ArticlePDF Available

Online Child Exploitation Material Trends and Emerging Issues: Research Report of the Australian National University Cybercrime Observatory with the input of the Office of the Childrenns eSafety Commissioner


Abstract and Figures

The purpose of this report is to provide an overview of three important areas for CEM: ❖ The relationship between online and offline offending; ❖ Horizon scanning - identifying emerging areas of CEM development; and ❖ Current regulatory, educational and collaborative approaches to combatting CEM Each section provides an overview of the issue and further analysis of other key areas identified during the research phase. At the conclusion of each section, a brief annotated bibliography is available to provide insight into which sources may be useful for further investigation. Information for this report was derived from various sources including but not limited to government agencies (national and international), non-governmental organisations, academic articles, law enforcement agencies, blogs, tech websites, product sites, online news articles and surveys. While investigating each area, the research team worked within the scope of online CEM and aimed to provide a succinct overview for each section by addressing some of the key points or emerging trends. Overall the research team found it challenging to identify information that could be verified by current research. This was particularly the case when analysing cutting edge or new technology and evaluating the effectiveness of current prevention approaches.
Content may be subject to copyright.
ANU Cybercrime Observatory
Report: Online Child Exploitation
Material Trends and Emerging
Research Report conducted by the
ANU Cybercrime Observatory for
the Office of the Children’s eSafety Commissioner
With the assistance of Sharon Trotter and Alastair McGibbon from the
Office of the Children’s eSafety Commissioner
Supervisor: Professor Roderic Broadhurst
We acknowledge the assistance of Matthew Musgrave and Lucienne Pratt
ANU Cybercrime Observatory
Authors: Donald Maxim, Stephanie Orlando & Katie Skinner
CONTENTS PAGE .................................................................................................................... 2
EXECUTIVE SUMMARY ........................................................................................................... 4
SECTION 1: Relationship Between Online and Offline Offending ..................................... 6
Online versus Offline Offenders: ................................................................................................ 6
Is there a ‘Profile’? ........................................................................................................................ 6
Causal Relationship Between Online and Offline Offending? ............................................... 7
Annotated Bibliography - Online vs. Offline Offenders ........................................................... 8
Further sources on Online and Offline Offenders: ....................................................... 10
SECTION 2: Emerging Issues in CEM ................................................................................. 11
LIVE STREAMING OF CEM ............................................................................................... 12
Technological Advances ............................................................................................................12
Payment Systems .......................................................................................................................12
Emerging areas in Live Streaming ...........................................................................................12
Annotated Bibliography Live Streaming of CEM ................................................................14
Further sources on webcam child sex exploitation trends: .......................................... 16
APPLICATIONS & ONLINE GAMING ................................................................................ 17
Indicators of emerging apps or games involved in CEM ......................................................17
Anonymity: .................................................................................................................... 17
Encryption ..................................................................................................................... 18
Demographics ............................................................................................................... 18
Desirability factors ......................................................................................................... 18
Location ......................................................................................................................... 18
‘Pokémon Go’ – In Focus ............................................................................................. 19
Application Screenshots ............................................................................................... 20
Annotated Bibliography - Applications & Online Gaming .....................................................24
Further sources on online gaming or apps: .................................................................. 26
USER GENERATED CONTENT ......................................................................................... 28
Sexting ..........................................................................................................................................28
Sexting & CEM ............................................................................................................................29
Social Media Engagement & CEM ...........................................................................................29
Emerging areas in user-generated material ...........................................................................30
‘Australian Schools Targeted in Pornography Ring’ - August 2016............................. 30
Annotated Bibliography - User-Generated Content ...............................................................31
DARKNET ............................................................................................................................ 35
Cryptocurrency ............................................................................................................................35
Horizon Scanning ........................................................................................................................36
Annotated Bibliography - Dark Net ...........................................................................................37
HACKING & PHISHING ...................................................................................................... 43
Zero Day Exploits designed to bypass passwords ................................................................43
Hacking Parental Intelligence Systems ........................................................................ 44
Spear Phishing Victims ................................................................................................. 45
Annotated Bibliography - Hacking & Phishing ........................................................................46
EMERGING TECHNOLOGIES............................................................................................ 50
Virtual Reality ...............................................................................................................................50
Accessibility to VR ......................................................................................................................51
Teledildonics and Interactive Virtual Reality Brothels .................................................. 52
Virtual Reality, Video Games & Simulated Sex............................................................ 55
Images of Virtual Reality Products ............................................................................... 56
Annotated Bibliography Virtual Reality .................................................................................57
SECTION 3: Regulatory, Educational and Collaborative Approaches to CEM .............. 62
REGULATORY APPROACHES ......................................................................................... 64
ISP Regulation .............................................................................................................................64
Social Media Regulation ............................................................................................................64
App Regulation ............................................................................................................................65
Parental controls .........................................................................................................................65
EDUCATIONAL APPROACHES ........................................................................................ 67
Online Safety Guides and Programs .......................................................................................67
Training Courses .........................................................................................................................68
COLLABORATIVE APPROACHES ................................................................................... 70
Hotlines .........................................................................................................................................70
National Centre for Missing and Exploited Children (NCMEC) ...........................................72
Child Rescue Coalition ...............................................................................................................73
Virtual Global Taskforce (VGT) .................................................................................................74
References - Regulatory & Educational Approaches ............................................................76
Educational Approaches Against CEM Websites ........................................................ 77
Collaboration Against CEM Websites .......................................................................... 77
Annotated Bibliography - Regulatory, Educational and Collaborative Approaches .........79
The ANU Cybercrime Observatory was tasked with developing a report regarding the
developments of online Child Exploitation Material (CEM). The purpose of this report is to
provide an overview of three important areas for CEM:
The relationship between online and offline offending;
Horizon scanning - identifying emerging areas of CEM development; and
Current regulatory, educational and collaborative approaches to combatting CEM
Each section provides an overview of the issue and further analysis of other key areas
identified during the research phase. At the conclusion of each section, a brief annotated
bibliography is available to provide insight into which sources may be useful for further
investigation. Information for this report was derived from various sources including but not
limited to government agencies (national and international), non-governmental
organisations, academic articles, law enforcement agencies, blogs, tech websites, product
sites, online news articles and surveys.
While investigating each area, the research team worked within the scope of online CEM
and aimed to provide a succinct overview for each section by addressing some of the key
points or emerging trends. Overall the research team found it challenging to identify
information that could be verified by current research. This was particularly the case when
analysing cutting edge or new technology and evaluating the effectiveness of current
prevention approaches.
The relationship between online and offline sexual offending is complex and
controversial. It is clear that research is lacking in this area and current research presents
insufficient evidence for establishing a causal relationship between online and offline
offending. In addition to addressing some of the methodological limitations of research in this
area, this section of the report addresses how the internet or technological advances (e.g.
Virtual Reality) may assist in the desistance of offending or exacerbate motivations to
commit real life offenses.
The second section presents several emerging issues in online CEM and aims to provide
a brief insight into the development of these areas. Topics include live streaming,
applications, online gaming, user-generated content, Darknet, hacking, phishing, emerging
technology and Virtual Reality (VR). Some of these concepts are traditional (e.g. user-
generated content) however it is the development of cyber and technology which frames
them as emerging issues. Other topics (e.g. live streaming or VR) present new, unique
challenges to combatting online CEM. Some topics include snapshots of current cases such
as the Australian schools involved in an online pornography website, and interactive VR
The final section discusses trends and effectiveness of current regulatory, educational,
and collaborative approaches to CEM. Regulatory methods include ISP and social media
regulation, parental control tools, and the potential for app regulation is also briefly
mentioned. Key educational approaches include online safety guides and training courses.
Collaborative prevention measures include hotlines, the National Centre for Missing and
Exploited Children (NCMEC), Child Rescue Coalition, and the Virtual Global Taskforce
(VGT). While these CEM prevention methods have made notable differences in
detection/removal of CEM, education of the public, generation of reports, self-reporting, and
tracking of child predators, their effectiveness remains empirically untested.
Challenges associated with the cyber sphere and the ‘Internet of Everything’ do not remain
static. The degree of facilitation (e.g. Virtual Private Networks, digital currency) and
convergence associated with online CEM are continuously evolving in step with changes in
technology. The rapid rate of change is the key challenge for the development of effective
prevention strategies. This was demonstrated while our research was underway. Innovation,
usually an adaptation of existing software or technology that was not initially present was
later identified as a key developing area in online CEM (e.g. Virtual Reality and software
applications). The Pokemon Go craze, which quickly attracted malware and grooming is a
good example of the misuse of a popular apps. The velocity and variety of new and
emerging risks with potential impact on online CEM will require, as a priority, the means to
monitor these developments.
The increase and rapid distribution of user-generated content is especially concerning. One
aspect, consensually shared or ‘stolen’ sexualized images has given rise to 'sextortion',
which can be propagated with the development of ‘apps’ that can inadvertently enhance and
facilitate online CEM. Equally concerning are the implications of Virtual Reality (VR). VR in
combination with teledildonics (or ‘cyberdildonics’ products designed to realise remote sex)
enables potential offenders to live out any of their sexual fantasies. The VR trend may
motivate offenders to seek on-line or off-line victims. The effects of VR on the conduct of
pedophiles remain unclear. We don’t know whether VR will placate desires or erode social
inhibitions. However, VR is likely to encourage some criminals to enhance their experience
by incorporating live streaming of child sex abuse with the tactile experiences promised by
such technologies. The prevention of online CEM depends entirely on knowing present and
emerging risks. Effective counter-measures include deep web surveillance of CEM
innovators, and the development of early warning systems, for example, SNS ‘swarm’
warning flags.
NOTE: Throughout the report the following acronyms and abbreviations will be used:
‘Child Exploitation’ (CE)
‘Child Exploitation Material’ (CEM)
‘Child Sexual Abuse Material’ (CSAM)
‘In Real Life’ (IRL)
‘Law Enforcement Agencies’ (LEA)
‘Virtual Reality’ (VR)
Non-Governmental Organisations (NGO’s)
SECTION 1: Relationship Between
Online and Offline Offending
The technological facilitation of criminal activity is a crucial development in the realm of child
exploitation, particularly regarding CEM production and distribution. The impact of the
internet on CEM is essentially derived from the three main perks of cyberspace;
accessibility, affordability, and anonymity (Corriveau & Greco, 2012). The logistical
implications of online CE activity include the ability for offenders to communicate with and
target victims more easily as well as quickly distribute CEM amongst others. Due to this shift
from offline to online offending, many of those involved in combating these crimes wish to
identify key differences between these types of offending and furthermore, whether the
presence of online CEM causes individuals to commit sexual offences against children IRL.
Although these research questions are valid and would provide valuable insight into how
online CEM could be reduced, current research is mixed. A major methodological
limitation is the difficulty involved in trying to distinguish individuals as ‘online’
versus ‘offline’ offenders as there tends to be significant overlap (Babchishin, Hanson &
Hermann, 2011). Furthermore, it is challenging to determine how an offender’s intent to
commit sexual offenses may be influenced by the presence of technology; that is, whether it
actually increases their motivations. There is insufficient evidence to suggest that the
internet causes sexual deviancy or that the availability of online CEM causes individuals to
sexually offend offline
Online versus Offline Offenders:
Despite insufficient evidence to support a causal relationship, various typologies for online
and offline sexual offenders have been developed in an attempt to clarify key differences
and similarities in their profiles and typical expected behaviours. Typologies are useful
since they allow for efficient assessments of how an individual is likely to behave
based on their motivations and intentions, however it should be emphasised that in the
case of online and offline sexual offenders there is no clear homogenous group (McGuire &
Dowling, 2013). Some typologies focus on motivations underlying the online offender’s
actions. For example, Webster et al. (2012) proposed that some offenders are ‘intimacy-
seeking’ and view their communication with children as a consenting relationship compared
to ‘hyper-sexualised’ offenders who quickly proceed with sexual communication. Other
typologies focus on the offender’s actions and distinguish between collection, distribution
and use of online child pornography or CEM (Corriveau & Greco, 2012). Although there are
several ways of differentiating online offenders both compared to each other and to offline
offenders, a major challenge in this research area is determining the difference between
offenders who use the internet as a means of achieving their goals (i.e. offline sexual abuse)
and those who use cyberspace to consume and engage in online CEM instead of IRL
Is there a ‘Profile’?
With thanks to Matthew Musgrave.
Current research does not support the notion of a specific ‘type’ or ‘profile’ of online
offenders, however meta-analysis research has found that offenders generally tend to be
Caucasian, young, single and unemployed compared to a general population
(Babchishin, 2011). In this analysis online offenders were found to be higher in sexual
deviancy, experience more psychological barriers to acting on these deviant interests and
also have greater victim empathy (Babchishin, et al., 2011). A possible explanation
regarding why online offenders do not act on their sexual deviant interests IRL is that they
wish to avoid the emotional connection or closeness associated with real-life relationships
and prefer to keep it distanced by using images or other material (Babchishin, et al., 2011).
Causal Relationship Between Online and Offline Offending?
As previously stated, determining causation between online and offline offending is complex
and fraught with methodological challenges. Current research is mixed; some articles
highlight disinhibiting effects of the internet arguing that it could facilitate offending
behaviour (McGuire & Dowling, 2013), while other findings support the notion that viewing
online child pornography reduces urges and provides a ‘safer’ outlet for individuals to
experience their deviant sexual interests (Corriveau & Greco, 2012).
An emerging trend in this research area is the application of virtual reality (VR)
technologies for the treatment of paedophiles. Naturally, it is a highly controversial topic and
does not receive support from all facets of scientific research but some argue that utilising
VR as a treatment option should be investigated as a viable method (Rutkin, 2016). In
August this year, the Massachusetts Institute of Technology Media Lab hosted a research
event where the use of VR technology for treatment was discussed among different scientific
panelists from engineering, psychology and health care research backgrounds. Although the
panel did not come to an agreement, interesting points were raised regarding the
effectiveness of VR on redirecting deviant sexual desires experienced by paedophiles
(Rutkin, 2016).
Babchishin et al.’s meta-analysis (2011) highlighted that offline offenders possess lower
victim empathy and higher cognitive distortions compared to online offenders. The
researchers argued that since online offenders have less cognitive distortions and
experience more psychological barriers to acting upon their deviant interests, they are less
likely to commit sexual offenses IRL (Babchishin, et al., 2011). In light of these findings and
the interest in VR treatment, it appears that the following outcomes are possible: VR indeed
helps treat online offenders by allowing them to overcome their deviant sexual desires in a
‘safe space’ without victimising children IRL; or VR has a disinhibiting effect on online
offenders, thus encouraging them to act out their deviant sexual desires IRL. There is
insufficient evidence to support or contradict the occurrence of either of these outcomes, but
it is certainly an area of emerging interest and concern.
Annotated Bibliography - Online vs. Offline Offenders
1. Corriveau, P., & Greco, C. (2012). Online Predators and Cyberspace. Media Kit
on Sexual Assault. Retrieved from
Patrice Corriveau and Christopher Greco from the Department of Criminology University
Ottawa outline some of the key points relating to online paedophilia and cyberspace,
including: what is online paedophilia, whether the internet encourages online paedophiles to
engage in sexual abuse, types of online paedophiles and online predators, the impact of the
internet on child pornography, prevalence of the problem, and the fight against online
paedophilia. The researchers state that it would be an exaggeration to claim that the internet
‘produces’ new sexual deviants and emphasises that there are many factors which
contribute to someone’s intentions to engage in paedophilic or sexual abuse behaviour. This
article is a useful starter resource to gain an understanding of the overall difficulty in defining
online versus offline offenders as well as the challenges associated with determining the
influence of the internet on online CEM.
2. Babchishin, K. M., Hanson, K. R., & Hermann, C. A. (2011). The
characteristics of online sex offenders: A meta-analysis. Sexual Abuse: A Journal
of Research and Treatment, 23, pp 92-123. Retrieved from
This meta-analysis examines the extent to which online and offline sexual offenders differ in
terms of demographics, characteristics and psychological variables. Although it is made
clear that there is no ‘one type’ of online offender, this analysis did find certain demographic
variables and psychological traits unique to the online offender. Most notable was that online
offenders were found to have greater victim empathy, greater sexual deviancy and lower
impression management. However, as with most meta-analyses, there are limitations to be
considered such as the difference between each study’s classification of offenders as online
or offline. These researchers highlight that there is not enough substantial evidence to argue
that online offenders are different to offline offenders. However this study does show that
future research in this area would be valuable, particularly in relation to how self-control
mechanisms function.
3. McGuire, M., & Dowling, S. (2013). Chapter 3: Cyber-enabled crimes - sexual
offending against children. In Cybercrime: A review of the evidence. Research
Report 75. pp.1- 25. Retrieved from
This review is provided by the British Home Office and highlights the key findings from
evidence regarding specific cyber-related issues including online grooming, CEM
development, characteristics of victims and offenders, and the scale of online grooming. The
authors clearly state that there is currently no evidence suggesting a clear homogenous
group of online offenders. Instead the paper emphasises the use of different categories to
analyse online offenders and their behaviour. The paper also address the concept of
causation and argues that a causal relationship between the internet, online offending and
offline offending cannot be clearly established. This review reports its findings in a clear and
concise manner, which makes it a valuable source when initiating research into this area.
4. Rutkin, A. (2016, August 2). Could sex robots and virtual reality treat
paedophilia? New Scientist. Retrieved from
This article discusses the possibility of Virtual Reality (VR) and sex robots being utilised as a
medically prescribed functional outlet for paedophiles. It is theorised that this treatment
would allow past offenders to reintegrate into society and would prevent non-offenders from
committing future offences. VR is currently being used to treat phobias, post-traumatic stress
disorder and schizophrenia. There are currently limited options for paedophiles beyond
cognitive behavioural therapies (CBT) and chemical castration. VR could potentially be used
in conjunction with CBT to help paedophiles develop empathy for their victims so they do not
reoffend. The use of a sex robot can also help with this experience. This article raises the
issue that there is extremely limited research of the effects of VR and robotics for
paedophilia. It is unknown whether the use of technology could help paedophiles control
their urges or if the use of technology would instead normalise their behaviour causing real
world offences.
Further sources on Online and Offline Offenders:
Babchishin, K.M., Hanson, R.K. & VanZuylen, H. (2015). Online Child Pornography
Offenders are Different: A Meta-analysis of the Characteristics of Online and Offline
Sex Offenders Against Children. Archives of Sexual Behavior, 44, pp.44-66. Retrieved
Balfe, M., Gallagher, B., Masson, H., Balfe, S., Brugha, R., & Hackett, S. (2015). Internet
Child Sex Offenders’ Concerns about Online Security and their Use of Identity
Protection Technologies: A Review. Child Abuse Review, 24, pp. 427439. Retrieved
Briggs, P., Simon, W. T., & Simonsen, S. (2010). An Exploratory Study of Internet-
Initiated Sexual Offenses and the Chat Room Sex Offender: Has the Internet Enabled a
New Typology of Sex Offender? Association for the Treatment of Sexual Abusers, XX(X).
pp.1-20. Retrieved from
Cohen-Almagor, R. (2013). Online Child Sex Offenders: Challenges and Counter-
Measures. The Howard Journal of Crime and Justice, 52, pp.190215. Retrieved from
Holt, T., Bossler A., & May, D. (2012). Low Self-Control, Deviant Peer Associations, and
Juvenile Cyberdeviance. American Journal of Criminal Justice, 37, pp. 378395. Retrieved
Long, M., Alison, L., & McManus, M. (2012). Child Pornography and Likelihood of
Contact Abuse: A Comparison Between Contact Child Sexual Offenders and
Noncontact Offenders. Sexual Abuse: A Journal of Research and Treatment, 25, pp. 370
395. Retrieved from
Martellozzo, E., Nehring D., & Taylor, H. (2010). Online child sexual abuse by female
offenders: An Exploratory study. International Journal of Cyber Criminology, 4, pp. 592-
609. Retrieved from
Seto, M. C., Hanson, R. K., & Babchishin, K. M. (in press). Contact sexual offending by
men arrested for child pornography offenses. Sexual Abuse: A Journal of Research and
Webster, S., Davidson, J., Bifulco, A., Gottschalk, P., Caretti, V. and Pham, T. (2012).
