IWF Hash List announcement at Global Summit

In a statement at the #WePROTECT summit in Abu Dhabi, Susie Hargreaves, CEO of the Internet Watch Foundation (IWF) confirmed the number of hashes achieved during the phased implementation of the IWF Hash List.

Since June 2015, IWF have created just under 19,000 category ‘A’ hashes of child sexual abuse material (CSAM). Each individual hash contained an illegal image of child sexual abuse. IWF category ‘A’ refers to the ‘worst of the worst’ level of sexual abuse and violence inflicted on children, in line with UK and US definitions. The 19,000 images identified were then loaded onto the Hash List and given to five global internet companies, who had volunteered to conduct a robust test on the list through their systems during the implementation period.

IWF CEO Susie Hargreaves said: “At the Prime Minister’s #WePROTECT summit last year, we pledged to do all we could to eliminate Child Sexual Abuse Material (CSAM) on the internet. Moreover, we promised to create our own unique Hash List of illegal images. Not only have we succeeded in creating that list, but we have hashed just under 19,000 images.

“The IWF Hash List has now been successfully rolled-out to five of our global industry Members and I am confident this development will be a real game-changer in the battle against child sexual abuse images online.

“Not only can we now identify and remove victim’s images more quickly, but we can also stop the ‘hashed’ images being uploaded to the internet in the first place. The implication for our work is huge and we believe this is just the beginning…”    

The five Members taking part in the phased implementation were Facebook, Google, Microsoft, Twitter and Yahoo. The key advantages identified were:

    Victims’ images can be identified and removed more quickly, preventing them from being shared time and time again.
    Child sexual abuse images will be prevented from being uploaded to the internet in the first place. This gives internet companies the power to stop people from repeatedly sharing the images on their services.
    Internet users are protected from accidentally stumbling across the images online.

Not to be confused with a ‘hash tag’, the IWF Hash is a type of digital fingerprint of an image. There are billions of images on the internet and by creating a digital fingerprint of a single image, it can be removed - like finding a needle in a haystack.

IWF will automatically begin creating two types of hashes to meet the needs of the online industry. It will create PhotoDNA (technology developed by Microsoft), andMD5 hashes.

The hashes created during the implementation stage were sourced from images forensically captured on the Home Office Child Abuse Image Database (CAID)*. In the future, hashes will also be created from images that our highly-trained analysts have assessed and sourced from IWF public reports, online industry reports and by proactively searching for criminal content.

Background:

Since 2004 less than 1% of known imagery has been hosted in the UK and this is due a partnership between the IWF, the internet industry, law enforcement and UK government.

It is the IWF’s mission to eliminate CSAM online and provide a model to help countries without a place to report CSAM. As more countries develop networks to get citizens online, it can leave them vulnerable to CSAM if they have nowhere to report.

To this end, we are also rolling-out a program of IWF Reporting Portals to countries with emerging internet infrastructures, to provide a means to report suspected child sexual abuse imagery. The IWF’s Reporting Portal is already used by Mauritius and Uganda, with other countries set to sign up.

The system is cost effective, as all the assessment and removal work takes place at the IWF’s headquarters in the UK by its expert analysts and action is taken through its well-established partnerships.

Full statistics relating to the IWF are published annually in its annual and charity report here: www.iwf.org.uk/accountability/annual-reports

Notes to editors:

Contact: Lisa Stacey, IWF Communications Manager +44 (0) 1223 203030 or +44 (0) 7929 553679.

1.    The just under 19,000 Hash List figure relates to the collation of Category ‘A’ images between June 2015 and October 2015. The CSAM was sourced from the Home Office CAID database.

2.    IWF have three categories of CSAM, A, B and C. A is the most severe.

3.    All other figures source IWF, for additional information: www.iwf.org.uk

 
About the IWF

The IWF is the Hotline to report:

    child sexual abuse content hosted anywhere in the world;
    criminally obscene adult content hosted in the UK;
    non-photographic child sexual abuse images hosted in the UK.

For more information please visit www.iwf.org.uk.

The IWF is part of the UK Safer Internet Centre, working with Childnet International and the South West Grid for Learning to promote the safe and responsible use of technology.
About the IWF URL list

We provide a list of webpages of child sexual abuse images and videos hosted abroad to companies who wish to voluntarily block or filter them for their users’ protection and to prevent the revictimsation of the child. The list is dynamic, updated twice daily with URLs added and removed.

For more information please visit https://www.iwf.org.uk/join-us/services.

 
Q&A
#WePROTECT November 2015.
Announcement: Total number of images added to the IWF Hash List – to Oct 2015.

The Home Office and IWF will announce at the #WePROTECT summit in Abu Dhabi on November 17 that a total just under 19,000 images (Category A) of child sexual abuse have been added to The Hash List (June to October 2015 period). These numbers relate to the phased implementation.
 
