End-to-end encryption (E2EE) and online child sexual abuse

Differing opinions on how end-to-end encryption should be used

Privacy advocates tend to emphasise the importance of end-to-end encryption as a tool for protecting users' personal and sensitive information from unauthorised access. They argue that this level of encryption is essential for safeguarding the right to privacy in digital communications. By ensuring that only the communicating parties can access the content of messages, end-to-end encryption protects against potential surveillance and data breaches. This is seen as crucial for maintaining individual freedoms and for the security of sensitive communications, such as those involving journalists, activists and political dissidents.

Child safety advocates tend to express concern about the potential for end-to-end encryption to be misused by individuals engaging in illegal activities, such as the distribution of child sexual abuse imagery. They argue that end-to-end encryption can make it more challenging for law enforcement and child protection agencies to detect and intervene in such cases. These organisations advocate for balanced approaches that protect children's safety online without compromising privacy. They often call for collaboration with tech companies to find solutions that can help monitor and prevent illegal activities while still upholding fundamental privacy rights.

We believe that privacy online is vital but that there is a way of keeping the benefits of end-to-end encryption while still protecting children and stopping the circulation of child sexual abuse images and videos.

What’s the argument about end-to-end encryption?

1. Understanding the Balance: Child Safety and End-to-End Encryption

In an age where digital privacy is paramount, end-to-end encryption (E2EE) has become a standard in online communication. However, this advancement brings complex challenges in protecting children from online sexual abuse which we aim to share here.

2. The Hidden Risks of End-to-End Encryption

While E2EE is important for private communication, it inadvertently creates a shield for perpetrators of child sexual abuse. By encrypting messages so that only the sender and receiver can access them, E2EE makes it harder for authorities and platforms to detect and intervene in the spread of child sexual abuse material (CSAM).

3. The Privacy Argument

Advocates of end-to-end encryption argue that it is essential for protecting users' privacy and cannot be changed in any way. They argue that detecting CSAM in an E2EE environment isn't possible and would break end-to-end encryption. However, many platforms which offer E2EE messaging services also detect viruses or enable images from external links to be sent on their platforms. This technology could also be used to detect criminal images of child sexual abuse. We at the IWF believe that privacy online is vital but that there is a way of keeping the benefits of end-to-end encryption while still protecting children and stopping the circulation of child sexual abuse images and videos.

4. Insights from Suojellaan Lapsia (Protect Children)

The groundbreaking report by Suojellaan Lapsia (Protect Children) sheds light on how encrypted platforms are increasingly being used by offenders to exploit children. This Finnish child protection organisation's research provides alarming statistics and case studies, illustrating the urgent need for effective child protection measures in E2EE environments.

5. Global Efforts in Balancing Encryption and Child Safety

Organisations worldwide, including IWF and the National Center for Missing & Exploited Children (NCMEC), are at the forefront of addressing the risks associated with E2EE. Our extensive research and advocacy highlight the growing prevalence of online child sexual abuse and the critical need for a balanced approach to encryption technology.

6. Implementing Effective Safeguards in E2EE Platforms

The key to child safety in E2EE environments lies in implementing robust safeguards. This involves developing innovative technologies that can identify CSAM while respecting user privacy. The UK Government's approach to E2EE and child safety provides a blueprint for such solutions, advocating for a balance between privacy and protection.

7. Empowering Parents and Guardians in the Digital Age

In the digital landscape, the role of parents and carers is more crucial than ever. Educating them about the risks of E2EE and how to protect their children online is imperative. Resources, including our guide for parents, offer comprehensive information and practical advice on navigating these challenges. From understanding the nuances of E2EE to learning how to have open conversations with children about online safety, this section empowers caregivers with the knowledge and tools they need.

Read more from IWF's policy team on IWF's position on E2EE and what we're calling for from the government and the tech sector.

A guide from IWF and the UK Home Office for parents and carers on E2EE and keeping children safe online.

Latest research from Finnish non-profit, Protect Children, showing that abusers use encrypted services to contact children.

America's National Center for Missing and Exploited Children's stance on end-to-end encryption and child safety.

NSPCC and child sexual abuse survivors urge tech companies to protect children in online and E2EE environments.

The UK Home Office provide key facts and stats on end-to-end encryption and risks to child safety.

A research paper from the European Union Parliament about E2E encryption and protection of children online.

IWF lays out its position on Meta's decision to roll out end-to-end encryption on its platforms.

Image of Hanny Farid with Encryption vs. Privacy written over the top

Professor Hanny Farid of the University of California, Berkeley in IWF's In Conversation With podcast on E2EE.

IWF CTO Dan Sexton looks at how end-to-end encryption works and how it could hinder the detection of child sexual abuse imagery in this podcast episode.