European Online Grooming Report. European Commission, Safer Internet Plus
Programme. pp. 1-152. Retrieved from
Ziyanak, S. (2014). Examining the Impact of Technology in the Formation of Deviance
and Social Control. International Journal of Humanities and Social Science, 4, pp. 207-210.
Retrieved from
SECTION 2: Emerging Issues in CEM
The following section presents current information and research on emerging areas related
to online Child Exploitation Material (CEM). Due to the nature of cyber and technological
developments, it should be understood that the topics presented are dynamic and
continually developing into new trends or other branches of emerging issues.
Live streaming of CEM has been trending in recent years, particularly due to the availability
of real-time technology which presents challenges for law enforcement agencies. The
proliferation of live streaming CEM is reliant upon technological advances, new payment
systems as well as the ability to customise one’s experience.
Applications (Apps) and online gaming are presenting new platforms for children and
youth to be victimised by online child exploitation. It is relatively easy for offenders to make
contact with potential victims through communication apps as well as communicating
through online gaming chat platforms. Although a myriad of apps are developed each day,
some of the common key indicators, which demonstrate a vulnerability for children to be
victimised, are discussed along with screenshots of such apps. A brief review of the trending
app, Pokémon Go, and how it or similar apps may be implicated in online CEM is also
User-generated content, particularly the act of ‘sexting’, is not an emerging trend. However
newer forms of user-generated CEM such as ‘sextortion’ (e.g. derived from sexting) and
unintentional posting of content to social media platforms (e.g. parents posting content to
social media accounts) are proving to be more popular and provide more content for
As far as creating and distributing online CEM, the Darknet remains one the major platforms
used by online offenders due to its encryption and digital anonymity services. It is predicted
that the darknet will continue to be used as one of the main methods to communicate and
distribute content despite LEA efforts to deanonymize the network or uncover users true IP
addresses using malware products.
Certain types of cybercrime are likely to become more involved in the production and
distribution of online CEM, especially Hacking and Phishing. This section discusses how
the hacking of big data apps and particular websites provides hackers with plenty of content
(e.g. personal images or online conversations) to sell and distribute to others through online
platforms (i.e. the Darknet). Young people are placed at risk if they divulge personal
information or private images or videos through these apps and websites, since they lose
control of the content once it has been sent or uploaded. Phishing and spearphishing are
also predicted to become more relevant to online CEM. Offenders can pretend to offer
support to CEM victims by masquerading as online vigilantes (e.g. Anonymous) and may
then convince them to share explicit content with the goal of exploiting the victim further.
Spearphishing is likely to become a popular trend for offenders as they tailor their
communications to manipulate and exploit particular victims for information or content.
This section will conclude with an overview of what type of Emerging Technology is
particularly relevant for online CEM. Virtual Reality (VR) is discussed further in relation to
how its online and tech developments are likely to be implicated in the propagation of online
CEM. From another perspective, developments in VR are discussed in regards to the
treatment of online sexual offenders.
The presence of live streaming as a form of producing and consuming online CEM has been
identified in the literature as an established trend, especially in developing countries (Child
Exploitation and Online Protection Centre [CEOP], 2013; Dingle, 2014). Live streaming
involves the production and subsequent sharing of images or videos, often depicting
child abuse scenes (CEOP, 2013; Europol, 2013). Due to its clandestine nature, it is
difficult to ascertain specific details regarding its prevalence. Intelligence gathered from
international agencies has identified that live streaming often targets vulnerable families in
developing countries and is often linked to organised crime groups (CEOP, 2013). The
combination of increasing high-speed internet and poverty creates a situation where families
will provide access to children (via webcam) in return for payment (CEOP, 2013; Dingle,
The demand for new material and a customised experience is crucial in understanding why
live streaming is popular. This is highlighted in a particular case whereby a perpetrator
ordered live streaming of child sexual abuse in a South-Eastern Asian country, paying
approximately 25-30 USD for 30 minute streams and an annual fee for images (Europol,
2013). Furthermore, the demand for new material is reflected in the prices of new, on-
demand material (e.g. live streaming or video files) as they are significantly more expensive
compared to dated or generic material (Europol, 2013). Perpetrators and producers avoid
detection by conducting multiple payments of smaller amounts, so as not to arouse
suspicion of monitoring programs run by financial institutions (Europol, 2013; EFC Strategic
Assessment, 2014)
Technological Advances
Technological advances prove to be a challenge in terms apprehending and prosecuting
offenders. This is especially relevant for live streaming offences as it takes place in ‘real-
time’, does not require the offender to store the material and is difficult for law enforcement
agencies to identify digital-evidence (Europol, 2013; Thorn, 2016). Furthermore, the act of
solely ‘viewing’ streamed material (not storing it) may not necessarily fulfil the legislative
requirements of ‘possession or production’ of CEM material in all jurisdictions (Europol,
Payment Systems
Developments in payment systems have also been found to facilitate the live streaming
market (Europol, 2013). Alternate payment systems such as the digital currency, Bitcoin,
enable consumers to remain relatively anonymous in their purchases and bypasses
compliance rules regarding identifying parties in transactions (Europol, 2013). Bitcoin and
other emerging digital currencies are likely to facilitate the growth and spread of live
streaming or online CEM more generally.
Emerging areas in Live Streaming
It is important to understand that live streaming of child sexual abuse continues to
grow and evolve. Currently there are cases of perpetrators requesting child sexual
abuse ‘on-demand’ and with the increase of global high speed internet coverage, this
will likely result in growth of live streaming activities (IOCTA, 2015) as well as easier
access to the material (victims). The ability to customise one’s experience is
highly valued as demonstrated by higher prices for on-demand abuse. As
technology evolves, the ability to request almost instantaneous, customised material
will be prominent.
Developments in alternate payment systems are likely to influence the way live
streaming is accessed and purchased (IOCTA, 2015). For example the introduction
of decentralised streaming services with a pay-as-you-go system (e.g.
‘streamium’) would allow perpetrators to immediately access the live stream and
directly pay for as much as they want, without the hassle of conducting transactions
through a third party (OConnell, 2015).
Furthermore, the threat that a certain type of material or mode of delivery (i.e. live
streaming of the child sexual abuse) may not be ‘enough’ for the perpetrators could
lead them to seek more realistic settings. In this case, live streaming could potentially
influence the child sex tourism trade as it may encourage perpetrators to take it
‘one-step further’ and physically visit victims they have been accessing online.
Although this is yet to be shown in analysis of the current online CEM landscape, it is
worth monitoring as Australian citizens are travelling overseas, particularly South-
East Asia, to take part in child sex offences (Australian Federal Police [AFP], 2015).
Annotated Bibliography Live Streaming of CEM
1. Australian Federal Police [APF]. (2015). Annual Report 2014-15,
Commonwealth of Australia, Canberra. Retrieved from:
The AFP Annual Report provides an overview of how the AFP has tracked over the most
recent year. It presents an overview of the various roles within the AFP, performance
overseas for each area, information regarding their accountability and governance as well as
financial statements. The most relevant section for the current report is the ‘Crime
Program’ section which highlights various operations involving the AFP both domestically
and internationally. Particularly relevant is an operation which combats sex offenders in the
Southeast Asia region. It is explained that this region is a preferred area for Australian sex
offenders as they will travel there to commit offences and the crime is underreported. The
annual report recognises that both the online and real world child sexual abuses are
becoming more intertwined which suggests online CEM is propagating the child sex tourism
trade. The source provides an in depth analysis of the AFP and their operations and should
be referred to for further information on how Australian LEAs currently approach the online
CEM issue.
2. Child Exploitation and Online Protection Centre [CEOP]. (2013, February 4).
Alarming New Trends in Online Sexual Abuse. Retrieved from
This article briefly outlines some common factors associated with children’s online
vulnerability in regards to the risk of online sexual abuse. These factors include social
influences such as parent/carer involvement in the child’s online presence, personal issues,
social isolation and risk taking behaviours. The article specifically referred to an investigation
headed by the CEOP (‘Operation Hattie’) in which two brothers from Kuwait targeted 110
children across the globe, forcing them to perform online sexual acts. The article also
discusses the increasing use of smartphones with built-in cameras and how this has
facilitated the sharing of indecent images or videos. The article raises the point that the
emergence of new phone apps will present more challenges to combatting and preventing
online CEM. This article is useful in highlighting some of the trends regarding the risk of
online sexual abuse and is presented in a clear, easy-to-read format. Furthermore, the brief
overview of Operation Hattie and its success in arrests demonstrates the ‘real-life’
importance associated with researching emerging areas and preventative measures for
3. Dingle, S. (2014, January 16). Live on-demand web streaming of child sexual
abuse a rising global problem. PM ABC Radio, Retrieved from
This brief podcast highlights the issue of live streaming, in particular the ‘on-demand’ culture
of child exploitation. It is explained that live streaming is a growing trend but unfortunately it
is just as damaging to the victim as exploitation and abuse conducted in real life. The
podcast also explains the difficulty associated with catching offenders as live-streaming
leaves little to no digital evidence, offenders conceal their identity and it is generally carried
out in a very covert manner.
4. Europol. (2013). Threat Assessment of Child Sexual Exploitation and Abuse,
Child Exploitation and Online Protection Centre [CEOP], United Kingdom. Retrieved
The role of the CEOP is to provide information to its partners and the public regarding risks
to children from online sexual exploitation and abuse as well as identifying emerging trends
in this area. The threat assessment aims to outline strategic priorities for CEOP and its
partners in terms of how the online threats to children are evolving. The report states that the
online world is becoming increasingly embedded in children’s offline lives which makes them
more accessible to online offenders. This is coupled with an increase in internet availability
and usage globally, specifically in developing countries. The key findings from the threat
assessment include information regarding the hidden internet, live streaming of abuse, links
to organised crime, file sharing methods, overall increases in female victimisation and
changes in offending behaviour in terms of how they contact their victims. The findings are
somewhat limited in terms of generalisability as chronic underreporting and inconsistent
reporting for online child exploitation are evident across the justice system in the United
Kingdom. However these inconsistencies could also be present in the Australian context and
therefore this paper should not be disregarded and still considered a useful source for further
information. The CEOP threat assessment provides valuable information regarding emerging
trends and evolving LEA practices.
5. IOCTA. (2015). Online Child Sexual Exploitation. Retrieved from
The Europol website on Online Child Sexual Exploitation provides simple overviews
regarding the following areas: P2P environments, Darknet, Live Streaming, Online
solicitation and sexual extortion, commercial distribution, networking and forensic awareness
of CSE offenders, future threats and developments and recommendations. Each section
provides a brief overview of the topic as well as indications for how the issue may develop in
the future. Most sections provide references for information, which offers avenues for further
6. O’Connell, J. (2015, June 2). Streamium Decentralizes Streaming so Content
Producers Get Paid Bitcoins in Real Time. CCN.LA. Retrieved from
This brief article explains how the development of streaming services (i.e. Streamium) will
change the way users interact with online content. This service would allow users to utilise a
pay-per-view system for particular live-streamed content rather than paying a lump sum fee
upfront. This type of software development is likely to be popular with sexual offenders who
obtain live-streaming content as it allows them to bypass other payment methods and there
is no need to ‘hide’ purchases by organising smaller, less noticeable payments.
7. Thorn. (2016). The intersection of child sexual exploitation and technology.
Retrieved from
The Thorn taskforce comprises leading industry professionals, governmental organisations,
NGOs and technology companies who are contributing to the fight against child exploitation.
Their website provides simple, clear and valuable information regarding how technological
developments can help fight child exploitation. The website presents brief explanations for
the following issues; child pornography, child sexual abuse imagery, sextortion, live-
streaming, domestic minor sex trafficking and how technology plays into each of these
unique issues.
Further sources on webcam child sex exploitation trends:
Mayol, A. V. S. (5 November 2015). Traffickers leave clubs, head off to cyberspace.
Cebu Daily News, Retrieved from
Briefly discusses shift away from traditional forms of trafficking towards ‘cyber-
Philippine National Bureau of Investigation notes there have been fewer operations
against human trafficking but trends toward cyberpornography.
Ramos-Araneta, M. (21 December 2015). LGUs enlisted vs webcam child sex. The
Standard: Defining the News, Retrieved from
Article discussing how certain areas in Philippines have known webcam child sex
tourism syndicates operating.
Estimated 750,000 men globally seek online sex with children daily
Terre des Hommes estimated 40% of child victims in webcam industry have family
members involved or aware of cybersex operations.
Briefly mentions the ‘Sweetie’ operation (2013 sting operation utilising virtual child)
Tan, M. L. (21 January 2014). Virtual sex tourism., Retrieved from
Article provides overview of virtual sex tourism trade and also discusses the ‘Sweetie’
History of the development of webcam child sex tourism is also discussed
Whight, E. (13 January 2016). ‘She sat there with an eight-year-old girl on her lap and
asked me "what do you want me to do with her?"' Inside a Filipino cybersex den
where pot bellied paedophiles pick girls to be abused on webcam’. Daily Mail Australia.
Retrieved from
Reporter infiltrates a paedophile group in the Philippines
Discusses pay-per-view online live streaming, “cybersex shows” and travelling to visit
girls in real life
Philippines poses severe problem
Discovers parents are willing to give access to young girls for as little as €2 per day.
Difficult to track down offenders and find evidence of online streaming activities
The following are links to some useful sources to further explore trends in online CEM:
Applications (apps) and online games are readily available on many different devices and
are particularly accessible to young people via portable devices (e.g. smartphones, tablets,
iPads, etc.). With a high rate of app development and niche markets, including apps for
young people, it is unsurprising that approximately 90% of consumers mobile time is
spent engaging with apps (Chaffey, 2016). Apps relevant to young people vary widely,
however can be categorised broadly into communication apps (e.g. instant messaging
services), gaming apps, social media apps or even a combination of all categories. The
contribution to proliferation of online CEM through apps and online gaming must be
considered a serious threat, particularly as research shows that young people aged 8-11
years are engaging in online apps and gaming; boys tend to use the internet for games and
music while girls were found to use instant messaging applications more often (Australian
Institute of Criminology [AIC], 2010). Online predators may understand this online behaviour
and thus could tailor their method of seeking out victims depending on their preference of
age or even gender.
The challenge presented by these apps or games is that they are facilitating offender-victim
communication and they are able to reach hundreds of children at a single time, with
minimal effort (Keating, 2015). The apps or games are generally designed with different
audiences in mind with some targeting adult-adult communication or communication
between young people. A crucial problem is that some apps or games have lax age
identification techniques. Despite the intended target audience, there are frequent examples
of adult-child communication, some where both parties are aware and others where the adult
may hide their identity.
The access that law enforcement agencies (LEA) have to the content and information
provided within these apps is variable. In regards to identifying and prosecuting offenders
involved in online CEM, the access LEA have to digital evidence is vital for creating a solid
case. Some apps provide encrypted communication which can challenge LEA accessibility.
Indicators of emerging apps or games involved in CEM
Given the extensive number of apps currently available and the speed at which new apps
are produced, it is difficult to address which specific apps are used in the production and
distribution of online CEM. However, during the research phase our team identified several
common factors to apps that are currently perceived as dangerous or have been implicated
in CEM cases. As such, we have listed the following as ‘indicators’ to be conscious of when
assessing the potential threat of an app to online CEM:
There are several apps or games which allow for anonymous communication. Due to their
anonymous nature it is very easy for predators to gain access to young people by
pretending to be someone they are not. Furthermore, young people may be more inclined to
share information or content as they feel it cannot be traced back to them as their account in
anonymous. The anonymity offered also provides protection for offenders as it increases the
difficulty of identifying who they are. Kik has been specifically mentioned in a homicide case
earlier this year where it is believed that a 13 year old victim may have communicated with
her accused attacker beforehand through the anonymous app (see
Examples of apps which provided anonymity as part of their service, and are used
by young people, are Omegle, Secret, Kik, ooVoo, Ogle and Whisper (Popular App
Guide Parents Teachers - Safe Smart Social [SSS], 2016).
Some popular apps are offering encryption as part of their product as well as the availability
of user-friendly apps wholly devoted to encrypting devices. Although young people may not
be engaging in these apps for their encryption services, it is worth noting that encrypted
apps prove challenging for some law enforcement operations in regards to obtaining
evidence. Furthermore, it can be hard for parents to be aware of who their child may be
interacting with, especially if children are utilising encrypted apps or apps which can hide
Examples: WhatsApp, Calculator% (Not encryption perse but is used to ‘hide’
content on one’s smartphone so that it appears to look like a calculator app). Online
chat services such as ‘MegaChat’. NQ Mobile Vault and Hide it Pro (see Further
sources on online gaming and apps section).
Apps and games often require certain personal information to be entered in order to create a
‘profile’ and this can range from a username and email address to other demographics
including age, gender, likes/dislikes, profile photo, etc. This may provide users with
parameters to engage in communication with others. Some apps allow users to search by
age, location and gender to narrow down a pool of prospective contacts.
Examples: Tinder, Grindr, Snapchat, Whisper, shots-of-me, Kik (Keating, 2015;
Popular App Guide Parents Teachers - Safe Smart Social [SSS], 2016).
Desirability factors
These are common factors we suggest may be involved in certain apps and games being
used more often by young people and as such, may place them at risk of contact with
offenders. Some online games targeted toward children have been found to facilitate
communication between children and potential CEM offenders. For example certain
individuals have used the online gaming platforms offered in Minecraft and League of
Legends to communicate directly with children in an attempt to obtain CEM (O’Brien,
2016; Romano, 2014). Desirability factors of games and apps include the following:
Gamification (e.g. rewards)
Popularity measurements (e.g. ‘likes’, hearts, etc.)
Interactivity with others (e.g. friends, strangers, communities, groups, etc.)
Location based apps are common and in some cases it is not obvious to the user that their
location information is being collected. This information is particularly useful for offenders
who may wish to meet their victim in real life as certain apps allow users to search for
strangers by location to initiate communication with them.
Examples: Tinder, Whisper, shots-of-me, Ogle & ooVoo (Popular App Guide Parents
Teachers - Safe Smart Social [SSS], 2016).
Pokémon Go In Focus
Pokémon Go has gained incredible popularity among smartphone users despite only
being released in Australia this July. The app incorporates the user’s location to show a
real-time map of pokemon creatures in their surrounding area, encouraging users to
acquire these creatures at Poké stops.
Although it is a new app, there are already safety concerns regarding the real-time
nature of the game and the requirement for users to physically attend a location.
There have been cases, in both America and Australia, of armed thieves using the app
to lure victims (see sources below). Although it is unclear whether Pokémon Go could
potentially be used in the exploitation of children, it is worth mentioning that this app
fulfils three of the above factors listed as potential indicators of an emerging threat;
demographics, location, and desirability factors (i.e. gamification).
Further information on Pokémon Go:
Office of the Children’s eSafety Commissioner & ACMA. (2016, July 20). Are you
GO-ing Pokemon crazy? Retrieved from
Yuhas, A. (2016, July 11). Pokémon Go: armed robbers use mobile game to lure
players into trap. The Guardian, Retrieved from
Pokémon Go players mugged at gunpoint in park south of Sydney. (2016, July
15). Australian Associated Press. Retrieved from
Pokemon Go: Users are selling login details but they could be encouraging hackers.
(2016, July 19). BBC Newsbeat, retrieved from
Examples of Lure Modules for purchase (left) and a Pokémon user at a lure (right)
Image 1 retrieved from:
Image 2 retrieved from:
Application Screenshots
Below are screenshot examples of some apps presented in the above section:
Encrypted messaging service
(Retrieved from
Screenshots from the Secret app show how it pulls in your contacts and why you can’t pick your
friends to follow. (Retrieved from
Live stream video chat app. (Retrieved from
on-younow-search-snapshot and )
Encrypted messaging app. (Retrieved from
Encrypted messaging app. (Retrieved from
ore=NO&genre=&device=all&state=pop&tag=&limit=30&lockpick=NO&country=QA and
For a useful Infographic on apps which can encrypt communications see
Annotated Bibliography - Applications & Online Gaming
1. Australian Institute of Criminology [AIC]. (2010). Trends & Issues: online
interactions involving suspected paedophiles who engage male children. Retrieved
The AIC presents a paper discussing the findings of a small scale study investigating online
behaviour and interactions between suspected paedophiles and undercover police officers
posing as male youth. Information regarding how Australian youth are engaging in online
gaming and communications is discussed. This paper provides insight into how paedophiles
victimise youth and they methods they utilise to attempt to obtain explicit material.
