In the USA, providers have the legal duty to report to the National Centre for Missing and Exploited Children (NCMEC) if they become aware of child sexual abuse images, videos or text present on their platforms. To comply, most providers scan their domains to detect child sexual abuse material (CSAM). NCMEC distributes referrals to the law enforcement agency (LEA) of the country of the reported user. In recent years, the number of NCMEC reports of online CSAM has increased rapidly to a volume too large for LEAs to process. The sheer volume of reports, that are labour intensive to process, leads to situations where reports are only reviewed superficially or not at all. This may result in urgent cases of child abuse not being addressed.
In 2019, almost 17 million reports, containing 70 million images and videos, were forwarded to LEAs for investigation. Although the report volume was lower than 2018, the number of images and videos contained in these reports increased significantly, as more providers began to report multiple files in one report. The 2020 numbers are not yet known. However, indicators are that the pandemic has caused a further increase in the prevalence of online CSAM.
In the beginning of 2018, ZiuZ and its partners, the Dutch and Belgian police, INHOPE, Web-IQ and DFKI, embarked on an ambitious project to create the AviaTor system, a system to facilitate LEAs to deal with this vast number of reports in an efficient and effective way. In the project, ZiuZ‘ focus was on the Visual Intelligence part, while Web-IQ created the Targeted Online Research. These two elements combined significantly improves the intelligence position of investigators while dealing with these reports and provides a means to prioritize reports to make sure the most important ones are handled first.
As of early 2020 and under the scientific guidance of DFKI, ZiuZ and Web-IQ have together released new versions of AviaTor once every three months, with release 5 being rolled out now. In addition to advanced matching of both images and videos and the collection of OSINT, this version contains the scheduled import of reports through NCMEC’s web API, an AI classifier to detect unknown CSAM, matching with INTERPOL’s ICSE hash list and advanced contact risk assessment.
Apart from the Dutch and Belgian police, nine additional LEAs have joined the project and are actively testing and using AviaTor. More are expected to onboard in the coming months.