Original URL: http://www.theregister.co.uk/2009/09/07/ceop_report/
Investigators blind on P2P child abuse
Encryption on the rise too
Child abuse investigators plan to focus efforts on the use of peer to peer networks to distribute images, following a "wholesale move" in sex offenders' online behaviour .
The "vast majority" of paedophile activity online now takes place on public and private P2P platforms rather than commercial criminal websites, the Child Exploitation and Online Protection Centre (CEOP) said today.
"Our focus must now be on tackling this as a priority," the agency said in its annual report.
However, the report pointed to a major gap in intelligence about P2P networking by paedophiles, which is usually hidden from view and technically difficult to track.
"The scale and nature of P2P file sharing involving child abuse images is currently impossible to establish," CEOP said.
"It is a mode of abuse and image distribution that remains largely unseen to the general public and indeed to the victims themselves."
The agency received only two reports from under-18s of paedophile activity on P2P networks in the last year. It said it was reliant "to a very large extent" on reports from internet industry sources and other non-public sources.
Offenders are also increasingly turning to free encryption software in an attempt to evade detection, CEOP said, meaning reports take longer to process and analyse.
The strategy document said: "It has long been recognised that child sexual offenders practise deception, disguising and masking their activities to achieve their aims.
"This is increasingly pertinent with certain developments in technology that offenders have adapted and adopted to suit their purposes. The key developments that are particularly suited to being exploited by offenders are wireless technology (which we have reported on previously but about which we are now receiving increasing reports) and the use of 'off the shelf' encryption."
The problems caused to investigators by encryption include both scrambling of stored data using software such as TrueCrypt, and disguising their location and identity when transmitting data using anonymous networking techniques such as Tor. However, CEOP indicated it expects innocent everyday use of such technology to increase too.
"There is a general trend for people to become more aware of their privacy when interacting online and perhaps the likelihood that manufacturers will move towards everyday encryption as standard," it said.
Despite CEOP's observation that the vast majority of paedophiles exchange images via P2P, yesterday it was revealed that the Queen's Speech in October will include laws to force the minority of small ISPs who have not done so to implement the Internet Watch Foundation blocklist of abuse websites. Small firms providing less than five per cent of internet connections have declined to implement the IWF blocklist, citing costs and arguing it merely hides the problem.
CEOP nevertheless hopes ISPs will help with its new focus on P2P.
"Co-ordinated responses between governments, law enforcement agencies and the communications and internet industries, mutually aiming to disrupt an offender's activity and deny them access to the services they need, will be vital to the future of child protection in technically converged environments," it said. ®