2. Chaffey D (2016, April 27). Mobile Marketing Statistics compilation. Smart Insights.
retrieved from
This article presents analytics regarding mobile marketing, specifically consumer mobile
usage and app development. The article provides useful statistics on current usage and
recent trends regarding how individuals are choosing to engage with their mobile devices.
The article offers insight into usage trends for different devices as well as information on
online marketing to these platforms. Although not specifically related to the production or
facilitation of online CEM, it is a useful source of information to help understand the
popularity of mobile devices and how they are being used.
3. Keating, F. (2015, October 29). Online grooming: New trends in online sexual
abuse. International Business Times. Retrieved from
This brief article highlights the current challenges facing law enforcement agencies in the
United Kingdom who are tasked with the protection of children online. The main challenge
highlighted in this work is the rapid development of new technology, specifically the
development of mobile phone apps. It is stated that the main cause for concern surrounding
these developments is that it allows offenders to target hundreds of children around the
world by using simple social media apps. This article is useful as it clearly identifies key
issues regarding online CEM, including risk-taking behaviour in children, use of Darknet,
increase in smartphone ownership, and the popularity of instant messaging apps used by
offenders to target children. The article briefly discusses vigilantism in the United Kingdom,
however it is unclear if this is relevant for an Australian context. Although this is an online
news article and not necessarily an academic piece of research, it provides clear information
regarding key issues in online CEM and uses legitimate sources (e.g. CEOP and the
National Society for the Prevention of Cruelty to Children[NSPCC]) to support their
4. O’Brien, Z. (2016, April 4). Paedophiles 'reaching into kids rooms' as sick adults
exploit THIS popular children's game. Express. Retrieved from
This article discusses how parents in the UK have found inappropriate and sexually explicit
messages communicated to their children via Minecraft, an online console game. Although
the content of the game itself is not inappropriate, parents have discovered adult individuals
attempting to obtain CEM from their children by messaging them directly through the game.
5. Popular App Guide for Parents and Teachers. (2016) Safe, Smart & Social:
Teaching Students How to Shine Online. Retrieved from
The Safe, Smart & Social website provides information designed for teachers and parents
about protecting children online. This particular entry is a list of apps that are divided into
three simple categories; green zone, grey zone and red zone. The guide is designed to
provide parents and teachers with an up-to-date list of current apps on the market that are
safe (green), potentially unsafe (grey), and inappropriate for teens (red zone).
6. Romano, A. (2014, May 1). Child predator allegedly found victims through online
video games. The Daily Dot. Retrieved from
This article discusses a particular offender in the US, Andrew Hartung, who used League of
Legends and Minecraft to facilitate his sexually explicit communications with minors through
the chat services offered in these games. He communicated to several different children in
these games. Forensic analyses of his conversations demonstrated that he would seek out
victims and bribe them with in-game or IRL (‘In Real Life’) gifts in exchange for nude images
of themselves. The investigation also found that Hartung intended to meet with victims IRL.
Further sources on online gaming or apps:
The following are links to some useful sources to further explore popular online gaming,
apps and smartphone usage trends:
Dower, E. (2015). Safety Beyond Facebook: 12 Social Media Apps Every Parent Should
Know About. Family Education. Retrieved from
Website lists apps that are popular among youth that could potentially risk their privacy:
Voxer: Walkie-Talkie push-to-talk app
Poke: Facebook app similar to Snapchat.
Vine: Shoot and share short loops of videos (6 seconds or less)
Shots of Me: ‘selfie-only’ photo sharing app where people can send private
messages to the individual + location is viewable.
Eldridge, A. (2013, July 26) Are Your Kids Hiding Their Apps? Huffington Post. Retrieved
This blog lists different apps which can hide content (e.g. video, photos, files and apps) on
one’s smartphone. For example:
NQ Mobile Vault: photos and videos can be secured in password protected folder.
Contacts can be made ‘private’ so that any communication with them is hidden. ‘Fake
Vault’ option where the user can create a ‘decoy’ vault if they need to show someone
what is in their ‘vault’.
Hide it Pro: Designed to look like a simple audio manager app but is able to store
photos, videos apps, messages and call logs in a disguised folder.
Guardian Project. ‘Secure Mobile Apps’. Retrieved from
Freischlad, N. (2016, June 10). Keep your conversations private with these super
secure messaging apps. Tech in Asia. Retrieved from
These websites list several Android apps designed to create privacy and security for the
Popular Encrypted apps:
Silent text (Silent Circle)
Text Secure
Telegram Secret Chats
Silent Phone
Chat Secure
Pidgin with off-the-record messaging plugin
Covert, A. (2012, October 10). This App Will Give Any iPhone NSA-Grade Encryption
Powers. Gizmodo. Retrieved from
Dunn, J. E. (2015, November 18). The best secure mobile messaging apps 2016.
techworld. Retrieved from
Hill, G. (2013, April 4). Top 10 Security Apps for iPhone Plus 5 FREE Bonus Apps.
Security Today. Retrieved from
Lee, M. (2015 March 3). You should really consider installing Signal, an encrypted
messaging app for iphone. The Intercept. Retrieved from
Ma, R. (2014). More than messaging: Why you should stop comparing WeChat to
WhatsApp. Retrieved from
Smith, A. (2013 June 5). Smartphone Ownership 2013. Pew Research Center. Retrieved
User generated content is a broad term covering specific activities such as an individual
sending images or videos (content) and typically involves engaging in sexualised chats and
the transmission of sexualised content (Wolak & Finkelhor, 2011).
A common user generated activity is the act of ’sexting’ where individuals send sexualised
content to others and is regarded as a key factor for online CEM (Keating 2015). It is not
uncommon for young people to engage in this behaviour, particularly due to the saturation of
mobile devices. As of 2014, approximately 81% of Australians own a smartphone (Deloitte,
2014) with these devices being capable of creating, transmitting and receiving this
sexualised content. With smartphone ownership increasing, many young Australians
have easy access to a device that allows them to engage in sexting. According to the
Australian Communication and Media Authority (ACMA), 13% of 16-17 year olds reported
someone sending a “sexually suggestive, nude or nearly nude photo” (2013, p.11).
Sexting can be broadly separated into two categories; experimental and aggravated
(Wolak & Finkelhor, 2011). Experimental sexting is what typically comes to mind when
discussing the exchange of sexualised content and chatting. For example, youths in a
mutual relationship, willingly sharing content whereas aggravated sexting falls more in the
criminal realm and is particularly relevant for CEM. It should be noted that although sexting
may initially be defined as experimental it may eventually move into the aggravated sexting
category due to the fact that once content is transmitted, the individual who generated the
content loses all control over the content. This gives rise to incidents of content being shared
without permission or for more malicious reasons (e.g. ‘revenge porn’) and may cross into
CEM territory once the content is available in cyberspace, as it is almost impossible to
remove it (Gordon-Messer, Bauermeister, Grodzinski & Zimmerman, 2013).
Source: Wolak, J., & Finkelhor, D. (2011, March). Retrieved from
Sexting & CEM
Aggravated sexting typically involves the unwilling transmission of content via solicitation of
user-generated content by an adult as well other criminal behaviours (e.g. sexual abuse,
extortion, deception, threats, sending images without permission) (Wolak & Finkelhor, 2013).
The rise of aggravated sexting has been addressed in other reports, often specifically
referred to as ‘sextortion’; a process where victims are convinced to provide sexualised
user-generated material and continue doing so by the threat of exposure (Europol, 2013;
IOCTA, 2015). Sextortion occurs via transferring images, webcam, live streaming, or VoIP
(Voice over Internet Protocol) and directly facilitates the production of CEM as it provides
offenders with more material and vulnerable targets (Europol, 2013).
There is limited information on the prevalence of sextortion however it is estimated that
78% of cases involve female children and 12% male children with the average age being
15 years old (Wittes, Poplin, Jurecic, & Spera, 2016). Sextortion is proving to be an
important area to pursue in the production of online CEM, particularly due to the malicious
intent behind the crime and the emotional and social consequences for the victims. One
particular case is that of Luis Mijangos from California who orchestrated several incidents of
sextortion on various victims (Wittes et al., 2016). He obtained sexualised videos and
images from his victims by threatening them with exposure of indecent images or content he
had already obtained by pretending to be a boyfriend or partner online. His methods of
obtaining the content were aggressive and he convinced his victims to download
malware that inevitably provided him access to their files (e.g. images, videos,
documents, etc.) and control over their laptop/computer microphones and web cameras,
essentially allowing him remote access to their private lives (Wittes et al., 2016).
Social Media Engagement & CEM
The rise of social media is integral to the production and distribution of user-generated
material. By its very nature, all photos or videos uploaded to networks such as Facebook,
Instagram or Snapchat could be considered ‘user-generated’ content. A US study found 63%
of mothers use facebook and 97% of them post pictures and 46% post videos of their
child (Geddes, 2014). Parents may be uploading ‘innocent’ photos of their family with the
intent of showing it to family and friends. However the reality is that these photos and videos
can be accessible to others who may wish to increase their own collections of images and
videos of children (Battersby, 2015).
Certain social networking sites, such as Facebook, are known to be used by paedophiles to
communicate amongst each other and source more material (Speed, 2016). This is
evidenced by the increasing number of referrals received by CEOP regarding images of
child exploitation on Facebook; an increase from 400 in 2010 to approximately 1800
currently (Speed, 2016). ‘Secret Groups’ on Facebook are a known issue for online CEM
as members can utilise this function to share content without the risk of non-members seeing
the content (Speed, 2016).
As well as content (images and videos) parents are also uploading private information about
their children for example their full name, date of birth and frequently visited locations such
as their schools or sporting clubs (Geddes, 2014). Frequently uploading a combination of
content and private information is something parents should be educated about in regards
to privacy and protecting children. Particularly in light of how easy it is to share content with
other people and to lose control over where that content is used.
Emerging areas in user-generated material
The following issues are based on current trends and information regarding user-generated
content and its intersection with online CEM:
Sextortion cases are likely to rise. This will be a result of more offenders learning
or adopting basic intrusion techniques (i.e. deploying malware) combined with the
saturation of smartphones. Children and parents should be educated about how and
where to report incidents. Children must feel secure that they will be supported in
these situations.
Institutions (e.g. schools, sports clubs, after-school activities such as dancing,
gymnastics and swimming) unintentionally posting content and/or information
that could be shared and used for illicit purposes. These institutions must regulate
the content posted on their sites, bearing in mind that they are unable to control who
views, shares and downloads this content.
Offenders are currently creating fake Facebook accounts as females to join
female only, closed groups with intentions of gaining access to partial or nude
images (Ford, 2016). This method of gaining content could be used by other
offenders to gain access to other groups specifically posting content of children (e.g.
mother’s groups, interest groups such as children’s activities, etc.).
‘Australian Schools Targeted in Pornography Ring’ - August 2016
A recent case of online, user-generated CEM is the occurrence of Australian young
women and girls being targeted through an online chat forum where sexually
explicit content and private information (full name, phone number, school address, home
address, etc.) is uploaded for users to view and share. The website appears to be used
by young men attempting to obtain nude images as well as identifying information for
specific ‘targets’. ‘Targets’ include young women and underage girls in different
Australian schools - recent counts suggest that at least 70 Australian schools have been
targeted on the site.
The AFP and the Office of the Children’s eSafety Commissioner worked together to take
down the site which hosted thousands of images, some falling into the CEM category.
This case is still ongoing and more information will come to light as investigations
progress. This highlights the reality of young people not only being victimised but acting
as offenders regarding CEM.
Further information on this case:
Office of the Children’s eSafety Commissioner. (2016, August 17). Media Statement -
Sexting complaints on the rise, Media Release. Retrieved from
‘Police investigate pornography ring targeting Australian schoolgirls’. (2016, August
18). ABC News. Retrieved from
Funnell, N. (2016, August 17). Exclusive: Students from 71 Australian schools
targeted by sick pornography ring. Retrieved from
Annotated Bibliography - User-Generated Content
1. Australian Communications and Media Authority [ACMA]. (2013). Like, post,
share: young Australians’ experience of social media. Retrieved from
This study aimed to provide ACMA with an understanding of the online interactions of young
Australians with a specific focus on their use of social networking and risky behaviour. The
study consisted of an online survey where 1511 interviews were completed by participants
ranging from 8-17 years. The surveys were tailored to the two age groups created for
analysis purposes (8-11 years and 12-17 years). The study highlighted that Australian
children are accessing the internet in a variety of unique ways which increases the
challenges of managing risks. It was found that risky behaviour generally increases with age
and children are least likely to be aware of preventative strategies such as using internet
filters. This research is useful for the topic of emerging CEM as it focussed on quantifying
the online interactions and use of social networking by young Australians in regards to
managing privacy and online risks with references to user-generated content (e.g. sexting)
and provides a broad overview of online interaction among Australian youth.
2. Battersby, L. (2015, September 30). Millions of social media photos found on child
exploitation sharing sites. The Sydney Morning Herald. Retrieved from
This news article highlights the dangers presented by parents who upload content (images
or videos) to their personal social media profiles. The article explains how most parents are
unaware of how their content may be viewed, shared or downloaded by others. This piece is
useful as it validates the notion that parents may unintentionally be contributing to online
CEM simply by uploading content of their own children.
3. Deloitte. (2014). Media Consumer Survey: Australian media and digital preferences
(3rd ed.). Sydney, Australia. Retrieved from
This consumer survey investigates how Australians use different forms of media and
entertainment. The most relevant section for exploring the topic of online CEM is where the
report investigates internet usage, smartphone ownership and social media usage. The
survey provides information for different generations (14-24 years, 25-30 years, 31-47 years,
48-66 years and 67+ years). We know from various other sources that children younger than
14 years are using the internet and engaging on social media, and it is for this reason that
we are limited with the information from this survey. Nonetheless, it provides valuable insight
into how Australians are communicating online and how often they engage with social media
platforms. Particularly relevant is the information on social media usage and how it is broken
down by different generations (p. 22). These points are important for the exploration of CEM
as we know that offenders are sourcing new material from some of the content presented on
these platforms.
4. Europol. (2013). Commercial Sexual Exploitation of Children Online: A Strategic
Assessment. European Cybercrime Centre (EC3) - Europol. Retrieved from
This Strategic Assessment report from Europol aims to demonstrate trends in the
production, distribution and access to commercial CEM as well as highlight current research
gaps and prevention opportunities. Although the report is clearly focussing on the analysis of
commercial online CEM and preventative methods involved with payment systems, it is still a
useful report as it specifically touches on trends in distribution (e.g. the types of networks
used by offenders to share CEM with each other), the presence of user-generated material
(e.g. sexting) and future challenges to the prevention of online CEM (e.g. expanse of
internet, development of mobile payment systems, cyberlockers etc.). The report concludes
by recommending research and furthermore, action, into the following areas of online CEM;
distribution methods, web hosting, payment methods, and legislative issues. Limitations of
the report generally lie in the methodologies utilised for online CEM research, mainly
qualitative data and if there is quantitative data, it is limited by variable national legislations
and intelligence gathering methods.
5. Ford, C. (2016, March 21). Why Lindor Jonuzi should bear the real life
consequences of sexist attacks online. Daily Life. Retrieved from
This article describes an Australian case involving a young man, Lindor Jonuzi, who posed
as a female on Facebook to gain access to secret women’s groups in which members share
photos of themselves. These photos depicted women partially dressed or nude and the
group is designed to promote affirmations for the women amongst themselves. After he
infiltrated the group, Jonuzi shared the images to a Melbourne men’s group boasting his
access to this material. This case is an example of how social media usage and self-
generated material can fall into the wrong hands. Although none of the images in this case
seemed to involve minors, this method of obtaining material (e.g. impersonating a group
member) could be used to gain access to similar groups with child related content.
6. Geddes, L. (2014, September 21). Does sharing photos of your children on
Facebook put them at risk? The Guardian. Retrieved from
In this article, Geddes discusses the use of children’s photos and information on social
media platforms, specifically focussing on Facebook. Although this article was written two
years ago, it highlights some of the key issues faced by parents who wish to engage with
their family and friends online by posting information about their children, whilst balancing
their privacy as well. It mentions a US study which investigated Facebook usage among
parents. The article specifically discusses two aspects of information sharing parents should
be conscious of; the amount of information shared and the type of information shared. The
author provides an example of how one of her friends is able to share life stories about her
daughter but uses a nickname rather than her real name when doing so. The article also
touches on the Internet of Things (IOT) and how these wearable devices, with geolocation,
may potentially be hacked. It concludes with the notion that it is very difficult to have no
digital footprint and the best parents can do is monitor what is readily available to others.
7. Gordon-Messer, D., & Bauermeister, J. A., & Grodzinski, A., & Zimmerman, M.
(2013). Sexting among young adults. Journal of Adolescent Health, 52. pp.301306.
Retrieved from
This study examines a US survey regarding the act of sending and receiving ‘sexts’. The
sample consisted of 3447 young adults. It should be noted that the participants ages ranged
from 18-24 years and as such, this data may not be indicative of Australian ‘youth’ sexting
behaviour. Participants were placed into four categories; non-sexters, receivers, senders,
and two-way sexters. The survey measured the following: sexting behaviour, sexual
behaviour, depression, anxiety, self-esteem, sociodemographic characteristics, internet
usage, and phone/texting communication. The study found some correlations between
sexting and sexual health or mental health however it is unclear how these factors influence
each other. This article demonstrates a need for longitudinal studies exploring how sexting
may influence mental and sexual health for young adults.
8. IOCTA (2015). See Annotated Bibliography - Live Streaming
9. Keating, F. (2015, October 29). See Annotated Bibliography - Applications & Online
10. Speed, B. (2016, February 19). “The worst things I’ve ever seen”: the paedophiles of
Facebook, and the ordinary people fighting them. NewStatesman. Retrieved from
This article describes how social media platforms become avenues for sexual offenders to
obtain and distribute CEM material. This is reflected in the increase of referrals to CEOP
regarding material depicting online CEM. The author describes her interactions with some
leaders of vigilante groups and parents who purposely attempt to identify and expose
paedophiles using online CEM on Facebook by passing on their details to local police or
other agencies. These parents describe one of the biggest challenges in catching the
offenders is the presence of ‘secret groups’ on Facebook. Another issue, which may be
relevant to the Australian context, is the fact that vigilantes are risking legal ramifications
since the act of viewing these profiles (with online CEM material visible) could be considered
‘reproducing or making’ child pornography images under the UK legal system. The article
also discusses how Microsoft’s photo searching software ‘PhotoDNA’ is used to help identify
any images that are uploaded to Facebook by cross-referencing them with an existing
database of child abuse images. However, this method fails to detect any new content.
11. Wittes, B., Poplin, C., Jurecic, Q., & Spera, C. (2016, May). Sextortion:
Cybersecurity, teenagers, and remote sexual assault. Center for Technology
Innovation at Brookings. Retrieved from
This report aims to investigate the prevalence of and challenges surrounding ‘sextortion’.
The report highlights the scope and scale of the problem by presenting case studies and
statistics on sextortion. The report begins with an overview of a Californian case where a
young man was able to gain access to sexualised content by extorting the victims via online
communication such as email. The authors of the report present several findings based on
their research of sextortion. One of the most important findings is the fact that it is
understudied and there is little to no information available on sextortion. However the data
that was available demonstrated the frequency of sextortion cases and a high rate involving
minors, which is particularly relevant for the current report on online CEM. There are
legislative and jurisdictional differences surrounding the definition and prosecution of
sextortion cases. This well-structured report provides a thorough investigation of sextortion
and the issues surrounding it. It is a useful source for further analysis of this particular issue
in the production of online CEM.
