Due to extreme poverty, exacerbated by the COVID-19 pandemic, reported cases of OSAEC (online sexual abuse and exploitation of children) increased by 264%, based on the figures by the Philippines’ Department of Justice.
Previous articles on OSAEC highlighted the role of parents and relatives in what the Unicef and SafeKids PH call “the worst form of violence on children on the internet.”
Following the blocking of 3,000 domains linked to online sexual abuse and exploitation of children (OSAEC), Philippine digital services firm PLDT Inc. (PLDT) and its wireless subsidiary Smart Communications Inc. (Smart) affirmed their ongoing efforts to find a long-term solution in protecting children from online pornography.
Based on the report by the International Justice Mission the Philippines was the largest known source of OSEC cases in the world. CyberTipline ranks the Asia-Pacific region as the third-largest source of “online enticement.”
“We at PLDT and Smart are here to sustain the campaign (to prevent OSAEC) and reinforced efforts towards stamping out online child exploitation,” said Cathy Yap-Yang, FVP and group head, Corporate Communications, PLDT Inc. “We have developed homegrown programs including Cybersmart, Better Today, and PLDT Infoteach that educate people to be responsible digital citizens online — and in real life.”
PLDT’s latest effort is the creation of the Cybersecurity Operations Group (CSOG) to protect not only the PLDT Group’s assets but the enterprise customers and consumers, as well.
“We have deployed a technology that enables us to block and prevent access to websites that are focused on sexual exploitation of children,” said Angel Redoble, FVP and group chief information security officer, PLDT Group, ePLDT Group and Smart Communications. “But we recognize that that capability is not enough.”
He admitted that the blocked sites are “not even “50% or 60% of the problem.”
The roadblock, however, is the objectionable content hosted by legitimate websites, for example, YouTube, which internet service providers, suck as PLDT and Smart cannot just take down or block, otherwise they would be accused of denial of service.
“What what we need to do is, we need to be able to block the content by not blocking the whole domain,” Redoble said. “What we need to do is block the content but not block the whole domain. We can limit the blocking to people who are trying to access or view the content or object. That’s the difference now. We can only do that if we have the proper process and the proper combination of technology.”
PLDT’s recent membership in the “Forum of Incident Response and Security Teams (FIRST)” will also allow its cybersecurity response team to work with global partners.
Francisco Ashley Acedillo, assistant vice president for Cybersecurity Strategy at Smart, underscores the utilization of behavioral analysis, to complement the use of technology and other infrastructures. He noted that “most of the demand for child pornography is coming from abroad.”
“For example, if a particular IP address on any normal basis does not exhibit exorbitant bandwidth use, and then suddenly there is a surge of bandwidth use in that geo locality, we flag that,” said Acedillo, who is also the president of the Philippine Institute of Cyber Security Professionals. “Then we ask the NBI (National Bureau of Investigation) and the PNP (Philippine National Police) to investigate. We tell them that there is an unusual activity — which could be a criminal activity related to the purveying of child pornography. That’s really a big step.”
Several nonprofits have been working with private organizations to elevate the discussion of preventing — it not totally eliminating — OSAEC because it is a poverty issue, which the private sector does not have any control over.
Redoble said there should be a harmonization of two conflicting Philippine laws — the Anti-Child Pornography Act and the Cybercrime Prevention Act, which prevents telecommunications companies to interfere with any network system.
Underpinning the role of the government in OSAEC prevention, Acedillo said the Philipines must strengthen its legislative and policy framework. He also said that the capacity-building of cybersecurity professionals also meant providing them with advanced training. Ultimately, educating internet users using multiple platforms is as important as the work of security professionals in the back end.