of anonymity and encryption with the state’s primary obligation to protect its citizens, perhaps especially the weakest of its citizens, from evil doers?

The Rule of Law is what makes the modern world work in an acceptable way for the overwhelming majority of us but that concept implies at least the possibility that the laws which we are meant to live by can in fact be enforced as and when or if they need to be. The emergence of large scale encryption and anonymity threaten that idea. Incidentally, both in Bartlett’s book and at the “State of the Net” conference the role of BitCoin and other forms of  anonymous e-payments systems got a lot of coverage, illuminating both their potential for good but also the way in which they can play into substantial challenges to the continued existence of the Rule of Law and its constant companion, the (tenacious) Nation State.

Internet governance

Unsurprisingly, internet governance was a major theme throughout the day in DC. In particular the IANA transition came up a lot. This is about the US Government surrendering the last vestiges of  (potential) control of a key part of the technical infrastructure of the internet although, guess what? It is far from being a done deal. There are at least three different clouds on the IANA horizon:

  1. The US Congress may yet decide to legislate on this topic. Although such legislation could end up tying the hands of the Administration in any number of ways, including minimally, it is hard to imagine anything more destructive of the idea that the internet is now really a global medium  operating in a multistakeholder environment, serving no single country’s interests more than it does any other.
  2. Even if the transition goes ahead in the way many hope it will, as with the ICANN Affirmation of Commitments the agreement is likely to be justiciable only in US Courts and perhaps enforceable only by the US  Government should it later judge that the terms of the transition are not being honoured. Linked to this idea several opinions were aired about what should go into the putative transition agreement. It was suggested that certain red lines ought be drawn and locked in forever. This is just another way of saying that a lot internet activists/acolytes believe the rest of the world is not to be trusted to do the job right. Such an attitude is not calculated to win friends in the capital cities of other nations but that is clearly an unimportant detail for those whose life seems to be completely dedicated to keeping the internet the way it is today or, better still, the way  it was yesterday.
  3. There is a deadline for reaching agreement on the transition.  It is 30th September, 2015 – the date the existing IANA arrangements expire. If this slips, as seems quite likely at the moment because of uncertainties about the US’s  final position, this will be interpreted in “some quarters” (which I think is code for China, Russia, India, Brazil, Iran and their associates) as evidence of a lack of a serious intention on the part of the US authorities actually to allow the transition to proceed. That, in turn, will increase mistrust and hasten the  demise of the global internet. Apparently.

Internet governance, children and un-American activities

In my workshop, inter alia, there was a great deal of discussion about how, in essence, the internet had been constructed around a set of cultural and political assumptions which reflected the values and outlooks of those who first put it together and this was now causing inevitable tensions. Nobody should be surprised to discover that not everyone  shares the founders’assumptions. On the contrary they feel that, at any rate within their own jurisdictions, they have a perfect legal and moral right to do things their own way.  US/European hegemony is coming to an end in the world as a whole and in relation to the internet too. We just need to get used to it or find a way to accommodate it.

I made a sort of similar point in relation to the position of children and young people.  The shared cultural and political assumptions of those who built the internet and some of its leading companies reflect the values and outlooks of the (typically) well educated, nerdy adults, predominantly male computer and network engineers from the richer countries who were in the cyber vanguard.

In the early days kids simply didn’t feature. To the extent that anyone was aware of any possible issues  about minors being online they were considered not worthy of the attention of the mega brains who were focusing on changing the planet through technology. Kids were, are or ought to be the banal and trivial preoccupations of parents and schools, not “serious scientists” or, for that matter,  political campaigners intent on using the internet to overthrow (their version) of tyranny everywhere.

At that time children and young people were, indeed , literally  non-existent as internet users and for quite a while  they constituted only a small percentage of the total number. However, in the coming period all of the large scale growth in internet user numbers is going to take place in countries where the demography is completely different. Legal minors in some cases are about 50% of all the country’s inhabitants. This suggests the proportion of internet users who are kids may soon exceed 50% in those places. Yet if you survey the contemporary landscape of internet governance you would be hard pressed to find any recognition, much less acceptance of this fact.  