12. Wolak, J., & Finkelhor, D. (2011, March). Sexting: A Typology. Crimes Against
Children Research Centre. Retrieved from
This report addresses sexting as a typology and examines these typologies based on a
national US survey from law enforcement agencies comprising of 550 cases. The report
identifies sexting as ‘youth-produced’ sexual images and categorises the incidents as either
aggravated or experimental. The report highlights a well-founded concern that youth are
inadvertently contributing to the abundance of online CEM. The report presents various
statistics relating to American youth and how they engage in sexting behaviours. Throughout
the report several case studies are presented, each one reflecting a different typology of
sexting. The report explores other considerations that should be taken into account when
assessing ‘sexting’ incidents and highlights the subjectivity of the matter. Implications for law
enforcement are also listed. Overall the report argues that law enforcement decisions and
policy making procedures should be based on robust social scientific information (p. 10)
rather than stereotypical views of sexting.
The Darknet is a highly encrypted, non-indexable aspect of the Deep Web that offers
users a very high degree of anonymity. It is relatively easy to access and can be fully
utilised by even the least tech savvy people (Turbo Future, 2015).
The Darknet will continue to be the major platform for appropriating and distributing
illegal material because of the strong encryption and ability to ensure digital anonymity
(Jordan L. 2014). It is not illegal to use as it does have many legal and ethical applications
such as the means of communication in repressive regimes (Turton 2016). The Darknet can
only be accessed through special browsers including ‘The Onion Router’ (TOR),
Freenet (Freenet 2016) and I2P (The Invisible Internet Project 2016, & World Bank and the
International Centre for Missing & Exploited Children 2015). These browsers can be used
on any personal computers or mobile technologies like tablets and phones (Tor n.d. &
Mobiletor n.d.).
The Darknet is renowned for being the domain of cyber criminals, including paedophiles.
The Darknet has been the focus of several high profile CEM and CSAM cases (Willacy,
2007, Johnston, 2016, Johnston & Bucci, 2015, AFP & Cantal-Albasin, 2015, Cantal-Albasin,
Murdoch, & Partland, 2015). It is also notoriously difficult for LEA’s to police (Nichols 2016).
Most offenders are caught through their own mistakes, such as Shannon McCoole
displaying his vehicle registration plate, that are corroborated with real world evidence
(Willacy, 2007).
The Darknet will continue to be relevant for the distribution and appropriation of CEM and
CSAM because of the above mentioned anonymity (Gallagher, 2011). For all of the
emerging threats identified in this desk review it will be the main method of distribution of
illegal material. For the foreseeable future the Darknet will remain the main distribution
platform for the bulk of CEM and CSAM material.
The primary currency on the Darknet is the decentralised digital currency called
bitcoin, and can be used to purchase nearly anything on the Darknet. These includes
hitman services, hacked PayPal accounts, drugs, fake passports and CEM (Turbo Future,
2015). Bitcoin operates through a blockchain of recorded transactions that is propped up by
bitcoin users authenticating transaction history.
Bitcoin’s transaction history is stored within the user's electronic bitcoin wallet in a seemingly
random string of numbers and letters. The string is able to identify what transactions took
place with the cryptocurrency and when. The internet Watch Foundation (IWF) has
partnered up with Elliptic, a UK blockchain intelligence start up to trace paedophiles through
their transactions and passes their findings onto LEA’s (Leyden, 2016).
Bitcoin’s protocol has seen a number of off brand spinoffs including Dogecoin and Litecoin.
These off brand spinoffs are still acceptable currency and retain their own trade value
(McCloskey, 2015).
Horizon Scanning
Deanonymization of the Darknet: Researchers at the Michigan Institute of Technology and
the Qatar Computing Research Institute have discovered a method of deanonymizing TOR
networks without breaching the encryption that is 88% accurate (Goodin, 2015). It is likely
that the response from TOR users will be to create methods that produce a false positive to
severely reduce the accuracy of the new technique.
LEA’s such as the FBI have been developing methods of catching Paedophiles through the
use of Malware such as Torsploit. This malware is attached to Flash files that will identify a
user's real IP address and send it to the FBI with a timestamp. Although the FBI has moved
on from this particular malware they are using other methods now (Cimpanu, 2016).A likely
response will be that users will become more cautious and invest in methods that can
identify LEA malware on the Darknet or even fool it.
Monero is a new type of cryptocurrency that boasts completely untraceable transactions
unlike other currencies based off of bitcoins protocols. Monero does not use bitcoins
protocols and therefore does not operate the same way. Instead of creating a string of code
that users can identify transactions with, Monero creates a new address for every single
transaction. This makes it much harder for it to be tracked by LEA’s (Collier & Turgerman,
Annotated Bibliography - Dark Net
1. A beginner’s Guide to Exploring the Darknet. (2015, April 18). Turbo Future.
Retrieved from
The source is highly useful for understanding what the modern Darknet is. It defines the
Darknet as a block of websites in the Deep Web that cannot be accessed through use of a
standard search engine or internet browser. Instead accessing the Darknet requires a
specialised browser such as The Onion Router (TOR), The Freenet Project or the Invisible
Internet Project (I2P).
The article also highlights the ease of installing and using TOR, describing it as an easy
process that even the internet savvy will no struggle to use. For added protection, the article
also recommends using a virtual private network to further anonymize a user's activities.
The article states that the main method of purchasing services, data and items are through
bitcoin as it offers highly anonymous transactions.
2. AFP, & Cantal-Albasin, G. (2015, June 17). Alleged paedophile Peter Scully says
he was 'passive participant' in cyber sex business. Sydney Morning Herald.
Retrieved from
Australian Peter Scully ‘operated a lucrative international child cybersex business in the
Philippines.’ He claimed himself to be the passive participant in the operation where his
Filipino partner was the active participant. The victims were largely from impoverished
Filipino families. It was found that Scully’s clients were predominantly from Brazil, Germany
and the USA.
This article is useful as it shows how offenders choose their targets to maximise profit as
well as what countries tend to consume these products.
3. Cantal-Albasin, G., Murdoch, L. & Partland, L. (2015, March 25). Peter Gerard
Scully interview reveals plans to tell all. Sydney Morning Herald. Retrieved from
This news article depicts the business model Peter Scully used. He charged between $100
and $10 000 for pay-per-view sessions and was also responsible for the movie Daisy’s
Destruction. The article doesn’t state what platform Scully used to distribute the material, but
it is very likely to be the Darknet.
This article is useful as it shows the lucrative nature of CEM and what sort of content is in
4. Cimpanu, C. (2016, April 28). Former Tor developer helped the FBI by creating
malware to go after Tor users. Softpedia. Retrieved from
A core developer for the Tor Project, Matthew Edman, helped the FBI by creating a Tor
specific malware dubbed ‘Torsploit’ that deanonymizes Tor users. Used in ‘Operation
Torpedo’, the malware is packed into Adobe Flash files and is tripped when accessing it on a
Tor browser. The malware then detects the user's real IP address and send it to the FBI with
a timestamp. The FBI has since moved on from Torsploit to other malwares.
This article is useful as it demonstrates the limitations of Tor and how LEA’s are finding
workarounds and limits of TOR’s security.
5. Chrigwin, R. (2016, 26 May). Judge torpedoes ‘Tor pedo’ torpedo evidence. The
Register. Retrieved from
This article states that a US District Court Judge has ‘tossed out’ the evidence collected by
the FBI from Tor users because the FBI refused to share how they were able to collect the
information. The article is useful because it shows how the FBI is attempting to ‘go dark’ with
it capacities. There will likely be a trend toward more covert policing methods for the Darknet
which will likely cause an increase in security by users.
By ‘going dark’ with the FBI’s capabilities, it is likely that offenders will be more paranoid with
their browsing habits and find new creative ways to mask their identities or purposes.
However, this also means that the FBI will not need to divulge their tactics.
6. Collier, K. & Turgeman, M. (2016, August 24). Dark Net Markets Finally Embracing
A Bitcoin Alternative. Vocativ. Retrieved from
This article introduces a new form of cryptocurrency called ‘Monero’. Monero has recently
become an accepted currency on two Darknet markets, Alphabay and Oasis, and will be
accepted as their only alternative to bitcoin.
Monero is not built on bitcoins protocols like Dogecoin and Litecoin are. Instead the
developers opted for their own protocols which has given them a strong edge over many
other currencies. One of the advantages of Monero over bitcoin or Etherium is that it creates
a new address for every transaction which makes it allegedly impossible to track. This allows
Darknet users to purchase items anonymously and will make it harder for LEA’s to track
CEM offenders.
7. Del Castillio, M. (2016, 10 May). Bitcoin market OpenBazaar unveils plans for Tor
support, mobile app. CoinDesk. Retrieved from
OpenBazaar is a bitcoin-powered marketplace that aims to become the leader in censorship-
resistant trade. OpenBazaar is currently attempting to add Tor support to its network and
even an ‘Onions-only’ node which only Darknet users can access. The other aim is to create
an ‘in-house contracting system’ that will allow OpenBazaar to ‘facilitate any type of complex
This article is useful as it shows the changing methods of payment systems and carriers in
the Darknet. OpenBazaar will likely become a popular platform for the distribution of CEM
and CSAM.
8. Freenet - Overview. (n.d.). Retrieved May 12, 2016, from
Freenet markets itself as a platform free from internet censorship that allows you to share
files, publish material and chat with anonymity. It is useful for the paper as it shows the
varying method which the Darknet can be accessed. The article is useful because it shows
the variety of Darknet platforms other than TOR.
9. Gooden, D. (2015, August 1). New attack on TOR can deanonymize hidden
services with surprising accuracy. Ars technica. Retrieved from
This article reports that TOR can be ‘attacked’ for the purpose of deanonymizing website
hosting data with 88% accuracy. The method created by researchers at the Michigan
Institute of Technology and Qatar Computing Research Institute does not require TOR’s
security to be breached. The technique is based on the randomization of selected ‘guards’ or
computers by TOR and the unique fingerprints left by users.
This article is useful as it demonstrates that TOR is not an infallible security platform and can
be circumvented to gather user and host data.
10. Johnston, C., & Bucci, N. (2015, September 09). How a Melbourne schoolboy
found, then inhabited the web's darkest places. The Age. Retrieved from
This article explores how Matthew Graham (‘Lux’) was introduced to CEM through
Anonymous’ CEM attack against ‘Lolita City’ dubbed ‘Operation Darknet.’ Graham admitted
that he had latent paedophilic feelings as a teenager which were realised when he accessed
the CEM. He was initially revolted at himself but came to terms with it when he discovered
the ‘Tor pedo’ community.
Graham’s empire was facilitated by the Freedom Hosting (shut down by FBI in 2013)
service. Freedom Hosting was popular for its use in selling drugs and pornography. Darknet
hosting services like these are likely a modern trend and will likely be a permanent fixture in
combatting CEM.
11. Johnston, C. (2016, February 03). 'Lux' and the child pornography crimes too awful
to print. The Age. Retrieved from
Melbourne man ‘LUX’ / Matthew Graham caught for facilitating and perpetuating CEM on
Darknet resources. He had taunted FBI that he wanted to be the ‘biggest and the best.’
Graham was charged with 13 charges of child pornography and child abuse from the
‘hurtcore’ (sexual torture) content within the network of websites he maintained on the
Darknet between 2011-2014. Hurtcore is a genre of CEM that mainstream paedophiles
Graham was also charged with advising and encouraging others to commit acts of child
rape. This includes:
The encouragement of a Russian man on how to abduct, rape and kill a five-year-old girl and
to film it. It is unknown if the Russian man actually committed these acts.
A British man was also advised on how to conceal his image on video was raping a 7 year
old girl with muscular dystrophy who was in the man’s care at the time.
Graham was also linked to Peter Scully, the man who created Daisy’s Destruction. He had
procured the video series for his website to gain fame for his website.
This article is useful as it highlights the methods and some thought processes of how
website administers gather content for their websites.
12. Leyden, J. (2016, July 06). Bitcoin child abuse pervs will be hunted down by the
IWF: Brit upstart Elliptic is actively tracking paedo’s crypto-currency cash flows. The
Register. Retrieved from
The Internet Watch Foundation has partnered with the UK blockchain intelligence startup
Elliptic to track down paedophiles using bitcoins to purchase CEM. Once the offenders have
been identified Elliptic automatically alerts the corresponding financial institution and relevant
This article is very useful as it demonstrates bitcoins vulnerability and that it is no longer as
anonymous as offenders would like. It is likely that this method is useful for all bitcoin
13. McCloskey, Z. (2015). 10 Bitcoin Alternatives You May Not Know. Coinbuzz.
Retrieved from
A list of 10 bitcoin spinoffs that use similar algorithms. These cryptocurencies are all popular
decentralised currencies on the Darknet.
This article is useful as it highlights the varied nature of decentralised Darknet currencies
currently in use.
14. Nichols, S. (2016, April 21). FBI's Tor pedo torpedoes torpedoed by United States
judge. The Register. Retrieved from
This article is about the ruling by a US federal judge that would quash 1 200 criminal
prosecutions of alleged paedophiles in the US. The technique used by the FBI was the
installation of malware in a suspect's’ PC that would track their internet activities. Because
the warrant for the operation was signed by a US magistrate judge rather than a district
judge it was considered an invalid operation. The use of spyware as a LEA technique has
been put on suspension due to the ruling.
It is likely that since the method of investigation has been identified that there counter-
measures taken by the Tor community to render published LEA tactics useless. A likely
method would be specialised software like a virus scanner that is designed to identify and
remove the malware distributed by LEA’s.
This article is useful to the project because it shows how LEA’s can track offenders through
the Darknet as well as the considerations that must be taken into account when pursuing
these methods.
15. Sharwood, S. (2016, 25 May). Next-gen Tor to use distributed RNG, 55 character
addresses: Numbers so random no one can predict how random they’ll be. The
Register. Retrieved from
The Tor Project has devised a new method to generate random numbers for the next
release of its Onion Router. It requires the use of multiple computers to create a single
random number that is completely unpredictable. This is likely the first random number
generator like this to be used over the internet.
This article is useful as it shows the Tor Projects’ reaction to the increased ability of the FBI
and how they are attempting to deal with the issue. It is likely that this will lead to further
escalation by LEA’s and their capacities. However, this will also increase the investigation
duration significantly for LEA’s.
16. The Invisible Internet Project. (n.d.). Retrieved May 12, 2016, from
I2P is an anonymous network overlay program for mobile phones and desktop computers
that protects the user from monitoring by ‘dragnet’ services and ISP’s. It is marketed towards
‘people who care about their privacy’ such as activists, oppressed people, journalists,
whistle-blowers and the average person.
Similar to Freenet and TOR, I2P offers access to the Darknet mobile devices.
17. Thomson, I. (2016, 01 October). FBI: We unmasked and collared child porn creep
on Tor with spy tool. Metasploit decloaking kit rides again? The Register. Retrieved
The FBI used what is called a ‘Network Investigation Technique’ (NIT) to discover the
identity of Luis Escobosa, a consumer of CEM on the Darknet. The NIT is the equivalent of
spyware in practice as it installs itself on the offenders PC in order to collect information such
as the PC’s real IP address. The information is then sent to an FBI server and investigated.
It is likely that because the technique is now discovered there will be an escalation in
security for TOR users. This may include news ways of masking the IP address at the
computer level rather than just at the web browser.
18. Thomson, I. (2016, 22 March). Tor Project works on anti-FBI defenses amid iOS
row with Apple. The Register. Retrieved from
Tor Projects state that they will be increasing the security of their Tor browser in order to
effectively mitigate any gains the FBI has made into the deanonymization of user data.
This article is useful as it highlights the reaction by the Tor Project to fight for their client’s
anonymity. Tor is likely to experience an escalating battle between themselves and the FBI
in order to retain that position.
19. Tor. (n.d.). Retrieved April 5, 2016, from
A ‘how to’ for installing a mobile phone version of TOR called ‘Orbot’. This source is useful
as it demonstrates how simple it is to gain access to the Darknet even on a mobile phone. It
is indicative of the greater trend of the phobia of government surveillance.
It is useful source because it highlights how easily TOR can be installed on devices.
20. Turton, W. (2016, April 24). Shari Steele's mission to transform Tor's public image.
The Daily Dot. Retrieved from
A case for TOR (and a general overview of what it is). Why TOR should not be shut down
and instead be the mainstream platform for internet browsing. Increased security from
surveillance beyond the normal web browser is one of the main interests of the TOR
platform and the main reason why it should be used as the modern web browser of choice.
This article is useful to the review as it highlights the legitimate purposes for TOR rather than
the illegitimate uses currently being discussed in mainstream media.
21. Willacy, M. (2015, August 27). Detectives took on paedophile's identity in 'dark net'
abuse sting. ABC News. Retrieved from
A useful case study for understanding the methods paedophiles use to commit crimes on the
Darknet and also how police are able to track down offenders. Shannon McCoole was
targeted by police for his contributions to and administration of a Darknet bulletin board that
has 45 000 members. The users on the board are ranked on the originality and volume of
the images. McCoole was jailed for 35 years for the abuse of 7 children under his care as
well as transmitting CEM on the internet. The oldest child was 3 years old and the youngest
was 18 months.
The offender was identified by their unusual use of ‘hiyas’ to other board members. The use
of these greetings is a way for members to identify each other. This is likely not a unique
idea for a code, particularly because members are likely to be members of other boards.
22. “Protecting Children from Cybercrime: Legislative Responses in Latin America to
Fight Child Pornography, Online Grooming, and Cyberbullying through Information
and Communication Technologies”, 2015, A joint report of the World Bank and the
International Centre for Missing & Exploited Children. Retrieved from
This article by the World Bank and the International Centre for Missing & Exploited Children
explores the physical and sexual abuse of children on the internet in Latin America. The aim
of the article is focussed on preventing and combating CEM and CSAM by identifying gaps
in legislation and to identify good practices against online sexual exploitation of children. The
methodology is done through an analysis of public policy responses based on internet based
CEM. The research relies on previously established reports presented to the UN Committee
on the Rights of the Child and the UN Optional Protocol to the Convention on the Rights of
the Child on the Sale of Children, Child Prostitution and Child Pornography.
The article is useful as it identifies methods and platforms that offenders use to distribute
CEM as well as the varying severity of laws in Latin American Nations (ie- Venezuela does
not criminalise child pornography). The main limitation of the articles is that it primarily
focuses on legal means of controlling CEM and does not discuss the methods of distribution
beyond the Darknet. The article concludes by offering various legal amendments to Latin
American Nations legal framework to combat CEM. This article does not form the core of
research into the Darknet but it is useful to acknowledge how the Darknet can be used as a
secure method to distribute CEM.
Zero Day Exploits designed to bypass passwords
A zero-day exploit on Apple’s iOS and OS X was discovered by a group of researchers.
From this exploit, the researchers created and published a malicious app on the Apple App
Store that was able to siphon users’ personal data from the password storing
Keychain in Apple’s OS X as well as steal passwords from the iCloud, banking and
email accounts. The cross-app resource access (XARA) was able to bypass the OS X
sandboxing mechanisms that are designed to prevent an app from accessing the
credentials, contacts and other important information related to other apps (Khandelwal,
During 2015 malware attacks increased to 8.19 Billion (Wisniewski, 2016). The primary
target was Android based phones which put a large percentage of the market at risk (Dell at
Wired, 2016 and Seals, 2016). In 2015 Dell SonicWALL reported a rise in the use of very
dynamic exploit kits based on the latest zero-day vulnerabilities including Adobe Flash
Player and Reader, as well as Microsoft Silverlight. The malware is able to hide itself by
using SSL/TLS Internet encryption which has given hackers many new avenues which can
evade anti-malware inspection systems through hiding within or masquerading as another
file (such as an image, file or message). Dell predicts that the number of zero-day viruses
from Adobe Flash will drop to near nil because major browser no longer support it. However
it is believed that ransomware will increase dramatically.
There is currently a large market for zero-day exploits where governments, private
security firms and a large variety of 3rd party players all contend to sell and buy the latest
zero-day exploits as well as their weaponized forms. The most lucrative period is the first 6
months of a product's launch (Russon, 2015).
