Coding to training: Philippines tackles online child sexual abuse
MANILA – Inside an unmarked building in a Manila business district, a war is being waged 24/7 against dark and mostly hidden crimes — the online sexual abuse and exploitation of children.
Here, a system developed by cybersecurity experts at PLDT — the Philippines’ largest telecommunications company — is blocking millions of attempts by subscribers to access child sexual abuse material every day.
Since last November, PLDT has blocked more than 1.3 billion attempts to access such material with its pioneering child protection platform, a system that checks user searches against a vault of known web addresses hosting sexually abusive content.
“It’s a lot, it’s worrying,” PLDT chief information security officer Angel Redoble said. “We don’t know how fast the enemies are getting better. We must cope daily.”
The Philippines was named the world’s top source of online child sexual exploitation content in a 2020 study by the International Justice Mission, a U.S.-based nongovernmental organization working against sex trafficking and exploitation.
According to the study, endemic poverty is helping drive a surge in abuse in the Philippines, where about 20 million of the 115 million population live below the poverty line.
An estimated 2 million Filipino children have been victims of online sexual abuse and exploitation, according to a study led by UNICEF published last year.
The country’s justice ministry has told telecommunication companies and internet service providers to inform law enforcement agencies of child sexual abuse material and update their technology to block it, or face prosecution.
But data privacy laws in the Philippines limit what internet service providers can access — they can see a user’s search activity, but are not allowed to monitor individual users or their communications.
Tech experts fear the data protection laws could unintentionally shield some crimes, such as online child sexual exploitation.
Borderless crime
The International Justice Mission said online child sexual exploitation was a “fast-growing, borderless crime,” and that perpetrators in Western countries lured Filipinos to sexually abuse children and offer images or videos of the exploitation online.
Livestreaming is believed to be more prevalent in the Philippines than in other countries, it said, due to cheap internet access, robust money transfer infrastructure, widespread English-language proficiency and the country’s reputation as a sex trafficking hub.
Philippines telecoms companies and internet service providers are currently unable to block livestreamed content.
The Britain-based Internet Watch Foundation, a technology-led child protection group, said abused children and criminals were often in different parts of the world.
“It may surprise you, but Europe is by far and away the worst place for hosting this material,” said the foundation’s press manager, Josh Thomas.
As the COVID-19 pandemic pushed more Filipinos into poverty, the country saw a 260% increase in reports of online sexual exploitation between 2019 and 2022, the Philippines Department of Justice said.
Role of tech companies
PLDT has been working on blocking child sexual abuse-related material since 2018, but back then it could only stop suspicious domains.
“We thought that to be able to block on a content level, we would violate privacy-related laws by sniffing through the traffic of our subscribers,” Redoble said.
The company built its own cybersecurity group, which came up with a method to screen for child sexual abuse material without violating data privacy laws. But it needed a way detect the offensive material.
Internet Watch Foundation analysts came to the group’s aid by assigning a unique “hash” — a kind of digital fingerprint — to items online confirmed to contain child sexual abuse.
“It’s a line of code which, crucially, cannot be reverse engineered to produce or access abuse imagery,” said Thomas.
The Internet Watch Foundation provides a hash list of confirmed child sexual abuse material for internet service providers to block. As of last month, PLDT had received more than 400,000 such codes from the foundation.
Thomas said blocking can “protect the victims of child sexual abuse from further victimization, protect internet users from seeing such images and prevent pedophiles from accessing this content online.”
The company’s top competitor, Globe Telecom, has also partnered with the foundation to boost online child protection.
In the first quarter of this year alone, Globe Telecom blocked more than 65,000 sites carrying child sexual abuse.
But because the crime is borderless, the Internet Watch Foundation and telecoms companies say blocking is only one way of fighting the abusive material.
“We must bring suspects to court,” said Redoble.
Holistic approach
Civil society organizations say the battle against child sexual abuse material must be waged within communities, especially in poor areas, where criminals, including parents, can prey on vulnerable children.
In Cebu province, international aid group Terre des Hommes Netherlands has partnered with the Bidlisiw Foundation, a local group fighting human trafficking, in a three-year online child safety program called Project SCROL.
Launched this year, the project aims to engage internet service providers, telecoms companies, money transfer agencies and tech companies to build a system for speedy access to justice, and reporting and referral pathways for victims of online child sexual exploitation.
It also operates in Cambodia, Nepal and Kenya.
“Telecoms companies have the technology and tools that we don’t have. But they lack influence on the ground, especially on local governments, enforcers, and households in spreading awareness,” said Judith Pulvera of Bidlisiw.
Project SCROL-trained staff work in schools and resorts in the tourist resort of Cebu to teach people how to spot the red flags of child sexual exploitation and report them to authorities.
The use of separate email accounts to send or receive money transfers from abroad, for example, could be one indicator of offenders attempting to hide their identity.
The project also provided digital training on child safeguarding and protection to law enforcers and front-line service providers for abused and vulnerable children.
Project SCROL also aims to aid the government in implementing laws to punish the abusers.
Last year, parliament passed a law that penalizes the production, distribution, possession and accessing of child sexual abuse material. It details the duties of internet service providers, content hosts, social networking sites and financial institutions to block the material.
For Redoble, the next goal should be “to create a cleaner cyberspace.”
He is proposing a “global chain of trust” among telecoms companies and internet service providers globally to wipe out, once and for all, harmful websites and domains that spread child sexual abuse online.
“When the environment is cleaner, it’s safer, especially for women and children,” Redoble said.