Your socks and your toothbrush 

Seemingly socks and toothbrushes are now on sale which can collect and broadcast data about what you are doing with  them and where you are doing it. Many of these “wearable” and personal  devices, one thinks of health and fitness trackers for example,  often come without any kind of screen which would allow the user to change the settings, at least not easily or rapidly but they are capable of amassing extremely intimate information about you, or your children.

Clearly there is a gigantic amount of work to be done to ensure consumers understand all this before they buy or use such products, but equally any business that collects and keeps these types of data has an enormous responsibility both to store it securely and use it properly. The  internet of things is finally here and it raises a whole new raft of concerns for all of us.

Posted in Consent, Default settings, E-commerce, ICANN, Internet governance, Privacy, Regulation, Self-regulation, Snowden

A different way of looking at things

 

A little while ago I attended  an extremely interesting symposium at the University of Aberystwyth. There were only a handful of people there whom I had met before. This was for the very good reason that, in the main, the participants whom I managed to hear were specialists in the field of international politics.  They really should get out more, by which I mean I greatly regret not having come across them before. Their take on the internet was breathtakingly  and refreshingly different. Maybe it’s me who should get out more?

A divine mystery

Of course it is foolish  to suggest there is or ever could be a single narrative which would fully explain the history of the internet, much less the nature of the challenges currently facing it but there is one which tends to dominate in many forums.  According to this view the internet is seen as having emerged from a form of techno Parthenogenesis, unsullied by any form of grubby intercourse with politics or politicians. The internet’s  midwives were drawn from a saintly elite  group of computer scientists who miraculously appeared from nowhere and the only hope for the  continued useful existence of cyberspace in the longer run is somehow to get back to  this (imagined but blissful)  prelapsarian idyll.

According to this version – more or less explicitly stated  depending on the speaker and the audience- worldly politics and in particular its most reviled form, “the state”, for which here, for these purposes, read the US Federal Government, played little or no part in anything of importance to do with the invention or development of the internet.

OK so maybe politics had a little bit to do with it

Yes, it is conceded the US Department of Defence provided key initial funding which really got things moving in the early days and, ok,  it is also true, they allow,  that for a while the US Government owned the domain name system and that it still exercises a degree of beyond the grave control through the Affirmation of Commitments and, well, it is acknowledged  IANA  has  still not transitioned, moreover if it does, as with ICANN, it will do so with tombstone strings attached.

All these  things are explained away, minimized or dismissed.  It’s almost as if there is a belief in certain quarters that the civil servants and US politicians who were responsible at different critical moments for the relevant areas of policy were simply being manipulated by the über smart geeks who were the only ones who knew what was truly going on.

This type of de haut en bas denial of the role of politics, which is almost invariably linked to an aggressively stated wish to keep things that way is infuriating.  It makes it extremely difficult to have an intellectually coherent or honest discussion about what is happening on Planet Earth and the part the internet plays in it. Yet it is a recurring theme that crops up constantly in many different sorts of discussions about one or other aspect of the internet and its associated technologies.

I once made a presentation at an IETF workshop that was establishing a new standard for collecting data through the browser about the physical location of devices connected to the internet.  It wasn’t true of everyone in the room but  a goodly proportion of those present were plainly disgusted by my invitation to them to consider some of the wider implications of what they had embarked upon.

That was so not their job, they said. This was a purely technical question and that was how it should be. They didn’t quite say  we are only following orders. Scrub that. A number of them did but, weirdly, they did so in a palpable fug of moral superiority because somehow this showed they worked on an entirely different and superior plane. In their book policy and politics were words with which no self-respecting geek should engage. Those were the concern of others, less fortunate than themselves.

A wider view

This is why people need to listen to or read more of the stuff being put about by the likes of Richard Beardsworth and  Madeline Carr (no relation) both of whom gave brilliant talks at the Aberystwyth Symposium. They locate discussions about internet governance in the context, for example, of the rising  economic, military and diplomatic power of China or the emergence of a multi-polar world where the Old Order  is having to face up to challenges posed by the emergence of new large players : think Brazil, India and so on.