The implications for zero-day vulnerabilities such as the ones on Apple’s iOS and OSX allow
for black-hat hackers to utilise these exploits to gain access to confidential
information. In terms of CEM and other sources of data, these hacks can been used for
large scale data mining and distributions, particularly if the information is harvested by a bot
and sold on the Deep Web by the user.
Hacking Parental Intelligence Systems
The Parental Intelligence System by company uKnow had leaked 6.8 million private text
messages, 1.8 million images (many of which depicted children) as well as “1,700 in-depth
child profiles made up of data from Android and iPhone devices” (Fox-Brewster, 2016). The
hack was from an alleged White Hat hacker and occurred between the 16th and the 17th of
February 2016. The database contained customer data, business data, trade secrets and
proprietary algorithms (uKnowKids, 2016).
The images are ‘what you would expect from young kids. For example, silly selfies and text
conversation about parties and boys’ (Fox-Brewster, 2016). There is potential for some self-
produced CEM but it is unlikely because the app is designed for parents to monitor their
children's web-usage.
The leak, which contained information from Twitter, Facebook, Instagram, Mobile Devices
and a myriad of other social media sites was compromised uKnow’s failure to adequately
secure its database by not implementing a username and password. The company uKnow
may face liability claims under the American Children’s Online Privacy Act 1998 (Fox-
Brewster, 2016).
Leaks and hacks from big data apps and websites designed to keep children safe can be a
potential target for 3rd parties attempting to gain self-produced CEM as well as any data
which can be used to exploit and blackmail children. The data itself can be sold for other
uses. For example, blackmailing individuals or mining credit card details. A likely scenario
would be that a hacker would sell ‘dumps’ of information on the Darknet and allow for other
users to sift through for marketable information that would then be sold to their clients.
Further information on uKnow Hacking:
Fox-Brewster, T. (2016, 22 February). Child Tracker App ‘Leaks 6.8 Million texts,
1.8 Million Photos’ From Kids’ Phones. Forbes, Retrieved from
uKnow Kids. (2016, 22 February). Breaking news: A uKnow database was
breached by a hacker, and here are the facts as we know them right now, Retrieved
Spear Phishing Victims
Spear Phishing involves the process of tricking a victim into divulging personal
information for the purpose of fraud or blackmail (Ramzan 2010). Spearphishing is
usually accomplished by the attacker gaining their victims trust. For example, a customised
hoax email from an old friend seeking to reconnect.
A recent spearphishing trend has been identified by Anonymous. Paedophiles are
masquerading as Anonymous in order to coax victims of CEM to share the explicit
content. This is done through the use of fake Twitter and Facebook profiles (Billington,
2016). The offenders use Anonymous’ signature Guy Fawkes mask to gain credibility with
their victim before exploiting them (Carolina, 2016). Anonymous found these user’s profile
names and posted them on pastebin with a warning to the community (Pastebin, 2016).
Because Anonymous regularly mounts attacks and operations against online CEM (Such as
‘Operation Darknet’ against the Darknet site ‘Lolita City’), the targets they identify are also of
interest to paedophiles for their own viewing purposes. It is likely that Anonymous will
continue to struggle with these incidents for the foreseeable future. Furthermore, it will bring
their purpose into disrepute and individuals may no longer seek justice through them. This
may be advantageous as LEA’s can fill this void of distrust and help those who would initially
be hesitant to ask.
Further information on Spear Phishing:
Billington, J. (2016, March 14). Paedophiles hiding behind Anonymous mask to lure
children and share explicit content. International Business Times. Retrieved from
Carolina. (2016, March 16). Pedophiles May Be Using Anonymous’ Symbolic Mask
To Trap Children. Hackread. Retrieved from
Pastebin (2016, March 12). Take Back the Idea - Troll Those Truly Deserving…
Pastebin. Retrieved from
Ramzan, Z. (2010) ‘Phishing attacks and countermeasures’, in Stamp, M. &
Stavroulakis, P. Handbook of Information and Communication Security. Springer
ISBN 9783642041174
Annotated Bibliography - Hacking & Phishing
1. Billington, J. (2016, March 14). Paedophiles hiding behind Anonymous mask to lure
children and share explicit content. International Business Times. Retrieved from
Paedophiles are masquerading as Anonymous members in order to coax victims of CEM to
share the explicit content. This social engineering is achieved through the use of fake Twitter
and Facebook profiles. Recently these practices have been exposed by hackers and cyber
activists. The details of the offenders and their profile data has been uploaded on the
Pastebin ( website.
Social engineering is not a new technique, but it is likely that masquerading as a cyber-
vigilante to gain content will continue to be a popular avenue to gain CEM from victims. It will
likely remain a popular avenue among emotionally intelligent offenders because it does not
require much technical skill to achieve the results.
2. Carolina. (2016, March 16). Pedophiles May Be Using Anonymous’ Symbolic Mask
To Trap Children. Hackread. Retrieved from
Minor-Attracted People (MAP) activists are using false Anonymous profiles on Facebook and
Twitter to acquire and distribute child pornography. Furthermore, the article reports that MAP
activists are using the account information and posing as Anonymous to trap victims (men,
women and children) and force them to share their ‘bestial stories and videos’. Anonymous
has promised to expose these offenders ‘in the most public of ways’ to everyone that they
are connected with.
The article is useful because it identifies the emerging trend of social engineering of posing
as a vigilante in order to entrap victims and force them to share content. It is likely that the
entrapment would evolve into the creation of new material.
3. Fox-Brewster, T. (2016, 22 February). Child Tracker App ‘Leaks 6.8 Million texts,
1.8 Million Photos’ From Kids’ Phones. Forbes, Retrieved from
This article refers to a breach or leak of the security of a Child Tracker app that leaked 6.8
million texts and 1.8 million photos from children’s phones. The data also included the
profiles of the children as well as names, emails and GPS coordinates. The leak was caused
by the company when they did not use a username or password to protect the data.
This article is useful because it highlights that not all hacks are caused by malicious attacks
and that they can be facilitated by simple human errors. This article also highlights the
potential for children tracker apps to be targeted by black hat hackers looking to gather
4. Fox-Brewster, T. (2016, March 17). Ex-NSA Hackers Explain -- Why You Do And
Don’t Want the NSA to Help FBI Crack iPhones. Forbes. Retrieved from
This article offers up discussion and controversies surrounding the (now defunct) call for
Apple to provide a backdoor to LEA’s. The article states that the US National Security
Agency (NSA) could use some of its undisclosed ‘zero-days’ in order to hack the phone. This
is controversial in itself as vendors would like to know these exploits which would allow for
them to fix any potential data breaches. The article also explains how zero-days on phone
devices are able to bypass all levels of encryption.
The article suggests that LEA’s need better hackers within its ranks in order to effectively
deal with the medium software allows. This article is useful because it shows an argument
for the use of zero-days and how they can be used by agencies to access information from a
suspect’s / offenders digital device. However, these same zero-day exploits can be used by
hackers to gain access to children’s devices in order to obtain CEM /CSAM or blackmail the
5. Khandelwal, S (2015, June 18). Zero-Day Exploits for Stealing OS X and iOS
Passwords. The Hacker News. Retrieved from
Article highlights an array of zero-day exploits that can be weaponized on Apple’s iOS and
OS X operating systems that put users at a high risk of attack. The weaponized exploit can
be used to mine information from the devices password cache 1password as well as
dropbox, Facebook, Evernote and the encrypted messaging app, WeChat.
This article is useful because it highlights the effectiveness of zero-day exploits for
bypassing the security of devices. These exploits can be used for targeted or blanket
intrusions designed to steal self-produced CEM or to blackmail the target into producing it.
6. Pastebin (2016, March 12). Take Back the Idea - Troll Those Truly Deserving…
Pastebin. Retrieved from
This source is the direct drop from a member of Anonymous issuing a warning to the public
about MAP activists who argue for their rights, saying the Activists will become an offender.
Furthermore, Anonymous also states that any MAP activists who use the guise of
Anonymous to lure people will be revealed to the public and all of their immediate contacts.
The statement also has a list of 25 offenders and their Twitter account links. This includes
the Facebook profile of "Aditya Aryan Bhardwaj" who claims support for anonymous but
follows several CEM pages and promotes hate speech.
This source is useful to the project as it shows a rare glimpse into how Anonymous conducts
its own ‘internal security’. Furthermore the source is very useful as it identifies a potential
emerging trend into how offenders use social engineering to gain CEM and other illegal
7. Ramzan, Z. (2010) ‘Phishing attacks and countermeasures’, in Stamp, M. &
Stavroulakis, P. Handbook of Information and Communication Security. Springer
ISBN 9783642041174
The spearphishing chapter by Ramzan in Stamp & Stavroulakis Handbook of Information
and Communication Security is very useful for understanding the methods and techniques
that can be employed by cybercriminals. The chapter is also useful as it identifies how the
obtained information can be used for leverage and direct financial gain through the use of
spear phishing attempts.
This information is useful because it acts as a base understanding of how cybercriminals can
obtain CEM through the use of spear phishing.
8. Russon M. (2015, June 16). US Navy caught trying to buy zero day security flaws in
order to exploits popular software. International Business Times. Retrieved from
Article highlights the illicit Darknet market for zero-day exploits and their desirability from
sources including the US Navy. The article further discusses the usefulness of zero-days for
covertly gaining access and gathering intelligence from targeted devices.
This article is very useful as it highlights the various players interested in obtaining the zero-
day hacking methods. These tools can be purchased and used by anyone on the Darknet to
target and obtain CEM directly from a source.
9. Seals, T. (2016, February 25). 2016 Watch: Advanced EKs, Malware and Encrypted
Hacks. Info Security, 25 February. Retrieved from http://www.infosecurity-
The article highlights the varied nature of exploit kits being produced and how they are able
to infiltrate a system through periphery software such as Microsoft Silverlight and Adobe
Flash player. The article also highlights the means which these kits are distributed including
advertising campaigns and redirecting links. Ie- Malware creators covertly targeted users of in 2015 to gain access to systems. The varied nature of the attacks and the
ability to target users of websites shows that malware attacks can be designed to target
children on popular sites. Furthermore, the malware can be hidden amongst periphery files
and be extremely difficult to detect.
10. uKnow Kids. (2016, 22 February). Breaking news: A uKnow database was
breached by a hacker, and here are the facts as we know them right now, Retrieved
Press release from uKnow Kids relating to the breaching of their security by a hacker and
the potential leaking of millions of texts, images and GPS locations. The company states that
the attack was carried out by a concerned White Hat Hacker who has been ordered to delete
the content he obtained. The company has taken steps to resolve the issue and safeguard
against any future intrusions.
This article is useful as it shows the scope of the vulnerabilities available to any decent
hacker. In this case, human error which lead to an easy target. It also highlights the potential
economic gain that a Black / Grey Hat hacker could obtain from the databases. These
details can be used for their own purposes or sold to the black market.
11. Wisniewski, C. (2016, March 10). Customers got Zero-Day panic? Keep calm, keep
patching. Channel Partners. Retrieved from
This article advocated for the continued patching of security flaws, which include companies
and organisations upgrading to newer software platforms and versions, the use of encryption
as well as educating their staff about security. The article also highlights that 99.9% of
exploited vulnerabilities occur more than a year after the software patch used had been
released. The article recommends the continual updates of software, encryption and
education to mitigate the risk of attacks and intrusions.
The article is useful as it highlights the importance of maintaining online security is vitally
important. Any website or database that does not follow similar instructions will be
susceptible to attacks. These include databases that hold big data on children.
Virtual Reality
The prospects of Virtual Reality (VR) within porn have long been known (Hussey, 2016).
With the advent of Google Cardboard and Oculus Rift these prospects have now become
affordable and excitably embraced by the pornography industry (Takahashi, 2016). It has
been suggested that VR devices will primarily be purchased for viewing pornography
(Grubb, 2016) and will cause people to subscribe to porn websites again rather than
frequenting free ‘tube’ sites (Heater, 2016).
VR pornography offers a very intimate viewing experience for users. Rather than the typical
voyeuristic, 3rd person viewing in traditional pornography, VR pornography is a first person
point-of-view system. The purpose of VR is to live the experience without actually being
there (Takahashi, 2016). There are a number of companies who are creating sexual
peripherals for VR called teledildonics. A teledildonic is a sex toy that receives haptic
feedback from a VR porn system to increase the sense of intimacy and realism. It can be
programed to respond to an individual’s movements or the feedback from a computer
game, video or livestream (Cooper, 2016, Franco, 2016, Indiegogo, 2016 & Hytto, 2016).
The popularity of VR cannot be denied. In July 2016 Japan had to close its first VR porn
festival prematurely due to overcrowding and security issues (Martindale, 2016). Kickstarter
projects such as ‘Virtuadolls’ have been able to rapidly meet their funding requirements and
still attract a large following of backers (Indiegogo, 2016). Although VR has other
applications, it can be safely assumed that pornography will be one of, if not the most,
prevalent use of this technology.
So what are the potential impacts of paedophiles using VR & teledildonics to access
CEM? Research into normal viewing of CEM by non-offending paedophiles has revealed
that individuals are less likely to offend in the real world due to their mental barriers
(Corriveau, 2012). Virtual reality may serve as a method of breaking down these barriers,
particularly when coupled with teledildonics. Although there is no research into the effect of
VR pornography the notion of the intimacy and realism may be enough to break down these
barriers to turn an online offender to an offline offender (Rutkin, 2016).
In contrast real world paedophile offenders are very likely to reoffend (Babchishin, Hanson &
Hermann, 2011). The intimate experience VR offers may serve a number of functions
regarding these offenders. It is theorised that VR can also be used as a method of
treating paedophilia. The use of VR and robotics could be used to placate the paedophilic
urges of individuals or combined with Cognitive Behavioural Therapy reduce the urges of
offending (Rutkin, 2016). Research to date been non-existent in this field and it is difficult to
know without it how VR and robotics would affect the paedophile community. Will it increase
instances of real world offending or will real world offending be reduced? This research,
although highly controversial, could be the key for a long term solution for paedophilia.
VR can also be used as a powerful investigative technique. Because the headset allows
the user to view the room or studio with 180 degrees of freedom (Hussey, 2016) an
investigator may be able to find useful information from a careless producer of CEM. For
example, an individual allowing for location or personal identifiers to be caught in the footage
can be found by investigators. This can be used as evidence when investigating or
prosecuting a case.
Accessibility to VR
The current cost of Virtual Reality Technologies varies depending on the quality of the
device. The cost of smartphone mounted Google Cardboard ranges from free ‘do it yourself’
model to the $40 prefabricated models (Google, 2016). The Oculus Rift (Oculus, 2016) and
HTC Vive (HTC, 2016) offer the ‘true VR’ experience but cost several hundred dollars.
Although the more sophisticated models are far more expensive it is likely that pornography
companies will cater to these devices as well as the cheaper Cardboard models. Products
like Google Cardboard will be a gateway method into the world of VR that will likely increase
the desire for more affordable, better quality devices.
It is likely that the CEM industry will invest in VR capabilities in the near future as the shift in
pornographic viewing methods will drive their client’s desires. Similar support for
teledildonics will also be likely as they offer the more intimate experience clients would
Cost of setting up VR recording
The cost of setting up high quality VR Camera’s, such as the GoPro Omni, retailing
at USD 7 500 (CNET, 2015), is relatively high and because of that it will not likely be
immediately adopted by minor suppliers of CEM. The larger supplier will likely have
this technology purchased / pre-ordered as they will be interested in staying ahead of
their competitors and offer a more unique live streaming product.
However there is cheaper technology available such as CID ‘LucidCam’ retailing for
USD 500 that will be readily available for smaller suppliers. Products like the Lucid
Cam can be mounted to devices such as Drones or to a person to offer a more
voyeuristic viewing experience (CID, 2016).
Teledildonics and Interactive Virtual Reality Brothels
The rise of Virtual Reality technology has allowed for creative interactions with both filmed
and digitally created content. The pornography industry, as stated previously, has been the
main champion of Virtual Reality and by extension, teledildonics (or ‘cyberdildonics’).
Companies such as Real Touch Interactive have previously used teledildonics to facilitate
virtual prostitution but only met limited success due to patenting laws. Their system used a
coupled male and female haptic teledildonic to interact. The live streamer would perform
sexual acts on the dildo which would be translated to the male masturbator sleeve and
imitate the actions. Models would charge for various sexual activities that they would
perform on their teledildonic.
The business model created by Real Touch Interactive can be utilised by CEM producers
to create highly interactive sessions. The combination of haptic teledildonics, Virtual
Reality and live streaming would create a very unique and lifelike experience. The
experience may be more than enough for an offline offender to reduce their mental barriers
enough to create a real world offence. After this point it could be extremely difficult for an
individual to control their urges.
It is strongly recommended that research into the effect of VR and teledildonics on sexual
repression is conducted.
Further information on Virtual Prostitution:
Bourque, B. (2016, April 19). The next knock on your hotel room door could be a
virtual reality companion. Digital Trends. Retrieved from
Cooper, D. (2015, February 26). Adult Themes: The rise and fall of America’s first
digital brothel. Engadget. Retrieved from
Franco P.M. (2016, April 4). Illusion VR: Could This Virtual Reality Sex Suit End
Illegal Prostitution? Inside Reality. Retrieved from
Hytto (2009-2016). Lovense. Retrieved from
Images of Teledildonic Products
Virtual Reality, Video Games & Simulated Sex
The rise of VR technology has allowed for creative interactions with both filmed and digitally
created content. New technologies into Virtual Reality have allowed for digital content to be
eroticised to a new level. Through a phallus interface device (a teledildonic) an individual is
able to live out their own custom designed sexual fantasies (Indiegogo 2016). Although the
company, ‘Virtuadolls’ does not explicitly state it in their marketing material, their ‘custom
designed scenarios’ could be used to create child pornography. Mixed with other VR
technologies, such as the Oculus Rift, this could make fantasies very real. Especially if using
real photos meshed over digital bodies.
Virtuagirls is not the only company working on these products. The Japanese company,
Tenga, has developed a VR device called Illusion VR to be used with their game, ‘Sexy
Beach’ (Franco, 2016).
There is the psychological issue when addressing very customised sexual experiences. An
individual who keeps a vivid fantasy sex life may play these out in video games like
Virtuadolls. This experience may be enough to erode their inhibitions and turn them from a
purely online offender to a real world offender. For further discussion please see the online
vs. offline offending section.
Further information on Virtual Prostitution:
Cooper, D. (2015, February 26). Adult Themes: The rise and fall of America’s first
digital brothel. Engadget. Retrieved from
Indiegogo (2016). VirtuaDolls: An Adult VR Game Controller. Indiegogo. Retrieved
Franco P.M. (2016, April 4). Illusion VR: Could This Virtual Reality Sex Suit End
Illegal Prostitution? Inside Reality. Retrieved from
Martindale J. (2016, April 10). Touch in VR goes in a predictable direction: sex suit
sells out in hours. Digital Trends. Retrieved from
Images of Virtual Reality Products
Annotated Bibliography Virtual Reality
1. Bourque, B. (2016, April 19). The next knock on your hotel room door could be a
virtual reality companion. Digital Trends. Retrieved from
Undisclosed Las Vegas hotels are currently trialling VR porn as part of their room service.
These hotels have partnered with the company, VR Bangers to allow you to have a digital
escort experience in your own hotel room. The rental price is $20.
This application may increase the number of custom porn scenarios and it is likely that CEM
producers will follow this trend. A new type of sex tourism may also grow from this and be a
gateway into real world offending. I.e. - On a trip to the Philippines an individual may try one
of these that features a child then may feel compelled to try the real things (See online/offline
2. CID (2015). LucidCam. Retrieved from
CID’s LucidCam offers an easy to operate 180 degree camera. It is small enough to wear,
mount or carry and can create video and picture format files. The video is integrated into
smartphone devices for easy viewing. The cost is relatively cheap at USD 500.
The device can be used as a camera for a VR livestreaming experience but also mounted to
drones for a voyeuristic experience.