What is the phased implementation?

The IWF Hash List is a new service currently used by five Members. All eligible Members will soon be offered the hash list.

During the initial roll out to Facebook, Google, Microsoft, Twitter and Yahoo, each received a one off delivery of hashes to be used over seven weeks. The IWF Hash figure being announced at the summit, refers to this ‘phased implementation’.
 
Why seven weeks and a “phased implementation?”

There was an initial seven-week period allowing the IWF to work with the five companies to evaluate how the implementation went and to look at whether changes are required before being rolled out to all licensed IWF Members.
When will the IWF Hash List be available to all Members?

We hope that the full IWF Hash List will become operational to all Members will be available in the New Year – 2016.
What is a “hash”?

Not to be confused with a “hash tag”, a hash is a digital fingerprint of an image. There are billions of images on the internet and by creating a digital fingerprint of a single image, you can pluck it out, like finding a needle in a haystack.
 
What is the IWF Hash List and how does it work?

The IWF Hash List is a list of digital fingerprints of child sexual abuse images, which have been assessed by IWF analysts. The list of these digital fingerprints, or ‘hashes’ are used by licensed IWF Members to identify child sexual abuse images on their services. It is also used to prevent people from sharing, or uploading these images.
 
Does creating a Hash for the IWF Hash List need ‘human’ input?

Yes. A ‘human’ analyst needs to grade any new image, so the image must be viewed in order to give it an appropriate grade. This will always be necessary for new images.
 
What happens once a hashed image is found on an IWF Member’s service?

Each IWF Member is unique and as such, operates differently from another. The aim of identifying child sexual abuse images through hashes is to alert the Member in order to delete the image. IWF’s goal is to enable the online industry to remove the images wherever they are hosted.
 
Are there hashes of videos on the IWF Hash List?

We are able to offer hashes of images only. We are currently working closely with an IWF Member to trial video hashing software. We hope to offer this in the near future.
 
How is the IWF Hash List governed?

We have a licence to govern the use of the hash list. The hash list is available to IWF Members only, who have also passed our vetting checks. The IWF controls the compilation and dissemination of the hash list. The IWF Member licensed to download this list is responsible for its correct implementation.
 
What is the difference between the IWF URL List and IWF Hash List?

The IWF URL List is a list of web addresses containing one or more child sexual abuse images. The web address directly targets the criminal image. Eligible IWF Members download the URL list and deploy it to protect their customers from stumbling across the images or videos. All the while work is taking place to delete the image(s) or video(s).

The hash list is a list of digital fingerprints of child sexual abuse images. It enables eligible IWF Members to find those images on their services and remove, block/filter, or prevent their upload in the first place.

As with both services, the IWF compiles the lists and the company taking the list is responsible for its accurate deployment.

Both methods aim to protect online users and prevent the revictimisation of child sexual abuse victims worldwide.
Can any company use the IWF Hash List?

Many internet companies can make use of the hash list. They could be companies which provide services such as:

The upload, storage or search of images;

Filtering services;

Hosting services;

Social media and chat services;

Data centres;

Connectivity services.

All could make use of the hash list to protect their customers, protect their services from criminal abuse and prevent the repeated victimisation of people who have been sexually abused as children.
 
How do you measure “success”?

Given that the IWF is able to actively search for child sexual abuse images, every day we will be adding more hashes of images to the hash list.

The more hashes of child sexual abuse images on the IWF Hash List, the greater the chance the IWF and industry have at eliminating this material.

The greater number of internet companies using the IWF Hash List, the greater the chance of making the open internet a hostile place to share, view, download and trade the images of children being sexually abused.

The IWF Hash List enables the internet industry to actively protect their customers and help victims of child sexual abuse.

Victims’ images can be identified and removed more quickly, preventing them from being shared time and time again. Child sexual abuse images will be prevented from being uploaded to the internet in the first place. This gives internet companies the power to stop people from repeatedly sharing the images on their services. Internet users of all ages are protected from accidentally stumbling across the images online.

The IWF Hash List steps up efforts to make the internet a hostile place to share, view, download and trade images of children being sexually abused.

This brings us closer to eliminating child sexual abuse images online, worldwide.
 
What is CAID and how does this relate to the hash list?

The Child Abuse Image Database (CAID) delivers the Prime Minister’s July 2013 commitment to put in place ‘a single, secure database’ of indecent images of children. It is helping the police to prosecute offenders and safeguard the victims of abuse.

CAID went live at the end of 2014 and contains indecent images of children as well as hashes of those images. All police forces across the UK are due to be connected and using CAID by the end of 2015.

The Police have shared data from CAID with the IWF in order to assist our work with internet companies. Home Office’s new Child Abuse Image Database (CAID).