Hilary Clinton was perhaps the most prominent public exponent of the notion of the internet as a technology with a political mission to change the world to make it, in her view, a better place. Lots of people will share her hopes in that regard but in so doing they cannot at the same time be disdainful of all the large and small “p” political baggage that goes with it.

Posted in Internet governance, Regulation, Self-regulation, Snowden, Uncategorized

Parallels from the world of football

Many years ago a major problem developed in England around the game of professional football, or “soccer” as it is known by some. Gangs of men, mainly younger men in their late teens or early twenties, started going to matches intent principally on fighting with supporters from the other side.  Their interest in the actual game appeared to be somewhere between minimal and non-existent. Violence is what attracted them.

While the fighting that took place in or around football grounds was assumed to be alcohol-fuelled it was otherwise thought to be largely spontaneous or opportunistic  in nature. Wrong.  Soon turned out much of it was planned and premeditated, and not infrequently the encounters were deliberately prearranged, if not quite choreographed by “crews” from both sides. Either way not only were a number of the combatants severely injured, sometimes killed, many perfectly innocent people  – including children and the elderly  – who happened to be in the wrong place at the wrong time –  could themselves get caught up on the periphery of it and be badly hurt or killed. If not that they were most certainly put in great fear for life and limb.

I speak from personal experience. It happened to me twice. Once at Tottenham and once in Sheffield. In the Sheffield case, moreover, I was nowhere near the ground when the incident took place. I was in a busy shopping precinct in the middle of the city. Suddenly a group of people ahead of me who were wearing my team’s colours were jumped on, rapidly scattering the terrified nearby shoppers and yours truly.

How many people were involved?

In total how many of these football hooligans were there in the country? I would be surprised if the number ever exceeded a few thousand against the several millions who used to go to games completely peaceably solely to enjoy the spectacle and to cheer on their local heroes.

Yet the impact of the thugs’ behaviour was enormous. It is the reason I pretty much stopped going to away games completely. Every away supporter – evidenced by wearing your team’s scarf or a hat or being with or near anyone who was – was viewed by the local police as a potential pugilist. You could be searched before you went into the ground or got on the coach to go to the game, your footwear might be carefully inspected, you would be locked into the stadium at the end of the game and forced to wait an hour or more before being allowed to go – escorted  and marshalled – to the train station or bus park for the journey back.

Disproportionate response?

Clubs started selling their allocation of away tickets to registered (identified)  members of their official supporters’ club and if, not having managed to obtain an away supporter’s ticket you nonetheless got into an away match and sat among the home supporters, woe betide you if you allowed your allegiances to become too boisterously or obviously known. You could be none-too-gently  thrown out on the spot. No appeal. No refund. We even got legal banning orders preventing named individuals from travelling  to domestic and overseas games. The level of evidence needed to justify a banning order was not high.

Was the reaction to football hooliganism reasonable and proportionate? As I recall many people thought not at the time. Was it inevitable? Absolutely. The political clamour for “something to be done” reached such a pitch (no pun intended) that politicians and the footballing authorities were obliged to be seen to act and there were a limited range of possibilities open to them.

Yet, perhaps against expectations the measures they took seem to have worked. There are still occasional outbreaks of  violence linked to football games but they are comparatively rare and isolated, definitely not on anything like the scale they were before. We have become accustomed to the indignities and inconvenience  now associated with attending live games (where large police horses  loom with riders dressed like Captain America atop), but I guess we have accepted all this because we know we live in a world where not everyone shares our cultural assumptions about the unacceptability of violence

The similarities

In the wake of the Paris massacres as the debate about the state’s powers to engage in greater scrutiny of internet based communications begins again the parallels are not difficult to discern.

But here’s the thing. I cannot instantly recall an occasion where any proposed new security-oriented measures that have emanated from the state or any of its agencies (or sometimes even from children’s organizations) have not been met with initial resistance, often intemperately expressed or rubbished to put it slightly differently. In an industry that prides itself on the speed at which it can innovate it is surprising how reluctant firms can be to try something new, especially if it wasn’t their idea to begin with.

