New Minor Safety Obligations for Online Services: REPORT Act Expands Child Sexual Exploitation Reporting Requirements

New Minor Safety Obligations for Online Services: REPORT Act Expands Child Sexual Exploitation Reporting ...  Wilson Sonsini

New Minor Safety Obligations for Online Services: REPORT Act Expands Child Sexual Exploitation Reporting Requirements

Child Sexual Abuse Material and Online Child Sexual Exploitation

Despite national efforts over the past decades, child sexual abuse material (CSAM) and online child sexual exploitation are still unfortunately prevalent. In 2023, the National Center for Missing and Exploited Children (NCMEC) received over 35.9 million reports of suspected CSAM.1This is more than a 20 percent increase over the previous three years. Notably, NCMEC’s 2023 report highlighted concern about the significant increase in reports involving generative artificial intelligence, noting that the Center received 4,700 reports of CSAM or other sexually exploitative content related to these technologies.

The REPORT Act

On May 7, 2024, President Biden signed into law the Revising Existing Procedures on Reporting via Technology Act (REPORT Act). The REPORT Act is clearly aimed at addressing these trends, allowing NCMEC to obtain appropriate vendor support, requiring longer preservation so that NCMEC has adequate time to address reports, and increasing penalties to ensure that providers make reports when required under law.

Key Provisions of the REPORT Act

  1. Limitations on Liability

    The REPORT Act extends the limited liability provisions to two new categories of reporters: NCMEC-contracted vendors and individuals depicted as minors in CSAM.

    • Vendors hoping to benefit from this exception must be “contractually retained and designated by NCMEC” to support NCMEC’s duty to reduce the existence and distribution of CSAM under 34 U.S.C. § 11293(b)(1)(K). This limited liability protection will expand NCMEC’s ability to obtain additional support for its mission by contracting with designated vendors to handle certain functions.
    • Individuals who are depicted as minors in CSAM can also benefit from the limited liability provisions when reporting to NCMEC. An individual who is or was depicted as a minor in CSAM (even if they are an adult at the time of the report) may now report CSAM containing their own images without fear of prosecution arising from the report, so long as they are not engaged in negligent, reckless, intentional, or malicious misconduct. This protection also extends to representatives of that individual, which can include the individual’s parent, legal guardian, legal representative, or a mandated reporter, so long as that individual is not engaged in sexual exploitation of children.
  2. Expansion of Reporting Requirements

    The REPORT Act expands the situations in which providers are required to report apparent violations. Currently, reports are required for violations of sections related to sexual exploitation of children, child trafficking, CSAM, misleading domain names, and production of CSAM for importation into the United States.2

    NCMEC may, within 180 days, issue guidelines to providers regarding identification of content that may indicate child sex trafficking or enticement in order to aid in providers’ compliance with this part.

  3. Preservation

    Providers who submit reports to NCMEC are required to preserve any visual depictions, data, or other digital files that are reasonably accessible and may provide context or additional information about the reported material or person.

    The REPORT Act extends the time frame for preserving information following a report from 90 days to one year. The additional time will give law enforcement a more realistic timeframe for requesting and obtaining data to support criminal investigations.

    Additionally, the Act allows providers who submit a report to voluntarily preserve the contents in the report for longer than one year for the purpose of preventing or reducing online child sexual exploitation.

  4. Cybersecurity Obligations

    The REPORT Act adds two cybersecurity obligations.

    • First, any provider who has an obligation to preserve NCMEC report materials must secure that information in a manner that is consistent with the most recent version of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) or any successor thereto. Providers must ensure relevant compliance with the CSF within one year.
    • Second, NCMEC-contracted vendors must implement cybersecurity procedures for CSAM, including:
      • securing the CSAM in a manner consistent with the most recent NIST CSF or any successor thereto;
      • minimizing employee access to CSAM;
      • employing end-to-end encryption or a technological equivalent for CSAM storage and transfers;
      • undergoing an independent annual cybersecurity audit to ensure the CSAM is secured; and
      • promptly addressing any issues identified in the audit.
  5. Increased Penalties

    The REPORT Act also modifies the penalties associated with providers that “knowingly and willfully” fail to make a required report.

