In an advisory, telecommunications firms PLDT and Smart Communications said the companies started blocking content as they continue the fight against online sexual abuse and exploitation of children (OSAEC).
The companies’ recent membership in the Internet Watch Foundation (IWF) has so far given them access to 5,800 URLs with child sex abuse materials, which they have blocked over the past week. This goes on top of at least 3,000 domains they have cut access to prior to their IWF membership.
The membership into the UK-based IWF has been a vital factor in PLDT and Smart’s ability to monitor and take action OSAEC. Employing different technologies, the platform references the illicit content that customers are trying to access against the companies’ databases. It can block access to a specific file without cutting off an entire website. This is particularly useful in blocking sexually explicit materials featuring children that have been posted on legitimate domains.
“When our customers try to open offensive content, they are immediately brought to a landing page telling them that the material violates Republic Act 9775 or the Anti-Child Pornography Law,” said Angel Redoble, chief information security officer at PLDT and Smart.
Launched in the first quarter of this year, the child protection platform has allowed PLDT and Smart to block child sexual abuse materials (CSAM) in two ways: domain level, and now with the IWF membership, at the content level.
“When a child abuse content finds its way into a legitimate domain like social media platforms or video-sharing sites, we can’t block the entire web page because that will prevent all our customers from accessing materials on that domain that are not related to OSAEC,” said Redoble.
The challenge comes in blocking illicit files that have filtered their way into legitimate domains. Because the law does not allow internet service providers in the Philippines to actively sift through information that passes through their network, PLDT and Smart employ open-source threat intelligence gathering, purchase available commercial threat intelligence, and rely on law enforcement agencies to share the links of child abuse materials that have been posted on the internet.
This is where the value of a membership with IWF comes in. Backed by the global internet industry and the European Commission, the IWF is a non-profit organization that works closely with law enforcement agencies of national governments, internet service providers and platforms, and charitable organizations in taking down webpages, keywords, hash lists, and digital fingerprints that contain child abuse materials.
As well as taking reports from the public through their 47 reporting portals serving 2.4 billion people around the world, the IWF’s highly trained analysts actively search the internet for child sexual abuse images and videos. They then work with global partners to get them removed.
The IWF deploys technology that allows it to detect CSAM by running their unique codes or “hashes” against known blacklists.
The IWF then forwards the offending URLs, which PLDT and Smart convert to IP addresses which when accessed, takes the user to the child protection platform. The platform then redirects to the landing page of the National Telecommunications Commission, which informs the user the content being accessed is in violation of Republic Act 9775, or the Anti-Child Pornography Act.
The IWF has created an intelligent web crawler which it deploys to methodically browse targeted areas of the internet. The organization says, what makes theirs different from others is that it’s loaded with over 566,000 hashes of known child sexual abuse images.
Sexually explicit files
“We can’t use hashes on our platform simply because we don’t store content. We don’t have files to run against them. We are only a pass-through infrastructure. And we are not legally allowed to peer into the content that travel along our network,” explained Redoble.
Since the IWF membership, PLDT and Smart have gained access to the organization’s growing database that contain over 9,000 links to sexually explicit files featuring children.
Since then, PLDT and Smart have been able to block 3,345 web addresses related to CSAM, including 34 domains and 286 IP addresses in the latter half of May alone. Prior to forming an alliance with IWF, PLDT and Smart have blocked around 3,000 websites tied to online child abuse.