Maybe that’s how it should be in matters of this kind. We don’t want our high tech industries or individual companies to become unwillingly (and definitely not covertly) co-opted into the apparatus of the state and the revelations stemming from the actions of Mr Snowden have certainly not helped engender an atmosphere of complete trust and transparency where areas of possible co-operation can easily be discussed by all of the parties. Yet two wrongs do not make a right. It would be a huge, strategic error for major industry players right now to pull up the drawbridge, maybe in the hope that the current storm will blow over. On the contrary they should be out there loudly and repeatedly reassuring us that they get it.

Otherwise, as reported in today’s Guardian we will only hear from the John Perry Barlowesque curmudgeons who always and predictably say “no and get lost you idiots” before retreating back into their bubble.

The public needs to be reassured

Does this mean I agree with everything our Prime Minister or President Obama are reported as advocating? Almost certainly not but equally I sincerely hope it is not true that, as some are saying  “there is nothing anyone can do that will work to protect us from terrorist abuse of the internet”. If it is I fear many governments  in the democratic world will start to explore radical options which will diminish what the internet currently is or could become in the future. If there is sufficient political will genies can be put back inside bottles even if it means – expensively and over years – having to adapt the size and shape of the bottle itself. There are some things the public  will not tolerate indefinitely.

Right now the political heat is great and it wouldn’t take much more to tip it over into overwhelming. In the democracies at the end of the day politicians will just not be able to defend Silicon Valley’s last ditch. It is in all of our interests for there to be a highly visible effort made which unambiguously demonstrates that everyone concerned is going the extra mile to address the issues that Paris and other terrorist-related events have raised.

Posted in Default settings, Internet governance, Privacy, Regulation, Self-regulation, Snowden

The evidence continues to mount

A few years ago I met a really smart polymath by the name of Mary Sharpe.  She was the first person to introduce me to the idea of the “plasticity” of the human brain and how that plasticity means, inter alia, our grey matter gets rewired as a result of things we do, which includes what we look at.

Sharpe also explained it is good our brains work this way. It’s a big part of how we learn new stuff. The problem is not all “learning” is desirable, and that can be particularly the case if it becomes associated with certain kinds of highly pleasurable experiences e.g. involving  food, drugs or sex. In some it can lead to addictions including different sorts of  paraphilias.

Important parts of young people’s brains do not complete their development until they reach their 20s

Younger people can be specially susceptible because those parts of the brain which deal with, for example,  impulse control are among the last to  complete their development (who knew?). Indeed sections of the human brain only become fully mature physically when we reach our early to mid-20s. Thus particular types of “learning” among the young can be the polar opposite of good and this was an area where Sharpe  was, er, at her absolute sharpest.

Influences on male behaviour

Wind forward several years.  It’s December, 2014. In the Archives of Sexual Behaviour, a respected peer-review journal, an article appears under  the not-terribly-appealing title of Pornography and the Male Sexual Script : An Analysis of Consumption and Sexual Relations.

In the abstract we find the following

Cognitive script theory argues media scripts create a readily accessible heuristic model for decision-making.

For those of us not immediately familiar with heuristic models for decision-making the article goes on to explain

The more a user watches a particular media script, the more embedded those codes of behavior become in their worldview and the more likely they are to use those scripts to act upon real life experiences.

Sounds sensible, even logical. Now think about some of the material that is instantly and always available online to anyone and everyone, including children as  young as six.

We are talking about material that is a million miles away from a Playboy centrefold or What the Window Cleaner Saw.  And whereas in previous years – pre-internet years – pornography was always around and available it was on an incomparably smaller scale and the terms of engagement were completely different.

Chimes with other findings

The article in the Archives of Sexual Behavior also resonated with some of the messages that came out of Beeban Kidron’s excellent movie  In Real Life where both boys and girls spoke about how internet porn was shaping expectations of what real world sex was supposed to be, and what they had to say about that was far from reassuring.

