The Online Sexual Abuse and Exploitation of Children (OSAEC) has intensified over the pandemic to become one of the Internet’s most serious dangers, especially in the Philippines. A study published in 2022 found that 20% of Internet-using children aged 12 to 17 in the country were victims of online sexual exploitation and abuse in 2021.
Telco giant PLDT-Smart took the initiative to address this problem and worked with cybersecurity firm Palo Alto to produce a first-of-its kind child protection platform that prevents access to known child sexual abuse and exploitation materials (CSAEM). As revealed in a virtual briefing on Tuesday, August 2, the software has blocked over 1 billion attempts from subscribers to access CSAEM since the platform’s launch in November 2021.
Through Palo Alto’s firewalls and cloud-delivered security services including advanced URL filtering, the customized platform analyzes user searches. From there, it compares a user’s requested URL to one of more than 300,000 URLs leading to CSAEM content in a blocked list. If a match is found, the platform will redirect the user to landing page informing them they cannot access the illegal content.
Angel Redoble, FVP and chief information security officer at PLDT-Smart, pointed out that a challenging aspect of addressing OSAEC in the Philippines is working within the nation’s data privacy laws. While these laws protect user’s data from being accessed, they also unintentionally defend bad actors. To ensures their subscribers’ privacy is preserved, the companies’ child protection platform automates the process.
“The marching order is very clear: we could not allow our people to download Excel files containing the links as well as checking the links because that itself is a violation of the law. [That’s why] everything is done in an automated manner. Machine to machine. System to system,” explained Redoble.
“It’s very alarming for us, especially that we are all parents to our children. So with this project, at least we are able to do our part with this partnership to lessen the access that is being made to child sexual abuse materials and prevent those who are sick and mind from accessing these,” he added.
The number of interrupted tries to access CSAEM, however, only hints at the gravity of OSAEC problem in the country. PLDT and Smart noted that even though their platform blocks standard access attempts, it cannot intercept searches concealed by a virtual private network (VPN). It also is ineffective at preventing access to content shielded by end-to-end encryption or those sent through private messages.
The PLDT and Smart group asserted they do not confine their protection efforts to this platform. The companies partner with local and international child protection organizations, help roll out educational programs for Filipino students and parents, as well support the recently passed Anti-OSAEC bill.
Among other effects, the Anti-OSAEC bill institutionalizes the removal of websites that host CSAEM, imposes stricter penalties against parties involved in child abuse cases, and increases the accountability of technology companies — even electronic service companies like telecoms — in OSAEC cases.
“We recognize that [children] are among the most active, yet most vulnerable end-users of our wired and wireless connectivity services. We have thus, made child protection a part of our cybersecurity strategy, technology investments, and continuing solutions to embed safety by design into our products and services,” said Cathy Yang, PLDT’s VP and group head of corporate communications, during the briefing.