3. Cooper, D. (2015, February 26). Adult Themes: The rise and fall of America’s first
digital brothel. Engadget. Retrieved from
RealTouch Interactive operated a digital brothel that used teledildonics to allow people to
have sex through the internet for a fee -interactive live streaming. The technology was
advanced enough to provide haptic feedback to both users based on their actions. The
teledildonic equipment consisted of a motorised male masturbator and a capacitive dildo.
The haptic feedback is provided by interaction with the dildo. The sensory input would be
replicated by the male’s toy to provide interaction. The RealTouch Interactive model would
conduct live streaming and would charge for their services on a per-client basis. For
example, oral sex with the model would range between $30 and $60. Penetrative sex could
be up to double that price.
Due to copyright infringements with the haptic feedback interface, Real Touch has been
unable to distribute the newest version of its product.
Real Touch Interactive’s model has created a precedent for the creation of a ‘digital brothel’.
With teledildonic’s and VR becoming increasingly popular in mainstream pornography it is
likely that producers of CEM will capitalise on this trend. It would offer a far more interactive
experience for live streamers that may contribute to online offenders becoming real world
offenders. Please see the section on online vs. offline offenders.
4. Franco P.M. (2016, April 4). Illusion VR: Could This Virtual Reality Sex Suit End
Illegal Prostitution? Inside Reality. Retrieved from
The illusion VR sex suit is designed to work with a game called ‘Sexy Beach’. In the future,
the company believes it can also be used to initiate cyber meetings with strangers and be
the new form of prostitution.
For the CEM live streaming environment this would be a very drastic change in the types of
encounters the offender would have. The level of intimacy that the offender would have
could push them from offending online to an online realm. However, this technology may
also be applied to cognitive based therapies to reduce the attractiveness of CEM to
5. Grubb, J. (2016, January 13). Porn is already deciding VR’s future. Venturebeat.
Retrieved from
The article states that the Tech-industry has maintained that a key factor that decides a new
technology’s success is if the porn industry adopts it. While the influence can be overstated it
is believed that many people consider its erotic applications when purchasing electronics. It
has been theorised that this will be the case with Virtual Reality.
It is likely that many creators of CEM will invest in VR technology to create a more custom
experience for their clients.
6. GoPro (2016). Omni. Retrieved from
The GoPro Omni offers 365 degree video and sound recording. It is designed to be attached
to objects including helmets, surfboards and drones. Price is AUD 7 499.95
Although it is unlikely that a producer of CEM would use this for live streaming, devices that
offer remote 360 degree recordings such as the GoPro Omni can be used for recording
voyeuristic shows. For example, attaching the camera to a drone and flying it to a pool,
schoolyard or bedroom. The price of the device is not extremely expensive and would be
accessible for most business models.
7. Google (n.d). Get your cardboard. Retrieved from
A simple mount for your smartphone to your face that can have glasses to adjust the level of
immersion. The effect is allegedly similar to using a real VR headset and costs between
USD 15- 40. Cardboard can also be fabricated by an individual if they feel so inclined.
Instructions are provided by Google. Likely being used as a marketing platform and hype
device so that future prospective buyers will be more inclined to use high calibre VR
8. Heater, B. (2016, June 20). VR is the future of porn, and it’s a creepy future indeed.
Techcrunch. Retrieved from
Naughty America recently exhibited VR porn at the E3 and had gained as much interest and
hype as Nintendo. They were demonstrating the capabilities of the Virtual Reality platform
for the curious crowds. Naughty America’s CIO Ian Paul has stated that the adult industry
has lost significant revenue by free tube sites and that VR is their method of ‘raising the bar’
so that people will subscribe to porn websites again.
9. Hytto (2009-2016). Lovense. Retrieved from
Lovense is a ‘his and her’ sex toy designed for long-distance relationships. The users can
control their toys through movement or through phones. Although the devices are connected
through Hytto’s app, the data between partners is not passed through Hytto’s servers. Hytto
also states that this allows for more intimate Skype sex sessions.
This technology can be easily migrated to livestreaming where the offender would have
much more control over what is happening to the victim. The increased interactivity in the
digital world would likely create a stronger urge to make an offence in the real world.
10. HTC Corporation (2016). Vive. Retrieved from
The HTC Vive is a direct competitor to the Oculus Rift and will retail for AUD 899.00. The
price is accessible to many people.
11. Hussey M. (2016, February). A deep dive into the business of virtual reality porn.
The Next Web. Retrieved from
The pornography production company BaDoink has completely abandoned traditional
voyeuristic porn mediums and has completely invested in VR capabilities. Other companies
including Naughty America, and VRSmash are currently beta testing VR.
BaDoink has designed their systems to be compatible with Oculus, Gear VR and Cardboard-
style headsets. The scenes are filmed with a 180-degree field of view camera.
The advent of VR porn has seen an unprecedented 50 percent increase in yearlong website
The article also highlights the issues with shooting VR porn scenes. These include cost. A
normal porn scene costs ca. USD 3 000 to shoot, a VR scene is USD 6 000 due to post
production work. The female performer is also forced to work harder as the male avatar is
largely just a passive participant.
This article is extremely useful as it gives an insight into how VR porn is produced, the
current projections of popularity based on current uptakes as well as giving insight into how it
will evolve.
12. Indiegogo (2016). VirtuaDolls: An Adult VR Game Controller. Indiegogo. Retrieved
VirtuaDolls is a crowdsourced startup company that has created a teledildonic device and
platform that supports VR gameplay and pornographic viewing. The company boasts it has a
500USD Design-A-Girl-Bundle that users can design a character for the end-game itself
(release in 2016). The price of the unit ranges from 20USD to 500USD and is quite
affordable to the average punter. It will likely include a feature that people can design their
own characters.
The company also has created a Software Development Kit (SDK) that will allow for anyone
to create their own games with the VirtuaDolls device.
The design your own characters and games may lead to increased desire by individuals who
have latent paedophilic urges. This in turn may cause them to act on these urges in the real
world as their inhibitors may have been eroded.
Alternatively, if done correctly this may have a therapeutic application where the paedophilic
urges are satisfied by use of these devices and that these urges are never acted upon in the
real world.
13. Lee, J. (2016, January 11). Can Child Dolls Keep Pedophiles from Offending? The
Atlantic. Retrieved from
This article explores the theory that child sex dolls, developed by the Japanese company
Trottla, can be used by non-offending pedophiles to placate their urges with the artificial child
avatar. The hopes of this project is for individuals with paedophilic urges to redirect their
fantasies onto the doll and would therefore not commit a real world crime. The article doubts
that offenders would be content to vent their urges on the dolls.
This article is useful as it identifies the lack of research currently available for non-offending
paedophiles and offers a promising avenue of research into treatment.
14. Martindale J. (2016, April 10). Touch in VR goes in a predictable direction: sex suit
sells out in hours. Digital Trends. Retrieved from
The Japanese firm Tenga has created the Illusion VR which is a ‘Full body virtual interface’
designed to simulate sex for the wearer. Paired with the Samsung Gear VR headset, a full
body suit that simulates the feeling of being touched as well a pair of ‘female attachments’ it
provides feedback to the wearer to create an immersive VR sexual experience.
Further developments into the suits can allow for sexual partners to interact over the
internet. The real time feedback has been theorized to be the next form of prostitution.
Livestreaming will likely follow this effect.
15. Martindale J. (2016, July 5). First Japanese VR Porn Festival Ends Prematurely,
Due to Overcrowding. Digital Trends. Retrieved from
Japan has recently reported that their first VR porn festival closed early due to overcrowding
and safety concerns. Because only a fraction of attendees would have been able to enter
the festival it was feared that a riot would have broken out.
This article highlights the popularity and hype around VR pornography. It also indicates that
it the technology’s main application will be pornographic. It is likely that the CEM market will
follow this trend because of the popularity of the genre.
16. Oculus (2016). Oculus Rift. Retrieved from
The Oculus Rift is one of the ‘true VR’ headsets available on the market. The headset allows
for a far more immersive experience than a monitor or the ‘Google Cardboard’ series can
Preorder price USD 599.00 (available ca. August 2016). Price is very accessible to many
potential buyers.
17. Solon, O. (2016, August 2). Sex, stress and teledildonics: could VR porn help men
with bedroom hangups? The Guardian. Retrieved from
BaDoink is offering ‘Virtual Sexology’ as part of its VR subscription service. The service is
aimed to teach methods to ‘help men become, better, longer-lasting and more confident
lovers.’ The service also proposes to address other sexual issues for both men and women
including premature ejaculation, impotence, and the fear of intimacy. The service will also
allow for teledildonic use.
One of the key selling features of combined VR and Teledildonics is that it closes the
distance between the voyeuristic mentalities of traditional pornography. With VR and
Teledildonics you are more involved and in control. It is described as a ‘stepping stone into a
real sexual experience.’
This article is highly useful because it highlights the desirability of VR and Teledildonics as
well as the multitude of therapeutic applications. The article does not mention it, but VR may
also be useful for treating paedophilic urges. VR may not be the real thing, but it could also
be the closest application that can be found. However, it may, as the article states, be a
‘stepping stone’ into real world offending. Research will need to be conducted into the
implications for paedophiles.
18. Takahashi, D. (2016, April 13). Naughty America tries to get VR porn just right.
Venturebeat. Retrieved from
VR is being taken up by major porn producers like Naughty America. The production focuses
on the use of 180 degree VR camera’s to capture the Point of View feeling of being an
avatar within the porn scene.
There has been issues with filming, particularly with producing a comical effect of a
10 foot tall woman. These issues will likely not be permanent as the industry learns the best
angles of approach.
SECTION 3: Regulatory, Educational
and Collaborative Approaches to CEM
Minimum standards of child protection stem from legislative practices. International
legislations most relevant to online CEM prevention include:
United Nations Convention on the Rights of the Child (CRC): States are required
to protect children from all forms of sexual abuse and exploitation. Legislative,
administrative, social and educational protection measures must be implemented
under this legislation (UNODC, 2015).
Optional Protocol to the CRC (OPCRC): Focuses exclusively on addressing child
sexual abuse and exploitation (UNODC, 2015). The sale of children and child
pornography, and child prostitution are criminalised under this legislation, and
general principles for transnational cooperation are outlined (UNODC, 2015)
United Nations Convention against Transnational Organised Crime: Although
this legislation does not relate specifically to child exploitation, “benefit” in context of
the definition of “organised criminal group” includes “sexual gratification”. Accordingly
the trading of CEM by child grooming rings or the trading of children by child sex
offender rings is punishable in the absence of economic benefit (UNODC, 2015).
Guidelines on Justice in Matters involving Child Victims and Witnesses of
Crime: Outlines “best practices” based on common knowledge and relevant regional
and international norms and principles. Aims to provide governments and
policymakers with practical frameworks for implementing effective legislation,
policies, and practices to ensure that the rights of child victims and crime witnesses
are respected (UNODC, 2015).
These legislations prioritise protection measures for children and encourage international
cooperation in the investigation, prosecution, and prevention of child exploitation (UNODC,
2015). However, the degree to which they are incorporated into national law varies between
instruments and countries which potentially results in disjointed practices (UNODC, 2015).
Non-legislative approaches to CEM appear to have produced the following outcomes:
Regulatory Approaches: increased collaboration between ISPs/social media sites
and law enforcement, enhanced ability for self-reporting, and improved speed and
accuracy in detection and removal of CEM
Educational Approaches: increased international efforts to communicate risks of
child exploitation, safe internet practices for children, parents, and other members of
public, and increased training for law enforcement officers and other professionals.
Collaborative Approaches: Enhanced integration of ISPs/companies/LEA’s in
detection and removal of CEM, more reports of suspected child sexual
exploitation/CEM generated, increased tracking, prosecution and conviction of child
sexual predators, and increased incorporation of multiple aspects of CEM in
prevention methods
It became apparent while researching CEM prevention that the effectiveness of current
methods remains unclear. There are many “best practice” methods readily available
however few of these approaches have undergone formal evaluations to assess
effectiveness. Most information obtained in this section came from organisations currently
implementing certain prevention methods, though there is little evidence to validate claims
that their approaches are making a significant difference or that some methods are more
effective than others. This absence of empirical evidence may stem from confusion around
what constitutes success. Many prevention approaches have resulted in increased
detection and removal of CEM, while others have led to an increase in the number of reports
generated. Other methods have appeared to increase overall public awareness. There are
many ways to define what constitutes a “positive difference” in CEM prevention, however
little has been done to determine which methods make the greatest difference. It does
appear that CEM prevention methods do not suffice in isolation due to the multifaceted
nature of the problem.
While it was difficult to draw conclusions on the overall effectiveness of current preventative
approaches to CEM, the following recommendations can be made:
Success should be operationalised so the extent of CEM prevention can be
The effectiveness of current “best practice” approaches should be empirically
evaluated in order to determine which approaches are having an impact
CEM prevention should entail a comprehensive and integrated global response.
This may require more uniform standards of prevention
Current regulatory, educational, and collaborative approaches to CEM prevention are
discussed in further detail below.
ISP Regulation
Regulation at the ISP level typically involves reporting mechanisms and codes of
conduct relating to internet content (UNODC, 2015). ISP associations have implemented
formal codes of conduct requiring members to refrain from accepting illegal content
knowingly on their sites and to remove inappropriate content upon discovery (UNODC,
2015). Larger ISPs may also utilise “cyberpatrols” that comb the internet for illegal sites
(UNODC, 2015). ISPs worldwide appear to be collaborating with law enforcement agencies
as “gatekeepers” to the internet. In South Africa for example ISPs are obliged to reveal
any offending user’s IP address and name to law enforcement (UNODC, 2015). Cooperation
between ISPs and law enforcement has led to the implementation of layered warning
mechanisms aiming to deter curiosity-driven individuals from experimenting with CEM. This
involves development of splash pages that are displayed when search engines detect
suspicious search terms. The severity of these splash pages increases with severity of
suspicion (UNODC, 2015). ISP regulation also involves URL blocking. The European
Commission has developed the Child Sexual Abuse Anti-Distribution Filter, a blocking
mechanism which is currently in use by ISPs in Denmark, Sweden, Italy, Finland, Malta, and
Norway (UNODC, 2015). Also relevant is INTERPOL’s “worst of” list (IWOL); a
compilation of the worst CEM on the Internet that is distributed to all INTERPOL countries
and available to ISPs free of charge (UNODC, 2015).
The role of ISPs in CEM prevention has increased, however due to the depth and complexity
of cyberspace it is becoming increasingly difficult to monitor. The amount of enduring and
newly generated content available on the internet suggests that ISP regulation cannot keep
up with the threat of CEM (UNODC, 2015). In addition the implementation of mandatory
reporting and data retention regimes raises issues around entitlement to privacy and these
consequences must be considered. The effectiveness of ISP regulation remains empirically
untested, however the scale and nature of exploitative activity discoverable on the internet
indicates that ISP regulation does not suffice in isolation.
Social Media Regulation
Social media sites offer opportunities for self-regulation, providing internet users with the
ability to flag suspicious content. “Panic” buttons are a growing trend, particularly for child-
oriented websites (UNODC, 2015). Some social media sites have teamed with LEAs to
assist in child protection. Since 2006 MySpace employees have been meeting with law
enforcement officials to discuss ways in which MySpace can improve user security and
assist in investigations (Choo, 2009). Together they have created streamlined procedures
that assist law enforcement officials with gathering critical data from MySpace for
investigative purposes ( 2016 Law Enforcement Guide). These procedures
enable LEAs to work more effectively in relation to requests for information and subpoenas
(Choo, 2009). MySpace also implemented basic terms of use prohibiting users from posting
phone numbers, last names, addresses, and photographs containing nudity or other
obscene content on their profiles.
While “flagging” is considered useful, UNODC (2015) reports that these mechanisms are
only a partial solution and resources should be utilised in other domains of CEM
prevention. That is not to undermine the efforts of social media sites: the alliance between
MySpace and LEAs resulted in the deletion of over 2000 sex offenders from MySpace in
Florida (Kierkegaard, 2008), and the Connecticut Attorney General was provided with the
names of 90,000 registered sex offenders who had been discovered and blocked from
MySpace between 2007-2009 (Choo, 2009). This suggests that while social media
regulation remains only a partial solution, it may be beneficial for social media sites to
collaborate with law enforcement to assist in the detection of child sex offenders and the
removal of CEM. MySpace is outdated in relation to other social media giants including
Facebook and Twitter, but demonstrates the potential effectiveness of social media
regulation on CEM.
App Regulation
Use of apps is a newly arising approach to CEM prevention. At present apps are not created
for the sole purpose of protecting children from exploitation. In 2011 however a coalition of
the United States agency for International Development teamed with two anti-trafficking
NGOs to fund a contest for the development of a mobile app to combat human
trafficking (UNODC, 2015). The winning app utilized GPS technology to identify and
indicate places where potential victims could make reports or receive help.
App regulation has not yet received much attention. However, as mentioned in Section 2 of
this paper, the facilitation of child exploitation through apps is a current reality.
Accordingly it is possible that apps could also be used to prevent such an occurrence. It may
be useful to become familiar with ways in which apps facilitate CEM for the purpose of
remaining one step ahead of organised crime groups and other individuals engaging
in app-facilitated child exploitation.
Parental controls
The focus on child e-safety increasingly incorporates forms of self-regulation enabled by
parental control tools. Filtering tools allow parents and other internet users to control access
to specific content or block certain search results at 3 levels: ISP level, home internet
connection level, and personal device level (UNODC, 2015). Developments in context
recognition allegedly provide opportunities to filter enormous amounts of data
automatically before it reaches home computers (UNODC, 2015). Technology
developments continuously aim to improve the effectiveness of filtering tools.
There are significant differences between filters in regards to the types of content they can
block. This is due to an absence of uniformity in the source of block lists used and the risk
algorithms utilised (UNODC, 2015). A study conducted by the Safer Internet Programme
(SIP-BENCH II, 2014) tested parental control tools and found that all tools had an
underblocking rate of over 30%. All control tools tested were low in overall
effectiveness (SIP-BENCH, 2014). It is possible that children and curious individuals
considering CEM experimentation would have lower levels of exposure to illicit content with
the adoption of filter uniformity. This CEM prevention approach lacks empirical exploration
and it may be beneficial to evaluate current control tools to consider whether solutions
such as filter uniformity are feasible.
Online Safety Guides and Programs
Online safety guides aim to provide practical information and advice for all internet users,
with a particular focus on parents, teachers, children, and young adults. Government
organisations, private organisations, ISPs, and schools provide guides targeting various
social media platforms and web activities (Netsmartz, 2016). In relation to parents, guides
tend to discuss the correct age for children to go online, appropriate websites to visit, ideal
computer locations in the home, and which tools may be implemented for monitoring
children and limiting access to certain sites (UNODC, 2015). Particular importance is
placed on initiating dialogue between parents and children about online safety and
behaviour. UNODC (2015) identifies frequent discussions about what to do following
exposure to inappropriate content as a pivotal step towards CEM prevention. A primary
objective of online programs is to provide internet users with an understanding about the
internet and how to assess risks. In 2013 the Egyptian government collaborated with NGOs
and technology companies to develop an Internet Safety Program promoting safe internet
use by children (UNODC, 2015). This program prioritizes solutions to CEM. As
demonstrated below the bulk of prevention in Egypt is awareness:
Taken from “The Internet Safety Program at a Glance: ITU - Council Working Group on Child Online
Protection 7th meeting” powerpoint, 2013 (
Objectives for this program are as follows:
Taken from “The Internet Safety Program at a Glance: ITU - Council Working Group on Child Online
Protection 7th meeting” powerpoint, 2013 (
Similarly the Safer Internet Plus program developed by the European Commission aims
to provide continuously accessible education to families (UNODC, 2015). There are currently
26 national awareness centres in Europe operated by the Insafe-network (UNODC,
2015). Other initiatives include the NetSafe website and the ThinkUKnow Australia website
which encourages children to think before they act in addition to helping parents, carers and
teachers with child online safety. The Cyber Cafe is another example created by Becta, the
Department for Children, Schools and Families, the Internet Proficiency Group, GridClub,
and the Child Protection and Online Protection Centre. This website is designed to be easily
accessible and provides teachers, parents and other carers with information about how
children use the internet, how they can be protected against harm, and how to detect early
behavioural warning signs in young people who are being targeted by online offenders.