In addition the Archives article reminded me of a presentation I heard recently at a fantastic conference  in Winnipeg, organized by Beyond Borders, the Canadian chapter of ECPAT International. One of the keynote speakers was a  23 year old man from Texas named Gabriel Deem. He told us how he started looking at porn on the internet when he was about 11  and ended up in his late teens with no real life sex  at all  due to what he called “pornography induced erectile dysfunction”.

I make no claim to understand the science behind Gabriel’s story but his account of how he confronted his discovered problem and got back on track spoke of something authentic and serious which merits closer examination and again echoes both with In Real Life and similar accounts one hears from psychiatrists,  therapists and counsellors who describe some of the issues they are now having to deal with in their consulting rooms every day where the internet and porn are recurring themes in their patients’ troubled lives. If ever there was a reason to evoke the precautionary principle surely this it?

A lesson from the past

In April 1974 the authoritarian  Caetano regime in Portugal was finally overthrown in a coup that was led by left leaning army officers. When the summer holidays arrived that year lots of us made a beeline for Lisbon – it was irresistibly convenient having an actual revolution almost in your back yard. We went to see if we could learn from and drink up any of the revolutionary atmosphere which soon started to stalk the streets of our oldest ally. Among the many astonishing sights that greeted me  when I arrived in the Portuguese capital was how much porn was plastered about the place.  Every other shop window seemed to carry some, or that’s how it felt.

Because porn had been so severely restricted by the ancien regime it was almost as if making it  much more easily available was solid evidence that the nation was somehow free at last. Eventually the Portuguese relented on this unthinking libertarianism.

There is no doubt that over the years censorship  – particularly in relation to matters sexual – has gained a bad reputation and most of us instinctively and rightly react against it but it is just sloppy thinking of an inordinately unintelligent kind to leap from one premise to the conclusion that any and all forms of limitations on porn must be wrong.

Must do better

Such is not the view we have taken hitherto in the UK and in most other countries where in the real world there are quite strict but nonetheless widely accepted rules governing access to porn by legal minors. However, today for all practical purposes the porn industry is almost entirely an online industry, so unless we say we are prepared to give up trying to limit access to  porn by kids we have to find better ways than those available now in most countries of the world.

This is less of a pressing issue in the UK because we we are in the middle of a large scale experiment in which the mobile networks, the WiFi providers and the ISPs are trialing one possible  approach to restricting kids’ access to online porn, using filters, but the banks and credit card companies could add their  considerable weight to the effort by refusing to provide services to any web site that does not have  a robust age verification mechanism in place. Web hosting companies and others providing ancillary services could do likewse.

 

 

 

 

Posted in Age verification, Default settings, E-commerce, Internet governance, Pornography, Privacy, Regulation, Self-regulation

More light shines on social network sites

An excellent report came out late last week.  The project behind the production of the report was led by the  NSPCC and Mumsnet with Professor Sonia Livingstone acting as an adviser. The release of the report was timed to coincide with the launch of a campaign called “Share Aware – help your child stay safe on social networks”

The campaign launch in turn was supported by the release of  three interesting, new and useful resources:

  • a guidance note addressed to parents  of eight to 12 year olds briefing them on the shortcomings and strengths of a number of different social networking platforms, and providing useful talking points to help parents get the right kind of conversation started with their kids
  • two cartoon videos – one with a girl character in the lead and one with a boy - warning about the dangers of making and sharing inappropriate material
  • research findings detailing the views of nearly 2,000 youngsters  on the social networking sites that were looked at in the course of the research  and disclosing, for example that 1 in 20  5 – 7 year olds who go online  have a social network profile, as do 1 in 5  8- 11 year olds  and 7 out of 10  12-15 year olds.

Sonia Livingstone has written a great commentary on the research. I  doubt I can improve upon it  so I won’t try. For me one of the more important takeaways  was just how little parents knew about the range and variety of social networking platforms that are now available online. Facebook is not the only one and some of the web sites that are out there in this space and are used by  many children really do need to sharpen up their act or leave the business altogether.

The internet is here to stay. It is inextricably linked to the warp and weft of 21st Century living. Finding new and better way of reaching out to parents to help them help their kids deal with it remains one of the greatest challenges facing all of us who work in this area.

