End-to-End Encryption (E2EE) and Online Child Sexual Abuse Imagery

Every year millions of child sexual abuse images are traded online. Our analysts see it daily. It’s hard to believe, but whole websites are dedicated to sharing and selling horrific images of children being sexually abused.

Pictures and videos showing children being raped, tortured and sexually abused have increased by 1,800% in the past decade. And that’s just what we’ve identified in the open, publicly-accessible parts of the internet. The USA’s National Centre for Missing and Exploited Children received more than 29 million reports from tech companies of suspected child sexual abuse material in 2021.

In 2022, we saw a doubling of the most severe child sexual abuse imagery. Many of these children don’t have a voice; they cannot simply report their suffering to a tech executive and request that their imagery is removed before anyone has a chance to see it.

We’re calling on companies to ensure that if they already use, or are about to deploy, end-to-end encryption on their messaging services, they also introduce safeguards to prevent the spread of online child sexual abuse material.

We must all do better: IWF, tech companies, and Governments. This is our campaign to raise awareness amongst politicians, senior tech executives and parents about the dangers of technology companies with large user bases of children introducing end-to-end encryption on their platforms.

We want to:

Explain, clearly, the differences between standard encryption (which we believe is a good thing) and end-to-end encryption (which, if implemented in the wrong way, could pose a huge threat to the safety of children).
To make a powerful case to politicians about the need to ensure that we tackle child sexual abuse wherever it occurs online. This includes the open web, private messaging, and dark web.
To request that technology companies explore all possible avenues to protect user privacy, before taking the decision to introduce end-to-end encryption, and if they do introduce end-to-end encryption ensure that there are appropriate methods to identify, detect and report child sexual abuse.
Explain to parents the potential dangers to children of applications that are end-to-end encrypted.

End-to-end Encryption: A guide for parents and carers

In conjunction with our partners at the Home Office, we've developed a resource for parents and carers offering advice and guidance on end-to-end encryption and keeping your child safe online.

Also available in Welsh.

Download in English

Online privacy is important to everyone, and standard encryption plays a role in protecting that. Without it, many important online services would not work. But end-to-end encryption is different. It goes further. It could mean that children are at greater risk of sexual exploitation.

For example - on social media, it could mean messages which are end-to-end encrypted can only ever be seen by the sender and receiver. Theoretically, that sounds fine. But without additional safeguards, there is no opportunity, even for the company providing the messaging platform, to spot and prevent criminal content such as child sexual abuse imagery from being shared.

Technologies to safeguard children and privacy in end-to-end encrypted services exist now – so let’s use them.

We’re calling on companies to ensure that if they already use, or are about to deploy, end-to-end encryption on their messaging services, they also introduce safeguards.

This would mean that messages remain private AND children are also safer so that child sexual abuse content is not given a free pass to be shared and traded in private.

These technologies are no more obtrusive than anti-virus software or a spam filter – things which most people already use and benefit from every day.

The use of this technology should be restricted to the worst kinds of criminal content.

To ensure that these safeguarding solutions are used properly, in a privacy-safe way, they must be deployed alongside a legislative framework which keeps their use limited to detecting child sexual abuse material only. Material which no one should have the right to share.

We can help tech companies balance privacy and child protection.

Tech companies have a great opportunity to take a balanced approach to user privacy and child safety in social media and messaging platforms. And we can help them.

We’re here to support technology companies to use either existing safeguarding technologies, or to develop their own privacy-safe tools to prevent the sharing of child sexual abuse material within end-to-end encrypted services.

We’re here to support technology companies to use existing technical tools in environments that are not end-to-end encrypted and help develop tools for end-to-end encrypted environments which are able to detect child sexual abuse or prevent it from circulating in the first place.

We would like to see tech industry leaders exploring alternative methods to improve user privacy before adopting end-to-end encryption, at least until they can develop effective automated detection and child safety tools compatible with end-to-end encryption.

Read our Journalists' Briefing.

End-to-end Encryption in IWF News

Encryption Vs. Privacy: In Conversation with Professor Hany Farid

Speaking exclusively to the IWF as part of its new podcast series, Prof Farid, said children are facing dangers online, and that politicians need to step in to make sure tech companies are incentivised to bring in better child protection measures.

31 July 2022 Blog

Not all Encryption is the same: social media is not ready for End-to-End Encryption

14 March 2022 Blog

Tech companies must not encrypt platforms unless guarantees can be made on child safety, MPs warn

13 September 2021 Blog

Should encryption be curbed to combat child abuse?

19 May 2021 Blog

End-to-End Encryption