The Office of the Children’s eSafety Commissioner, established in 2015, provides many
online resources aimed at ensuring children’s online behaviours and experiences are
responsible and safe. Educational materials include:
Classroom resources: includes interactive videos, games, and quizzes (Budd:e,
Cybersmart Access, Cybersmart Detectives, #GameOn, Hector’s World,
Zippep’s Astro Circus) and is accompanied by lesson plans for both primary and
secondary classes
iParent: an accessible, easily navigated website for parents who wish to keep on top
of their children’s technology use
Outreach programs: includes teacher programs, virtual classrooms and community
Resources from the Office of the Children’s eSafety Commissioner are tailored to suit
different ages, from children and young adults to parents.
Online safety guides are easy to implement and maintain. However, their impact on online
CEM remains unclear due to an absence of empirical exploration. Despite this uncertainty
one could argue that educating the public and sharing knowledge about the nature of the
internet and how to navigate it appropriately is beneficial. The online aspect of these
safety guides may be advantageous considering the increasing use of the online domain.
This approach may work better in conjunction with more practical and hands-on approaches.
Training Courses
Training courses may target both professionals and public, though the majority appear to
target professionals. Details on specific courses are provided below:
Annual Europol Training Course on Combating the Sexual Exploitation of
Children on the Internet (Selm, Germany): develops and increases knowledge in
law enforcement officers and the judiciary. Aims to develop skills in investigating
online child exploitation and to create uniform law enforcement investigation
standards. Participants gain insight on the latest investigation techniques, methods
and experiences.
International Computer Driving License (ICDL): global initiative aiming to spread
awareness and improve IT skills in computer users of all origins, professions and
backgrounds. Recent efforts to implement international awareness summer camps
for parents and children outlining the risks of online child sexual abuse. The ICDL
GCC Foundation intends to incorporate material focused on protecting children from
online sexual abuse into its international curriculum (VGT, 2015)
Internet Crimes Against Children (ICAC) Program (USA): assists state and local
LEAs in developing efficient responses to internet crimes against children. Covers
training, technical assistance and community education.
Over 550 law enforcement officers and 50 judiciary members have attended the
Annual Europol Training Course. The ICAC Program has trained over 465,000 law
enforcement officers, prosecutors, and other professionals since 1988 (OJJDP). It also
claims to have reached thousands of children, teenagers, parents, and educators about
safe internet practices through public service announcements, presentations, and
publications (OJJDP). It is difficult to identify the impact of such training courses on online
CEM, however education remains an important tool for sharing knowledge.
Use of hotlines in CEM prevention is currently a prevalent practice worldwide. Collaboration
between hotlines and law enforcement, policy makers, social services, and internet
users enables a collective response. In addition to facilitating collaboration, hotlines enable
education of communities, equipping individual internet users with tools to disrupt the flow of
CEM. To date, hotlines striving to combat CEM exist within 48 countries (Stroebel &
Jeleniewski, 2015). Prominent hotlines include the Online Child Sexual Abuse Reporting
Portal (OCSARP) developed by the Internet Watch Foundation (IWF), CyberTipline
operated by the National Centre for Missing and Exploited Children (NCMEC), and the hotline operated by the Canadian Centre for Child Protection.
The International Association of Internet Hotlines (INHOPE), funded by the Safer
Internet Plus Programme of the European Commission, has substantially enhanced the
impact of hotlines through coordinating a network of 49 hotlines in 43 countries. INHOPE
aims primarily to ensure that swift action is taken in response to reports of explicit content
(UNODC, 2015). Upon receiving reports, a confidential reviewing process takes place to
identify the location of explicit content on the internet and determine whether local legislation
deems it illegal. Relevant cases are passed on to LEAs or ISPs for further action (Choo,
It is difficult to determine the extent to which hotlines contribute to CEM prevention, however
the number of reports processed and number sites removed may serve as a broad indicator
of effectiveness. The IWF has allegedly removed 20,000 pornographic images of
children in total. OCSAROP processed 51,186 reports in 2014 (UNODC, 2015), and
since its conception in 1998 the CyberTipline has received over 2.5 million reports of
suspected child exploitation in the United States (Cohen-Almagor, 2015). Similarly, has received close to 25,000 reports since its launch, leading to the closure of
2800 websites, over 30 arrests, and removal of various children from abusive
environments (Choo, 2009).
Crucially even countries that do not host hotlines may participate in CEM prevention.
Reports made to OCSARP are tended to by analysts from IWF, meaning the portal can be
employed by countries without hotlines as an easily implementable, cost-effective solution
(UNODC, 2015). The scale of these results appears to indicate that hotlines around the
world have made a notable impact on CEM, however the number of sites removed in
proportion to the total amount of CEM available on the internet indicates that hotlines
address only a small portion of content (Stanley, 2001).
The INHOPE Report Managing System has observed a stable increase in the number of
URLs containing CEM being reported, shown in Table 1 (INHOPE, 2013). INHOPE
believes this demonstrates that its global reach is increasing. Their primary explanation is
that explicit materials reported to content service providers are now being removed at record
high rates, demonstrated in Table 2. This is due to increased collaboration between
hotlines and electronic service providers (Stroebel & Jeleniewski, 2015). According to
INHOPE this kind of efficiency would be impossible for LEAs to achieve alone. Efforts made
by INHOPE and the individual hotlines involved has allowed URLs containing CEM to be
uncovered, traced back to particular jurisdictions, and actioned by relevant authorities
quickly and effectively. It is important that efforts are made to maintain this speed of removal,
since even the slightest delay in content removal is enough to facilitate the
proliferation and viewing of CEM (Stroebel & Jeleniewski, 2015).
Table 1: Number of URLs containing CEM inserted into INHOPE Report Managing System (INHOPE,
Table 2: Time taken to remove CEM upon notification (% of content reported) (INHOPE, 2013-2014)
< 72 Hours
4-6 Days
> 7 days
Hotline effectiveness was evaluated in a global research project (Stroebel & Jeleniewski,
2015) facilitated by NCMEC and funded by The project conducted surveys and
interviews with 52 hotlines around the world and highlighted prominent challenges in
combatting CEM. At present URL referrals between hotlines rely primarily on INHOPE’s
Report Managing System. This enables fast dissemination of information, however there
was general agreement that the exchange of information could be enhanced. In addition
manual operations tend to be utilised and hotline administrators commented on the need
for increased automation, particularly in relation to the increased number of videos
reported for analysis. Hotline administrators also revealed that:
International responses to CEM are disjointed
Differences in hotline operations and technology platforms impede on the integration
of a global system
Hotline functionality is negatively affected by differing regional policies, legal and
cultural differences, and economic challenges
Two key challenges identified were duplication of effort and slower investigations. In
2014 approximately 6000 of the websites catalogued in INHOPE’s report management
system were duplicates of material that had been previously reviewed. To combat this some
hotlines have begun utilising hashtag technology. uses hashing for CEM on
websites which enables their system to regularly recheck the page for active URLs and
content changes automatically. This reduces the time and effort required for reviewing
previously analyzed images. A developing system called IC-CAM aims to improve the
utilisation of hashing technology in content review (Stroebel & Jeleniewski, 2015). A pilot
period was completed and IC-CAM is onto the next stage of development with the European
Union (Stroebel & Jeleniewski, 2015). It may be beneficial to explore the potentials of
hashing technology.
Other hotline challenges included inadequate funding and technological support.
Funding at times was unpredictable and insufficient due to fluctuating government grants
and this affected operations, technology, and staffing. Financial constraints were reported to
be detrimental to the purchasing of new hardware and software, and training and
maintenance of qualified technical staff.
Despite these challenges, hotlines appear to have introduced a level of integration that
was previously absent. INHOPE helps to transform individual hotlines into a community,
which may amplify their effect on CEM prevention. Although few evaluations exist, it seems
that the ‘global collaboration’ approach adopted by hotline communities is a
necessary step in the right direction. In reference to improving effectiveness, the NCMEC
research project suggests that increasing automation and enhancing integration would be
useful areas to begin with.
National Centre for Missing and Exploited Children (NCMEC)
This not-for-profit organisation serves as the “nation’s clearinghouse” on child exploitation
issues (VGF, 2014). It involves collaboration between law enforcement, professionals, and
families on issues around missing and sexually exploited children. NCMEC is a prominent
body in the prevention of online CEM, operating numerous programs such as NetSmartz
which provides educational tools for children. It has established numerous coalitions which
bring together experts from various fields to tackle specific aspects of CEM. The
Technology Coalition consists of nine major internet companies who work collaboratively
to develop and implement technology-based solutions to disrupt criminal child
exploitation enterprises (UNODC, 2015). Coalition members provide technological
expertise and resources to assist in the prevention, detection, and offence documentation of
CEM (UNODC, 2015). Similarly the Financial Coalition against Child Pornography
involves 34 leading banks, credit card companies, Internet service companies, electronic
payment networks, and third party payment companies. Their primary goal is to eradicate
commercial CEM by disrupting money flows (UNODC, 2015). The Prevention Working
Group operates within this coalition, identifying best practice methods to disrupt commercial
exchange of CEM. The group cross-references credit card information with records from
pornography sites. Fluctuations in transaction volume and deposit frequency are tracked and
analysed, as are credit card refunds without corresponding sales and lack of merchant
activity. Origins of funds are also tracked enabling members to close accounts involved with
CEM (UNODC, 2015).
In 2009 NCMEC collaborated with Microsoft and over 30 financial institutions around the
world to create a system called PhotoDNA, which aims to monitor and report online
commercial transactions involving child-related crimes (Choo, 2009). Utilising hashing
technology, PhotoDNA enables comparisons between millions of photos against a hash set
of CEM created by NCMEC (Microsoft, 2016). Upon detection, inappropriate images are
removed by relevant companies and reported to law enforcement, and any user accounts
linked to these images are removed (Microsoft, 2016). The aim of this program is to reduce
the number of illegal images online.
NCMEC has received over 2.4 million reports of suspected child sexual exploitation and
together with law enforcement has recovered more than 196,000 children (VGF, 2014).
Following the creation of NCMEC’s Financial Coalition, CyberTipline observed a 50 percent
decrease in the number of commercial child pornography websites (AIC, 2013). This
was accompanied by a significant 150 percent increase in subscription prices of child
pornography websites (Figure 1) which indicates that supply has decreased (AIC, 2013).
Test transactions by LEAs have revealed it is now more difficult to use traditional
payment tools for CEM (AIC, 2013), meaning the Financial Coalition’s efforts to disrupt
money flows has had an impact. However, it is also possible that a displacement effect has
occurred and vigilance in relation to alternative transaction methods is essential.
Figure 1: Average Membership Cost for Child Pornography Sites (INHOPE, 2013-2014)
Overall CEM prevention appears to be benefitting from NCMEC’s collaboration with law
enforcement and other industries (AIC, 2013). Microsoft’s PhotoDNA has detected millions
of illegal images since its implementation in 2009 and is now used by more than 70
organisations including Facebook and Twitter. It appears to act as a net to “catch” illegal
Child Rescue Coalition
This coalition involves partnerships between police officers, child exploitation investigators,
child welfare agencies, digital forensic experts, and prosecutors. Prevention of child abuse
and exploitation is the key goal, achieved primarily through use of technology that identifies,
monitors, and ranks online behaviours of potential child predators on peer-to-peer
chat and file sharing networks. Global law enforcement officials are provided with this
Child Exploitation Tracking System at no cost. The system was developed by Microsoft
and resides in the National Child Exploitation Coordination Centre in Canada (Choo, 2009).
It is currently in use by numerous LEAs globally (Choo, 2009).
This tracking system has allegedly assisted in the prosecution and conviction of over
6500 online predators with arrests made in more than 20 countries, and has resulted in
the rescuing of more than 1000 children of abuse since 2011 (VGT, 2015). This
technology has successfully tracked 44 million offenders worldwide (VGT, 2015). While
technological prevention measures may not successfully combat CEM on their own, it is
worthwhile exploring the potential for technology on CEM prevention considering the
increasing digitisation of CEM.
Virtual Global Taskforce (VGT)
Collaboration through this strategic alliance allows agencies to share information and
intelligence and enables joint international law enforcement operations. The taskforce
includes members from Australia, Canada, Italy, the UK and US, and Interpol. The primary
prevention measure is international collaboration. The VGT publishes information about
trends relating to online CEM. Their 2012 Environmental Scan revealed the following trends:
Individuals involved in CEM distribution are increasingly utilising hidden services,
encryption and anonymisers. This trend is anticipated to continue with increases in
broadband speeds and user friendly technology
A large component of young people’s social identities are constructed online.
Accordingly young people have begun actively exploring their sexuality online,
and educational programs aiming to restrict such behaviour may become ineffective.
Methods of online solicitation continue to shift from modi operandi involving
deception to more direct approaches including threats and blackmail. This has
implications for law enforcement specialists involved in covert investigation.
The VGT expects online CEM to continue evolving alongside technological developments. In
particular new offenders, victims, and offending methods are expected to arise as a
result of increasing internet adoption in previously underconnected areas of the world.
Since 2003 the VGT has conducted successful global investigations. Some examples are
provided below in Table 3.
Table 3: Successful VGT Investigations (taken from VGT website)
Shattering of a global pedophile network with thousands of
online members, the protection of 200 children involved, and
the arrest of 184 offenders worldwide
Removal of 230 commercial CEM websites, and the arrest of 5
key members of the criminal organisation behind these
Open Your
5 adults arrested during a search warrant for pimping minors
and pornography with minors. The criminal network used a
website called “Chaturbate” to manipulate teenagers into
having sexual intercourse for the generation of profit.
29 international arrests, 11 of which occurred during a
dismantling of an organised crime group that facilitated live
streaming of child sex abuse “on demand”, 15 children in the
Philippines aged 6-15 identified and protected from sexual
abuse, and more than $60,000 identified as having been paid
for the live abuse of children.
Their collaborative approach ensures that many aspects of online CEM are addressed
including law enforcement (holding perpetrators appropriately to account), identifying and
locating children at risk, and improving internet safety. In particular their reports about
growing trends are useful in identifying present and future risks as well as best practice
References - Regulatory & Educational Approaches
Australian Institute of Criminology (AIC), 2013. ‘The Role of Industry in the Fight Against
Online Child Sexual Exploitation’. 13th Australasian Conference on Child Abuse and
accan/presentations/Sharma.pdf (accessed on 25/2/16)
Choo, K. R., 2009. Responding to online child sexual grooming: an industry perspective.
Australian Institute of Criminology.
Cohen-Almagor, R., 2015. Confronting the Internet’s Dark Side: Moral and Social
Responsibility on the Free Highway. New York: Cambridge University Press.
International Association of Internet Hotlines (INHOPE), 2013-2014. ‘INHOPE Annual
shx (accessed 25/2/16)
Kierkegaard, S., 2008. Cybering, online grooming and ageplay. Computer Law and Security
Review, 24, 41-55.
Microsoft (2016). Microsoft’s PhotoDNA: Protecting Children and Businesses in the Cloud.
Microsoft. Accessed on 26/02/16.
Netsmartz, 2016. About Us.
Office of Juvenile Justice and Delinquency Prevention (OJJDP). ‘Internet Crimes
Against Children Task Force Program Program Summary’. OJJDP. Accessed on
Safer Internet Programme (SIP), 2014. Benchmarking of parental control tools for the
online protection of children: assessment results and methodology (SIP-BENCH III,
2nd cycle).
Stroebel, M., & Jeleniewski, S., 2015. Global Research Project: A Global Landscape of
Hotlines Combating Child Sexual Abuse Material on the Internet and an Assessment
of Shared Challenges. National Center for Missing and Exploited Children (NCMEC).
Stanley, J., 2001. Child Abuse and the Internet. Australian Institute of Family Studies.
United Nations Office on Drugs and Crime (UNODC), 2015. Study on the Effects of New
Information Technologies on the Abuse and Exploitation of Children (PDF)
Virtual Global Taskforce (VGT), (2012). Virtual Global Taskforce Environmental Scan
2012’. Virtual Global Taskforce.
Virtual Global Taskforce (VGT), 2014. ‘U.S. law enforcement honoured for contributions to
child safety at NCMEC congressional breakfast’. Virtual Global Taskforce.
congressional-breakfast/ (accessed on 25/2/16)
Virtual Global Taskforce (VGT), 2015. ‘VGT welcomes the Child Rescue Coalition’.
(accessed on 25/2/16)
Educational Approaches Against CEM Websites
Kids Internet Safety Alliance (KINSA)
Safer Internet Plus
Insafe Network - Better Internet for Kids
MCIT Internet Safety Website (Egypt)
Cyber Cafe
Collaboration Against CEM Websites
Child Rescue Coalition (CRC)
International Association of Internet Hotlines (INHOPE) (for INHOPE foundation) (for full list of member hotlines)
Internet Watch Foundation (IWF)
National Center for Missing and Exploited Children (NCMEC)
PhotoDNA by Microsoft
Virtual Global Taskforce (VGT)
Annotated Bibliography - Regulatory, Educational and Collaborative
United Nations Office on Drugs and Crime (UNODC), 2015. Study on the Effects of New
Information Technologies on the Abuse and Exploitation of Children (PDF)
Research Aim: To evaluate the effects of new information technologies on the abuse and
exploitation of children (this study was prepared following Economic and Social Council
resolution 2011/33 on Prevention, protection and international cooperations against the use
of new information technologies to abuse and/or exploit children. The Council expressed
concern over the possibility that rapid technological advancement has given rise to new
possibilities for the criminal misuse of these new technologies).
Methodology: Open source research/outcomes of an informal expert group meeting on ICT
facilitated abuse and exploitation of children (held in Vienna between 23-25th September
2013). This study also references information from the Comprehensive Study on Cybercrime
(2013) prepared by UNODC:
Section 1: Identifying and Describing the Problem
CSAM, commercial sexual exploitation, cyber enticement, solicitation, and online
grooming have all been facilitated by information and communication technologies
ICTs have enabled easy access to pornographic content, which has increased
children’s exposure to harmful content.
It is possible for children to be affected by harmful content before they can determine
whether the content is appropriate or they need to remove themselves from the
Section 2: Evaluating the Problem
ICTs enhance access to victims and CEM and increase the amount of profit obtained
by criminal enterprises.
ICTs lead to a reduced risk of identification and prosecution of offenders
ICTs have facilitated new forms of child abuse and exploitation, including made-to-
order child sexual abuse material, user-generated and self-generated content (eg.
sexting), the live sex abuse broadcasting.
Key factors to consider for potential victims include age, gender, sexual orientation,
migration, poverty, prior abuse and family dysfunction, online behaviour, and social
Key factors to consider for potential offenders include age, gender, and level of
technological sophistication.
Section 3: Combatting the Problem
Legal instruments are limited due to their lack of uniformity across jurisdictions
Investigations of ICT-facilitated child abuse and exploitation can be assisted by
image analysis and databases, digital forensics, automated searches, data mining
and analytics, and undercover operations.
The formation of multi-agency partnerships is becoming common practice for
combatting technology-facilitated crimes which may result in more robust policy and
programme initiatives.
Forums for information sharing, collective problem solving, and sponsored working
groups are also becoming common practice. An example is the INTERPOL Specialist
Group on Crimes Against Children.
Informal relationships may facilitate fast and easy cross-border cooperation.
Discussion: ICTs have worsened problems relating to child sexual abuse and exploitation.
Offenders now have easier access to victims, with a reduced risk of identification and
prosecution. Legal and regional instruments implement minimum standards of child
protection, however there is an absence of uniformity across jurisdictions. In addition to
legislation, multi-agency partnerships are becoming common practice. These partnerships
may result in better policy and programme initiatives. The private sector and civil society are
also increasingly involved in combatting CEM through reporting mechanisms and various
forms of self-regulation. In future it would be beneficial to ensure legislation remains up to
speed with technology, that technology is utilised to combat technology-facilitated crimes,
that education is increased and that research gaps are addressed.