Neither is it safe to assume that this is simply a temporary or transitional phase we are going through. When today’s net savvy youngsters become parents  they’ ll know exactly what to do to make sure their kids are ok online. Wrong. If you have not learned how to ride a bike yourself you can never really teach anyone else how to do it.

 

Posted in Age verification, Default settings, E-commerce, Facebook, Regulation, Self-regulation

A big step forward

 

Last month the UK Government organized a conference under the banner of “We Protect children online”.   Some of the decisions taken  or announced at  it promise to deliver a step change in the global fight against several different types of child abuse.

The formally agreed outcomes were contained in a series of published statements but presumably a full report of the whole event will eventually be made available. Let’s hope so because there was a great deal of rich detail in many of the presentations. However, in the meantime, from my perspective there were several major elements which provide the foundation for my optimism about what  is going to happen next.

High level engagement  

Over 50 national governments from all corners of the planet were represented by Ministers or top level officials.  23 leading technology companies sent senior people.

Law enforcement was there in strength. The Philippines was not alone in including operational police officers as part of their delegation. They were able to speak eloquently and with great feeling about a number of the horrendous cases they have had to deal with involving the live streaming of child sex abuse.  Such grass roots  voices were complemented by global  big hitters from the likes of INTERPOL, the UNODC , the US Department of Justice and our own National Crime Agency (NCA), where CEOP is now a separate Command.

Nine NGOs or international NGOs attended the conference. Several were given speaking slots to talk about their current work and their hopes and vision for the future.

UNICEF and a Global Fund

One of the most dramatic, radical and promising announcements concerned  UNICEF.  British Prime Minister Cameron revealed his Government had proposed that a Global Fund be established to help in the fight against child abuse. He went on to say UNICEF had been asked to administer it. The UK started the money ball rolling with a donation of £50 million over five years.

In recent years UNICEF has become fully engaged with cyberspace both as a source of tremendous opportunities for children and young people but also as a place of dangers which must be addressed. Thus, while the Fund’s terms of reference  have yet to be finalised it seems clear it will support a broad range of child welfare programmes and research not just ones concerned with online child protection.

As if to underline this point, speaking at the conference Secretary of State for International Development, Justine Greening MP, announced that the UK Government’s first £10 million was coming out of her Departmental budget. That said, given the genesis of the conference it would be surprising if online child protection issues did not figure large and early in the work  that is supported by the Fund.

Seemingly there is an intention to extend the Fund beyond £50 million by seeking donations from other Governments and organizations. Let’s hope that works. In the small bit of the universe  I occupy £50 million is a mind-boggling sum. If it gets any larger I may blow a gasket.

High Tech companies roll up their sleeves

Last year Google announced a series of changes to prevent images, videos and peer-to-peer links to child abuse material from appearing in connection with more than 100,000 unique searches associated with child sexual abuse terms. At the conference a Google spokesperson was able to tell us that this has now been implemented in all 40 languages in which the company operates.

Google also launched a deterrent campaign to show warning messages both from themselves and from child safety organisations for more than 13,000 unique search terms.

Since making these adjustments  Google said it had observed a 20% drop in the number of attempts being made to locate paedophilic or child abuse content through their search engine.

In respect of Bing, Microsoft’s lexicon of paedophilic  search terms is being extended – according to one source by “tens of thousands” of words or expressions, none of which will return any child abuse results at all. When people do search for such things they will instead be confronted with pages warning them off, telling them they’re breaking the law.

Google also announced that it had struck up a partnership with Yahoo to develop and test a video equivalent of Microsoft’s PhotoDNA. This would facilitate the creation of  a database of hashes of video content, making it easier for child abuse videos to be identified and either deleted more swiftly or prevented from being uploaded in the first place. In addition and crucially the  new database will also  help save a great deal of police time by eliminating wasteful duplication of investigative effort.

Microsoft, Google and Mozilla (owners of Firefox) announced their intention to work together to see what can be done at the level of the browser to restrict the use of torrent URLs as pathways to child abuse images.

