Microsoft OneDrive tip-off leads to arrest over child abuse images
Microsoft's tip-off has led to the arrest of a Pennsylvania man subsequently charged with receiving and sharing child abuse images.
The as-yet-unnamed suspect is alleged to have saved an indecent image involving a young girl to a OneDrive cloud storage account. Prosecutors allege in court documents that the suspect subsequently tried to send two illegal pictures through a Microsoft live.com email accounts.
A copy of the affidavit covering the case against the suspect was published through a site specialising in the publication of leaked police documents, the BBC reports.
Trooper Christopher Hill from the Pennsylvania State Police told the Beeb that the affidavit was genuine and confirmed that Microsoft's tip had instigated their investigation.
The latest case has obvious parallels with a tip-off by Google that led to the prosecution of a Texan suspect who is alleged to have used Gmail to distribute images of child abuse.
Microsoft's terms and conditions explicitly state that it "deploy[s] automated technologies to detect child pornography or abusive behavior that might harm the system, our customers, or others". Google's T&Cs are less precise on this point.
Both Google and Microsoft reportedly pass their concerns to the National Center for Missing and Exploited Children's CyberTipline, which act as a clearing house for reports about suspected child sexual exploitation in the US, rather than directly to the police.
Privacy advocates are broadly comfortable with this type of reporting, providing internet firms are upfront about what types of illegal activity might be targeted and allow for exceptions in line with applicable laws for activities such as research and reporting.
"Microsoft must do all that it can to inform users about what proactive action it takes to monitor and analyse messages for illegal content, including details of what sorts of illegal activity may be targeted," Emma Carr, acting director of the campaign group Big Brother Watch, told the BBC.
"It is also important that all companies who monitor messages in this way are very clear about what procedures and safeguards are in place to ensure that people are not wrongly criminalised, for instance, when potentially illegal content is shared but has been done so legitimately in the context of reporting or research."
Asked to comment on the Pennsylvania case, Microsoft released a statement explaining that it uses a technology called PhotoDNA that allows it to track the exchange of known images of child abuse based on the digital signature for each image or more precisely a "histogram describing how the colours change in intensity" within an image.
"Child pornography violates the law as well as our terms of service, which makes clear that we use automated technologies to detect abusive behaviour that may harm our customers or others," Mark Lamb of Microsoft's Digital Crimes Unit explained. "In 2009, we helped develop PhotoDNA, a technology to disrupt the spread of exploitative images of children, which we report to the National Center for Missing and Exploited Children as required by law."
Microsoft donated its PhotoDNA technology to the National Center for Missing & Exploited Children, which licensed the technology to Facebook, among others. Google also uses the technology alongside its own bespoke software to detect images of child abuse, the BBC adds. ®
Sponsored: The Nuts and Bolts of Ransomware in 2016