Safer Internet Programme (SIP), 2014. Benchmarking of parental control tools for the
online protection of children: assessment results and methodology (SIP-BENCH III,
2nd cycle).
Research aims:
To benchmark the main functionalities, effectiveness, and usability of popular types
of filtering software from a technical perspective.
To provide users of this software, particularly parents, with a detailed overview of
what is available on the market.
To assist users of this software, particularly parents, with choosing the most
appropriate control tool in accordance with their needs.
To raise awareness about tools that help protect children from harmful Internet
Methodology: Vendor/supplier-independent comparative expert assessment of control
tools. Popular tools were tested on 4 key aspects: functionality, security, effectiveness, and
Tool functionality: none of the tools tested reached the complete functionality
coverage. For personal computers, over half the tools rated under 50%. The top 3
products in terms of functionality were PURESIGHT OWL (77%), TREND MICRO
Tool security: Children and teenagers are becoming increasingly skilled in bypassing/
uninstalling control tools.
Tool effectiveness: Tools are generally low in effectiveness. In personal computers
the underblocking rate (how much harmful content fails to be filtered) was higher than
30% for all tested tools.
Tool usability: Installation and configuration procedures were very simple for some of
the tools. However, ability to customise tools to suit individual needs was poor. Some
tools do provide the ability to customise, but the risk of unwanted effects and bad
filtering results is high.
Filtering tools help protect children from harmful content, however it is important that
they are treated only as a partial solution.
Parents should bear in mind that some tools enable extremely detailed monitoring of
user activity, which may violate children’s privacy rights.
Parents should be aware that advancing technology now enables children to access
the internet from various places, including game consoles.
Software companies
Information about the filtering capability of tools tends to be missing or misleading. It
should be necessary for software companies to provide more transparent information
so that parents can make informed decisions about which tool is right for their
individual needs.
Installation and configuration procedures should be kept simple.
Although the AOL filtering tool is no longer distributed, it was sufficiently effective and
should be used as a best practice example for software producers.
Most tools only filter “old web” while children more commonly use web 2.0 (social
networks and video-sharing websites). Tools are currently low in effectiveness for
this kind of content and this needs to be addressed.
There should be an option to block personal data such as addresses and phone
numbers from being provided by the child on Facebook, Skype, and other sites.
Stroebel, M., & Jeleniewski, S., 2015. Global Research Project: A Global Landscape of
Hotlines Combating Child Sexual Abuse Material on the Internet and an Assessment
of Shared Challenges. National Center for Missing and Exploited Children (NCMEC).
Research aim: To examine hotlines that combat CEM in order to create a better
understanding of the challenges they face and how technological advances can improve the
impact hotlines have in combatting CEM.
Methodology: Online survey and follow-up interview. 52 hotlines participated, and research
questions focused on four core themes: legal, technical, and operational frameworks, and
community challenges.
Findings: Challenges shared by the majority of hotlines were identified:
Issue-based challenges: increased complaints regarding the dark web and
anonymizing services, increase in the length and number of CEM videos, and
increase in grooming on social networking sites.
Collaboration challenges: Collaboration with Electronic Service Providers (ESPs) is
problematic. Many ESPs are not aware of how their systems may be exploited and
how they can combat this, and hotlines feel burdened by the level of personal
outreach they need to engage in to build an understanding of these issues within the
ESP community.
Funding challenges: Funding is unpredictable and insufficient for most hotlines,
preventing technological improvements from being made.
Automation and integration challenges: Most hotlines remain heavily reliant on
manual operations which slows down investigations and leads to a duplication of
International response challenges: International responses to CEM are disjointed.
International cooperations tends to be hindered by differences in policy, culture, and
Discussion: Based on these challenges the hotline community recommended the following:
Improved automation in integration with centralized databases, tracing tools, video
analysis tools, and CEM URL notices and takedown
Expanded data analytics, paying particular attention to global trend analysis and
hotline level statistical solutions
The formation of a technology working group consisting of hotline representatives and
technology experts was also recommended. This would assist in the development and
implementation of technological solutions, which is highly important considering the vital role
that technology plays in combatting CEM.
... Yet empirical research on the characteristics of CSA live streaming and those who engage in it is scarce. Law enforcement reports and research by non-government organisations (NGOs), investigative journalists and academics have shed some light on the issue (see the annotated bibliography of Maxim et al. 2016). The Internet Watch Foundation (IWF) conducted an international analysis of over 2,000 image and video captures from live streamed sexual abuse of children from August to October 2017 (IWF 2018). ...
... Unlike the majority of offenders who share CSAM on the internet (Europol 2019), 'facilitators' of CSA live streaming almost always receive payment (AUSTRAC 2019;EFC 2015;Europol 2019;Masri 2015). Research suggests the cost of viewing CSA live streaming in the Philippines is often low (Masri 2015), due to the poverty of those who provide the services (see also Maxim et al. 2016, citing Wight 2016, who reported parents allowing access to young girls for €2 per day). The European Financial Coalition against Commercial Sexual Exploitation of Children Online (EFC) consulted with key NGOs on the issue. ...
In recent years, there has been growing evidence of live streaming technologies being used to facilitate child sexual abuse (CSA). This study examined a sample of financial transactions made by a cohort of Australians who provided funds to known facilitators of CSA live streaming in the Philippines. The results showed that these individuals were likely to be aged in their 50s or 60s and the majority (55%) had no criminal record. Ten percent had a sexual offence recorded in their criminal history. Most CSA live streaming transactions involved a small proportion of individuals. Just three percent accounted for half of all transactions. In contrast, 25 percent of individuals made just three percent of transactions.As individuals purchased more CSA live streaming transactions, the median amounts they paid increased and the transactions became more frequent. These two variables were significantly correlated. This may reflect an escalation in the frequency and severity of offending.
... Yet empirical research on the characteristics of CSA live streaming and those who engage in it is scarce. Law enforcement reports and research by non-government organisations (NGOs), investigative journalists and academics have shed some light on the issue (see the annotated bibliography of Maxim et al. 2016). The Internet Watch Foundation (IWF) conducted an international analysis of over 2,000 image and video captures from live streamed sexual abuse of children from August to October 2017 (IWF 2018). ...
... Unlike the majority of offenders who share CSAM on the internet (Europol 2019), 'facilitators' of CSA live streaming almost always receive payment (AUSTRAC 2019;EFC 2015;Europol 2019;Masri 2015). Research suggests the cost of viewing CSA live streaming in the Philippines is often low (Masri 2015), due to the poverty of those who provide the services (see also Maxim et al. 2016, citing Wight 2016, who reported parents allowing access to young girls for €2 per day). The European Financial Coalition against Commercial Sexual Exploitation of Children Online (EFC) consulted with key NGOs on the issue. ...
Full-text available
In recent years, there has been growing evidence of live streaming technologies being used to facilitate child sexual abuse (CSA). This study examined a sample of financial transactions made by a cohort of Australians who provided funds to known facilitators of CSA live streaming in the Philippines. The results showed that these individuals were likely to be aged in their 50s or 60s and the majority (55%) had no criminal record. Ten percent had a sexual offence recorded in their criminal history. Most CSA live streaming transactions involved a small proportion of individuals. Just three percent accounted for half of all transactions. In contrast, 25 percent of individuals made just three percent of transactions. As individuals purchased more CSA live streaming transactions, the median amounts they paid increased and the transactions became more frequent. These two variables were significantly correlated. This may reflect an escalation in the frequency and severity of offending.
... Parents may upload 'innocent' photos of their children with the intent of showing them only to family and friends; however, these photos and videos can become accessible to others who may be able to subsequently identify young CEM targets (Battersby, 2015). Online predators often collect sensitive information from social network profiles and use it to contact vulnerable children (Maxim et al., 2016). ...
... The hacking of 'big data' sites and websites provide hackers with content such as personal images or online conversations to sell and distribute to others through niche VPNs and other encrypted online platforms. Children are placed at risk if they divulge personal information, private images, or videos through these apps and websites since they lose control of the content once it has been sent or uploaded (Maxim, et al., 2016). ...
Full-text available
Online markets for Child Exploitation Materials (CEM) or Child Sex Abuse materials (CSAM) have developed in tandem with the rapid expansion of the Internet. CEM images of sexual abuse of children, often photographs and videos, include live transmission of sexual assault as well as simulated experiences using virtual reality technology or robotics. User-generated images, sexting and ‘revenge porn’ are new sources of image-based abuse often involving older children. This chapter describes the prevalence and nature of CEM, profiles of offenders and victims, and law enforcement responses. The content of CEM constitutes a crime scene that can help trace offenders and identify victims, but poses challenges for digital forensics. Definitions of CEM, the relationship between online and offline offending; emerging developments in CEM; and international, regulatory, and collaborative approaches to suppress CEM are described. Keywords: child sex abuse images, child exploitation material, online sexual offences, international policing, cybercrime. Roderic Broadhurst, 'Child Sex Abuse Images and Exploitation Materials', in Roger Leukfeldt & Thomas Holt, Eds. Handbook of Cybercrime, Routledge, October 2019
... Trends in the distribution of CSAM online demonstrate that producers and consumers increasingly prefer video files and lucrative on-demand live streams (Brown, Napier & Smith 2020;Dance & Keller 2020;Maxim et al. 2016). In fact, 2019 marked the first year that reports of child sexual abuse (CSA) videos outpaced those of images (National Center for Missing and Exploited Children 2020). ...
The proliferation of child sexual abuse material (CSAM) is outpacing law enforcement’s ability to address the problem. In response, investigators are increasingly integrating automated software tools into their investigations. These tools can detect or locate files containing CSAM, and extract information contained within these files to identify both victims and offenders. Software tools using biometric systems have shown promise in this area but are limited in their utility due to a reliance on a single biometric cue (namely, the face). This research seeks to improve current investigative practices by developing a software prototype that uses both faces and voices to match victims and offenders across CSAM videos. This paper describes the development of this prototype and the results of a performance test conducted on a database of CSAM. Future directions for this research are also discussed.
Conference Paper
Full-text available
The online sharing and viewing of Child Sexual Abuse Material (CSAM) are growing fast, such that human experts can no longer handle the manual inspection. However, the automatic classification of CSAM is a challenging field of research, largely due to the inaccessibility of target data that is-and should forever be-private and in sole possession of law enforcement agencies. To aid researchers in drawing insights from unseen data and safely providing further understanding of CSAM images, we propose an analysis template that goes beyond the statistics of the dataset and respective labels. It focuses on the extraction of automatic signals, provided both by pre-trained machine learning models, e.g., object categories and pornography detection, as well as image metrics such as luminance and sharpness. Only aggregated statistics of sparse signals are provided to guarantee the anonymity of children and adolescents victimized. The pipeline allows filtering the data by applying thresholds to each specified signal and provides the distribution of such signals within the subset, correlations between signals, as well as a bias evaluation. We demonstrated our proposal on the Region-based annotated Child Pornography Dataset (RCPD), one of the few CSAM benchmarks in the literature, composed of over 2000 samples among regular and CSAM images, produced in partnership with Brazil's Federal Police. Although noisy and limited in several senses, we argue that automatic signals can highlight important aspects of the overall distribution of data, which is valuable for databases that can not be disclosed. Our goal is to safely publicize the characteristics of CSAM datasets, encouraging researchers to join the field and perhaps other institutions to provide similar reports on their benchmarks.
Full-text available
The online sharing and viewing of Child Sexual Abuse Material (CSAM) are growing fast, such that human experts can no longer handle the manual inspection. However, the automatic classification of CSAM is a challenging field of research, largely due to the inaccessibility of target data that is - and should forever be - private and in sole possession of law enforcement agencies. To aid researchers in drawing insights from unseen data and safely providing further understanding of CSAM images, we propose an analysis template that goes beyond the statistics of the dataset and respective labels. It focuses on the extraction of automatic signals, provided both by pre-trained machine learning models, e.g., object categories and pornography detection, as well as image metrics such as luminance and sharpness. Only aggregated statistics of sparse signals are provided to guarantee the anonymity of children and adolescents victimized. The pipeline allows filtering the data by applying thresholds to each specified signal and provides the distribution of such signals within the subset, correlations between signals, as well as a bias evaluation. We demonstrated our proposal on the Region-based annotated Child Pornography Dataset (RCPD), one of the few CSAM benchmarks in the literature, composed of over 2000 samples among regular and CSAM images, produced in partnership with Brazil's Federal Police. Although noisy and limited in several senses, we argue that automatic signals can highlight important aspects of the overall distribution of data, which is valuable for databases that can not be disclosed. Our goal is to safely publicize the characteristics of CSAM datasets, encouraging researchers to join the field and perhaps other institutions to provide similar reports on their benchmarks.
Full-text available
Terrorism, cyberbullying, child pornography, hate speech, cybercrime: along with unprecedented advancements in productivity and engagement, the Internet has ushered in a space for violent, hateful, and antisocial behavior. How do we, as individuals and as a society, protect against dangerous expressions online? Confronting the Internet's Dark Side is the first book on social responsibility on the Internet. It aims to strike a balance between the free speech principle and the responsibilities of the individual, corporation, state, and the international community. This book brings a global perspective to the analysis of some of the most troubling uses of the Internet. It urges net users, ISPs, and liberal democracies to weigh freedom and security, finding the golden mean between unlimited license and moral responsibility. This judgment is necessary to uphold the very liberal democratic values that gave rise to the Internet and that are threatened by an unbridled use of technology.
Full-text available
The current meta-analysis compared the characteristics of online child pornography-only offenders, typical (offline) sex offenders against children, and offenders with both child pornography and contact sex offences against children (mixed). Based on 30 unique samples (comparison ns ranging from 98 to 2,702), the meta-analysis found key differences between groups. Offenders who committed contact sex offences were more likely to have access to children than those with only child pornography offences. In contrast, offenders who used the internet to commit sexual offences had greater access to the internet than those with contact sex offenders. Differences between the groups, however, were not limited to differential opportunities. Sex offenders against children and mixed offenders were found to score higher on indicators of antisociality than online child pornography offenders (CPOs). CPOs were also more likely to have psychological barriers to sexual offending than sex offenders against children and mixed offenders (e.g., greater victim empathy). Mixed offenders were found to be the most pedophilic, even more than CPOs. The findings suggest that offenders who restricted their offending behavior to online child pornography offences were different from mixed offenders and offline sex offenders against children, and that mixed offenders were a particularly high risk group.
Full-text available
The expansion of the Internet and the proliferation of information technologies have created new opportunities for the sexual abuse of children. Sex offenders use the Internet to access and distribute indecent images of children and to select victims to groom for the purpose of abuse (Davidson & Gottschalk 2010; Martellozzo, 2010; Martellozzo & Taylor, 2009; Quayle, Erooga, Wright, Taylor, & Harbinson, 2006). It is a commonly held assumption, stated implicitly or explicitly in both public debates and scholarly research, that child sexual abuse is a typically male crime, in so far as offenders are generally held to be men and the level of sexual aggression involved in their offences is seen as closely related to masculine behaviour. This article aims to increase knowledge and understanding of the problem of online child sexual abuse by female offenders. As rehearsed in the literature (Martellozzo, 2011; Webster, Davidson, Bifulco, Pham, & Caretti, 2009), online child sexual abuse is predominantly a crime committed by men and only a small percentage of females sexually abuse children through the Internet. This article presents findings from analysis of qualitative data collected at the Paedophile Unit at the London Metropolitan Police.
Full-text available
Gottfredson and Hirschi’s (1990) general theory of crime and Akers’ (1998) social learning theory have received strong empirical support for explaining crime in both the physical and cyberworlds. Most of the studies examining cybercrime, however, have only used college samples. In addition, the evidence on the interaction between low self-control and deviant peer associations is mixed. Therefore, this study examined whether low self-control and deviant peer associations explained various forms of cyberdeviance in a youth sample. We also tested whether associating with deviant peers mediated the effect of low self-control on cyberdeviance as well as whether it conditioned the effect. Low self-control and deviant peer associations were found to be related to cyberdeviance in general, as well as piracy, harassment, online pornography, and hacking specifically. Deviant peer associations both mediated and exacerbated the effect of low self-control on general cyberdeviance, though these interactions were not found for the five cyberdeviant types examined. KeywordsCybercrime–Low self-control–Social learning–Peer offending–Juvenile delinquency
Full-text available
This exploratory study examined 51 participants convicted of an Internet-initiated sex offense in which they attempted to entice an adolescent into a sexual relationship using an Internet chat room. All participants were convicted of a sex offense and subject to an evaluation as a part of sentencing requirements in Colorado. Clinical and behavioral data were obtained from each subject's offense-specific evaluation and chat room transcripts. The results of the study found that 90% of the participants were apprehended as a result of an Internet sex sting. The authors conclude that Internet chat room sex offenders constitute a separate group characterized by less severe criminogenic factors than other sex offenders (rapists, child molesters). It can be hypothesized that chat room sex offenders avoid relationships and spend a significant amount of time in online chat rooms as a primary social and sexual outlet, and engage in other sexually compulsive behaviors. Within this offender group, it was discovered that two subgroups exist: a contact-driven group motivated to engage in offline sexual behavior with an adolescent and a fantasy-driven group motivated to engage an adolescent in online cybersex without an express intent to meet offline. The chat room sex offender presents a significant clinical issue to treatment providers as a live victim does not exist. Thus, it is unclear if Internet sex stings prevent incidents of child sexual exploitation and may result in convictions of individuals who may never have abused a child. The data suggest a tentative sex offender typology, including subtypes, which need to be replicated in future studies.
This study examined a sample of 120 adult males convicted of offences involving indecent images of children (IIOC); 60 had a previous contact child sexual offence (dual offenders) and 60 had no evidence of an offence against a child. Analyses explored socio-demographic characteristics, previous convictions, and access to children. Of the 120 offenders, a subsample of 60 offenders (30 dual offenders and 30 non-contact) were further examined in terms of the quantity of IIOC, types of IIOC, and offending behavior. The study found the two offender groups could be discriminated by previous convictions, access to children, the number, proportion, and type of IIOC viewed. The IIOC preferences displayed within their possession differentiated dual offenders from non-contact IIOC offenders. Within group comparisons of the dual offenders differentiated sadistic rapists from sexual penetrative and sexual touching offenders. The paper suggests there may be a homology between IIOC possession, victim selection, and offending behavior. Implications for law enforcement are discussed in terms of likelihood of contact offending and assisting in investigative prioritization.
Recent advances in computer technology have been aiding sexual predators, stalkers, child pornographers, child traffickers, and others with the intent of exploiting children. Internet bulletin boards, chat rooms, private websites, and peer-to-peer networks are being used daily by paedophiles to meet unsuspecting children. Compounding the problem is the lack of direct governance by an international body, which will curb the illegal content and activity. Most countries already have laws protecting children, but what is needed is a concerted law enforcement and international legislation to combat child sex abuse. With the enactment of the Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse, this may soon become a reality in Europe. This current article will discuss some of the recent legal developments concerning online child protection, including the new Convention.
Internet Child Sex Offenders' Concerns about Online Security and their Use of Identity Protection Technologies: A Review
  • M Balfe
  • B Gallagher
  • H Masson
  • S Balfe
  • R Brugha
  • S Hackett
Balfe, M., Gallagher, B., Masson, H., Balfe, S., Brugha, R., & Hackett, S. (2015). Internet Child Sex Offenders' Concerns about Online Security and their Use of Identity Protection Technologies: A Review. Child Abuse Review, 24, pp. 427-439. Retrieved from
Online Child Sex Offenders: Challenges and Counter-Measures
  • R Cohen-Almagor
Cohen-Almagor, R. (2013). Online Child Sex Offenders: Challenges and Counter-Measures. The Howard Journal of Crime and Justice, 52, pp.190-215. Retrieved from
Contact sexual offending by men arrested for child pornography offenses
  • M C Seto
  • R K Hanson
  • K M Babchishin
Seto, M. C., Hanson, R. K., & Babchishin, K. M. (in press). Contact sexual offending by men arrested for child pornography offenses. Sexual Abuse: A Journal of Research and Treatment.