Microsoft OneDrive tip-off leads to arrest over child abuse images

Suspect cuffed

Reducing the cost and complexity of web vulnerability management

Microsoft's tip-off has led to the arrest of a Pennsylvania man subsequently charged with receiving and sharing child abuse images.

The as-yet-unnamed suspect is alleged to have saved an indecent image involving a young girl to a OneDrive cloud storage account. Prosecutors allege in court documents that the suspect subsequently tried to send two illegal pictures through a Microsoft live.com email accounts.

A copy of the affidavit covering the case against the suspect was published through a site specialising in the publication of leaked police documents, the BBC reports.

Trooper Christopher Hill from the Pennsylvania State Police told the Beeb that the affidavit was genuine and confirmed that Microsoft's tip had instigated their investigation.

The latest case has obvious parallels with a tip-off by Google that led to the prosecution of a Texan suspect who is alleged to have used Gmail to distribute images of child abuse.

Microsoft's terms and conditions explicitly state that it "deploy[s] automated technologies to detect child pornography or abusive behavior that might harm the system, our customers, or others". Google's T&Cs are less precise on this point.

Both Google and Microsoft reportedly pass their concerns to the National Center for Missing and Exploited Children's CyberTipline, which act as a clearing house for reports about suspected child sexual exploitation in the US, rather than directly to the police.

Privacy advocates are broadly comfortable with this type of reporting, providing internet firms are upfront about what types of illegal activity might be targeted and allow for exceptions in line with applicable laws for activities such as research and reporting.

"Microsoft must do all that it can to inform users about what proactive action it takes to monitor and analyse messages for illegal content, including details of what sorts of illegal activity may be targeted," Emma Carr, acting director of the campaign group Big Brother Watch, told the BBC.

"It is also important that all companies who monitor messages in this way are very clear about what procedures and safeguards are in place to ensure that people are not wrongly criminalised, for instance, when potentially illegal content is shared but has been done so legitimately in the context of reporting or research."

Asked to comment on the Pennsylvania case, Microsoft released a statement explaining that it uses a technology called PhotoDNA that allows it to track the exchange of known images of child abuse based on the digital signature for each image or more precisely a "histogram describing how the colours change in intensity" within an image.

"Child pornography violates the law as well as our terms of service, which makes clear that we use automated technologies to detect abusive behaviour that may harm our customers or others," Mark Lamb of Microsoft's Digital Crimes Unit explained. "In 2009, we helped develop PhotoDNA, a technology to disrupt the spread of exploitative images of children, which we report to the National Center for Missing and Exploited Children as required by law."

Microsoft donated its PhotoDNA technology to the National Center for Missing & Exploited Children, which licensed the technology to Facebook, among others. Google also uses the technology alongside its own bespoke software to detect images of child abuse, the BBC adds. ®

Security and trust: The backbone of doing business over the internet

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.