Beyond that, an industry based “We Protect” working group is continuing to meet to develop a range of online child protection ideas that, prior to the conference, they have been considering either collectively or as individual companies.

 The Spooks  and cops get together

The Prime Minister has spoken before about how the UK’s major electronic surveillance agency, GCHQ could contribute its skills and knowledge to the fight against online child abuse. At the conference he went a step further by announcing the creation of new joint unit consisting of GCHQ and the NCA. It will be particularly targeting paedophiles  operating on the Darknet.

An extra £10 million was also promised to the NCA for next year to create further specialist online child sexual abuse teams focusing on the worst offenders.

There was news on progress with the creation within the UK of a single secure database of child abuse images – the Child Abuse Image Database (CAID). This has the potential to help UK law enforcement improve and speed up their investigations into online crimes against children.

Ultimately the aim is for CAID to be linked to or synchronised with the global images database that INTERPOL is working on. Moreover all this is against a background of 41 nations attending the conference agreeing to create their own national images databases which, presumably, as with the UK, will be INTERPOL-linked and compatible. Really important stuff.

New laws for the UK

Early last year the Government announced its intention to outlaw the possession of paedophile manuals – disgusting documents which provide like minded individuals with information about how to locate and sexually abuse children while minimizing the risk of being caught and prosecuted. At the conference the Prime Minister reminded us that the necessary provisions to  achieve this had been included in clause 66 of the Serious Crime Bill currently before Parliament.  Mr Cameron also disclosed that the Government was now proposing to insert additional clauses to the same Bill  because, as he put it

We’ve seen an increasing and alarming phenomenon of paedophiles contacting children online over the internet or on their mobile phone. ….there can be no grey areas here. If you ask a child to take their clothes off and send you a picture, you are as guilty as if you did that in person. So we’re going to change the law. This will make clear this type of behaviour is a crime…..

The IWF reports

Historically the IWF was theoretically in the rather peculiar position of having to wait for a member of the public to make a report to them before they could investigate to determine whether or not a given image was illegal and then, if it was, start the process of getting it deleted or put on a block list.  In April, 2014, the IWF acquired new powers to begin proactively looking for child abuse material on the internet.  At the conference the IWF announced  that since April

The total number of  URLs assessed as child sexual abuse and actioned for removal is 27,850. This is an increase of 109% on the previous year, and that was then with a month still to run before the year ended.

By taking this one “simple” step the IWF  reminds us that the  traditional approach of many hotlines is just not up to the needs of the moment. 

Monitoring progress

Maybe this is something that will emerge under the umbrella of the new fund UNICEF is administering but one way or the other it is important that a mechanism is established which will allow all of us to monitor the concrete achievements of the London conference, either on its own or perhaps better still by also tying up with the associated activities of the Global Alliance. The UK is a strong supporter of and participant in the Global Alliance so that would make sense.

In that connection it was very encouraging to hear that the United Arab Emirates has already made a bid to hold a follow up conference in roughly 12 months time. Were that to be agreed everyone would be on notice that our collective and individual efforts would be up for  further public discussion and evaluation. All of the companies I spoke to seemed perfectly relaxed  about such an idea. They are used to it now- and if they are  relaxed then everyone else should be too.

 A new global imperative

In her speech at the conference, Dorothy Rozga, Executive Director of ECPAT International, inter alia, made a plea for more and better data about how the world is faring in the fight against online child sexual abuse.

Arguing that what gets measured gets done Rozga pinpointed a singular set of numbers which are either already available but not published, or could be got together with a modicum of effort.

INTERPOL and other police agencies have databases containing huge quantities of child abuse images.

Information about the overall volumes of images being circulated online either globally or within specific countries tells you something but not necessarily very much.

What probably matters a lot more is to know how many individual children are being depicted within the images which have been seized by or are in the possession of  law enforcement agencies.

In other words we are asking to be told the total numbers of children who have been sexually abused in such a way that the abuse led to a video or still image of it appearing online. Of course this will not tell us about the sum total of all sexual abuse being perpetrated against children but it will give us a handle on an important aspect of it.

