Skip to main content

Like Google, Microsoft Scans Accounts for Illegal Images

Hot on the heels of Google ratting out a man for sending illegal images by email, a new report has emerged saying that Microsoft discovered child abuse images in a Pennsylvania man’s OneDrive account. He is now in a county correctional facility waiting to face preliminary court that takes place next week. The man has not entered a plea.

BBC News reports that the images were acquired through the Kik Messenger app. He also traded and received “images of child pornography on his mobile cellular device.” The report doesn’t state how Microsoft became involved, but the user presumably has a Windows Phone, iOS or Android device that backs up images to Microsoft’s OneDrive cloud storage.

Microsoft contacted the National Center for Missing and Exploited Children's CyberTipline after the image of a young girl was detected. According to Microsoft’s terms and conditions (3.6), it uses “automated technologies to detect child pornography or abusive behavior that might harm the system, our customers, or others.” Users are not allowed to “engage in any activity that exploits, harms, or threatens to harm children.”

"Child pornography violates the law as well as our terms of service, which makes clear that we use automated technologies to detect abusive behavior that may harm our customers or others," Mark Lamb from Microsoft’s Digital Crimes Unit told the BBC. "In 2009, we helped develop PhotoDNA, a technology to disrupt the spread of exploitative images of children, which we report to the National Center for Missing and Exploited Children as required by law."

PhotoDNA is integrated into the Child Exploitation Tracking System, or CETS. Microsoft explains that it’s a “collaborative global law enforcement program supported by Microsoft technology for child pornography investigations.” PhotoDNA breaks an image down into a grid and creates a histogram, thus creating the equivalent of a fingerprint. This allows Microsoft to catch flagged images without its staff having to actually look at the picture.

This is not the first time Microsoft has called upon the authorities over child porn photos. Back in May, a Largo, Florida man was accused of storing child pornography on his OneDrive account. The man allegedly uploaded around 3,046 “child erotica” images. Microsoft discovered the images back in March and immediately contacted the National Center for Missing and Exploited Children in Alexandria.

The Tampa Bay Times said that the images stored on OneDrive were “elaborately produced” by websites that are no longer active.

Just recently, Google briefly explained how it detects child pornography in emails without getting into details.

"Each child sexual abuse image is given a unique digital fingerprint which enables our systems to identify those pictures, including in Gmail," a Google spokesperson told AFP in an email. "It is important to remember that we only use this technology to identify child sexual abuse imagery -- not other email content that could be associated with criminal activity (for example using email to plot a burglary).”

Federal law requires that large media companies like Facebook, Google and Microsoft report possible child pornography, whether it’s posted in social media, stored in a virtual locker or stored in an email.

Follow Kevin Parrish @exfileme. Follow us @tomshardware, on Facebook and on Google+.

  • amk-aka-Phantom
    Today CP, tomorrow pirated content, then anything deemed unsafe by the government. Still think cloud storage is a good idea?
    Reply
  • pills161
    @amk, oh brother take your tinfoil hat off already. Glad they are doing this, your pirated software and other "harmful" things are worth a CP bust.
    Reply
  • Epemetheus
    Hide yo kids, hide yo wife, the cloud is ALWAYS watching you!
    Reply
  • sykozis
    Today CP, tomorrow pirated content, then anything deemed unsafe by the government. Still think cloud storage is a good idea?
    So, you'd prefer that these sickos are left to harm children? I have no issue at all with MS and Google scanning my uploaded files and e-mail, if it gets pedophiles off the streets and into prisons where they belong....
    Reply
  • fixxxer113
    This is not as invasive as I thought it was. We should all relax a bit. The system has certain photos already stored, that are deemed CP by the law enforcment agencies. It's not like there is someone at Microsoft looking at all of your photos. It's just like doing a checksum. If one of the photos that passes through the system matches one of the CP flags, the bells will ring. It's like the airports. People grabbing you all over with no valid reason is bad, but going through a metal detector is not that invasive. You know beforehand that metal objects will not go through. Or think of it like a drug sniffing dog. I don't mind it, nobody opens my bags and if there is a chance one of the passengers is carrying drugs, then by all means sniff away!
    Reply
  • virtualban
    I don't want the privacy of people (and mine) to be invaded even for a nuclear threat. I need my safety, but I want my privacy. Finding the right balance is hard. Right now, though, privacy invasion is getting out of hand. Maybe it will get better in the future, but surely it won't if we, the ones giving up freedom for security, don't do something about it.
    Reply
  • JeanLuc
    Boo hoo to all those moaning about Microsoft and Google "invading your privacy". Firstly it's a free service they offer and two it's clearly stated in the T&C's that they can do this which all their clients agreed to when they signed up for the FREE service.

    It should also go without saying that there is no excuse for viewing child pornography, its disgusting and those who do it should be castrated and kept out of main stream society.

    If your really concerned about your privacy sign up for a paid or alternative service were you privacy is protected from provided.
    Reply
  • One of Microsoft's arguments against using gmail was that google scanned your emails, and microsoft doesn't (scroogled). That argument is now invalid.

    While I like what they have done, it's a slippery slope. Like Norton deleting .exe that it can't find in it's database. It's not a virus, dummy, it's a software my friend made. Eventually I could see microsoft or google deleting those emails "for your safety". Goodbye all indie content.
    Reply
  • atavax
    It is kind of odd that Google explained that plotting burglary is ok and won't be detected.... They really want burglars to use their software...
    Reply
  • Steveymoo
    Microsoft: "Me too! Me too!!!!!!"
    Reply