Yes, Your Cloud Storage Provider Is Searching For Child Porn In Your Files
If you think data on your cloud storage system is private, you are wrong.
In fact, all the data you store on your cloud storage including pictures, emails and files is likely being searched for illegal content like child pornography. That’s because the companies that run these cloud services have to follow the PROTECT Our Children Act passed by Congress in 2008. The act mandates that service providers, although not required to search for illegal content, must report child pornography if they find it’s being stored by their customers. But, this act was passed before cloud services became popular so many consumers don’t actually know their cloud falls under the law.
And if you have illegal content on your cloud, companies like Verizon may report you to the authorities.
And that’s exactly what happened on March 1 when William Steven Albaugh was arrested after he backed up his computer to Verizon’s online backup service. It turns out, Verizon used image-matching technology to detect that the 67-year-old deacon of a Catholic church was storing pornographic images and videos of children on their cloud.
Verizon is one of 1,000 Electronic Service Providers set up to report incidents of child pornography to the CyberTipline. Cloud storage is not the only place images can be searched. Electronic service providers also include hosting companies (like GoDaddy), social media (like Facebook) and email providers (like AOL), according to the National Center for Missing & Exploited Children.
John Shehan, the Executive Director of the Exploited Child Division for the NCMEC, said that the group’s CyberTipline has been receiving tips since 1998, when Congress authorized them to receive reports of sexual exploitation.
“To date we’ve had 1.8 million reports that have come through- 63% of those reports have come from Electronics Service Providers,” Shehan said.
How do they do it? The NCMEC provides companies with the tools to search for child exploitation, called photo DNA. The NCMEC has made available 16,000 images that contain strict criteria for companies to use in order to run comparison searches. If a match exists, they report it to the NCMEC.
Does this include those innocent bathtub pictures you have of your kids? John Shehan, the Executive Director of the Exploited Child Division for the NCMEC said, no, that’s not even close. The images in the commercial provider database has been checked by three criteria: it contains children who are prepubescent or infants, those children are being subjected to sexual abuse in the photos, and the children have been previously identified by law enforcement as victims.
Verizon is not doing anything that they haven’t told their customers, right? It’s all spelled out in their terms of service agreement–and we all read every word of that?
According to Verizon’s backup storage terms and conditions: “Verizon reserves the right to access your Storage Service account at any time with or without prior notice to you and to disable access to or remove content which in our sole discretion is or reasonably could be deemed unlawful.”
Verizon isn’t the only cloud provider searching your files. Shehan said that there are about a dozen companies doing it, but because of a confidentiality clause, the NCMEC can’t disclose who the companies are unless they are proactively talking about it. Shehan said that there are only two that are openly talking about the photo DNA: Facebook and Microsoft.
That means that there are many others that aren’t telling you that they are searching your files. So if you thought your data was private on that so called “free” cloud, think again.