Of the individually identified children, how many children have been located in real life, at least in terms of determining the jurisdiction where the abuse took place or, if it is different, the current location of the child?  Of these identified children how many have been fortunate enough to be traced and contacted by an appropriate law enforcement or child welfare agency?

Now we all know that a large proportion of online child abuse images circulating on the internet today were created many years ago – as far back as the 1960s. Equally we know that some countries are going to be far better placed than others to act in this space so it may be that, unless handled with care, publication of these sorts of data could stimulate unfair criticism of some police forces and governments but as Rozga argued, while few indicators are ever completely perfect one thing is for sure: the absence of them poses a much greater threat. An overriding concern here must be to shine a bigger and better light on the problem so that the public, politicians and policy makers are better informed.

Precisely for that reason Rozga put the case for publishing the fullest possible data set but acknowledged that what may matter more is seeing how, going forward, the numbers change over time.

If the number of children appearing for the first time in new child abuse images continues to grow then we  may all need to look again at  the preventative work we are doing although in reality, in the early years, as such a new indicator gains in international recognition and acceptance, as awareness of it grows, the chances are more cases will  start to be reported and recorded without there  necessarily having been any increase in instances of abuse. Improved reporting does not mean there is more offending. This is a familiar problem that statisticians have to grapple with in many areas of research. It is not a reason for refusing to collect and publish the data.

The number of children being seen for the first time in images but remaining unidentified and uncontacted  by police or child protection agencies will be a potent indicator. Over the years if the number continues to move up it should trigger action and the rate of growth or change in the number will give us a steer in relation to the scale of the action or response needed.

If the child protection community – indeed if the general public, the voters, do not have reliable information about how well or otherwise we are doing in trying to combat these horrific crimes against children we are all being deprived of a vital tool which ought to be shaping key policy decisions. Elsewhere that would be called a “democratic deficit”. When it comes to the protection of children it is completely unacceptable.

 

 

 

 

 

 

Posted in Child abuse images, Internet governance, Privacy, Regulation, Self-regulation

A bad day for the TOR network

The onion router, often referred to simply as “TOR”, has many legitimate uses but the way in which it seems to have become core to so many unsavoury, dangerous and illegal online activities is giving lots of us reasons to reflect on how we do a number of  things in cyberspace. In the case of TOR it’s all the more bizarre when one recalls that almost everyone involved in developing it was (or is) funded by the US Government.

Initially TOR probably became best known to the wider public for being one of the principal ways in which criminal gangs facilitated copyright theft, the sale of illegal drugs and the supply of fake pharmaceuticals. More recently, TOR has become identified with attempts by Jihadists to recruit new killers and raise funds to make it possible for them to murder more people. And now we see yet another twist in the unlovely story.

Over the Christmas period a talk given by Dr Gareth Owen of the University of Portsmouth at the 31st Chaos Communications Congress received a great deal of media coverage. This is what Dr Owen says his study did

We collected data on Darknet web sites (Hidden Services offering a web page) and measured the number of requests for each site and a total count of the number of sites….. the data does not reflect information on Tor as a whole: only the hidden services part. What proportion of Tor traffic is Hidden Service/Darknet traffic is an open question and although the Tor Project have done some research on this and estimate it at being a few percent, their data is over a very short period and it isn’t safe to rely on this figure.

So, noting the caveats what did Dr Owen observe was happening on or through these hidden services?

Most traffic to sites hidden on the Tor network go to those dealing in images of child sexual abuse.

Although there was plenty of evidence of drug-related activity,  copyright theft and frauds of various kinds a staggering 75% of the traffic seen in the study ended up at child abuse web sites.

Nobody is arguing that Dr Owen’s study is definitive or final but it chimes both with other findings or assessments and with many people’s suspicions.

Any discussion about what can and should be done about the Darknet  or about online anonymity more generally poses profoundly difficult questions. For all our sakes, for the sake of preserving so much that is truly valuable and life enhancing about the internet, we need to find answers. It’s urgent. The whole edifice is creaking at the seams.

Posted in Child abuse images, Internet governance, Privacy, Regulation, Self-regulation, Snowden