    For initial violations, the Act raises the fines from $150,000 to $600,000 (for providers with 100 million or less monthly active users) or $850,000 (for providers with more than 100 million monthly active users).

    For subsequent violations, the Act raises the fines from $300,000 to $850,000 (for providers with 100 million or less monthly active users) or $1,000,000 (for providers with more than 100 million monthly active users).

Key Takeaways

The REPORT Act joins a wave of recent regulations showcasing the increased attention to minor safety online—from updates to the Children’s Online Privacy Protection Act Rule, to a sweep of new laws governing minors on social media platforms, to comprehensive legislation in the EU addressing minors

SDGs, Targets, and Indicators

SDGs Targets Indicators
SDG 16: Peace, Justice, and Strong Institutions Target 16.2: End abuse, exploitation, trafficking, and all forms of violence against and torture of children Indicator: Number of reports of suspected child sexual abuse material (CSAM) and online child sexual exploitation
SDG 16: Peace, Justice, and Strong Institutions Target 16.3: Promote the rule of law at the national and international levels and ensure equal access to justice for all Indicator: Number of cases prosecuted and penalties imposed for failing to report CSAM
SDG 16: Peace, Justice, and Strong Institutions Target 16.9: By 2030, provide legal identity for all, including birth registration Indicator: Number of individuals depicted as minors in CSAM who report their own images without fear of prosecution
SDG 16: Peace, Justice, and Strong Institutions Target 16.10: Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements Indicator: Compliance with reporting protocols and data retention policies by providers
SDG 16: Peace, Justice, and Strong Institutions Target 16.a: Strengthen relevant national institutions, including through international cooperation, for building capacity at all levels, in particular in developing countries, to prevent violence and combat terrorism and crime Indicator: Implementation of cybersecurity procedures for CSAM by NCMEC-contracted vendors

1. Which SDGs are addressed or connected to the issues highlighted in the article?

The issues highlighted in the article are connected to SDG 16: Peace, Justice, and Strong Institutions. This SDG focuses on promoting peace, justice, and strong institutions, which includes addressing abuse, exploitation, trafficking, and violence against children.

2. What specific targets under those SDGs can be identified based on the article’s content?

Based on the article’s content, the specific targets under SDG 16 that can be identified are:

  1. Target 16.2: End abuse, exploitation, trafficking, and all forms of violence against and torture of children
  2. Target 16.3: Promote the rule of law at the national and international levels and ensure equal access to justice for all
  3. Target 16.9: By 2030, provide legal identity for all, including birth registration
  4. Target 16.10: Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements
  5. Target 16.a: Strengthen relevant national institutions, including through international cooperation, for building capacity at all levels, in particular in developing countries, to prevent violence and combat terrorism and crime

3. Are there any indicators mentioned or implied in the article that can be used to measure progress towards the identified targets?

Yes, there are indicators mentioned or implied in the article that can be used to measure progress towards the identified targets. These indicators include:

  • Number of reports of suspected child sexual abuse material (CSAM) and online child sexual exploitation
  • Number of cases prosecuted and penalties imposed for failing to report CSAM
  • Number of individuals depicted as minors in CSAM who report their own images without fear of prosecution
  • Compliance with reporting protocols and data retention policies by providers
  • Implementation of cybersecurity procedures for CSAM by NCMEC-contracted vendors

4. SDGs, Targets, and Indicators

SDGs Targets Indicators
SDG 16: Peace, Justice, and Strong Institutions Target 16.2: End abuse, exploitation, trafficking, and all forms of violence against and torture of children Indicator: Number of reports of suspected child sexual abuse material (CSAM) and online child sexual exploitation
SDG 16: Peace, Justice, and Strong Institutions Target 16.3: Promote the rule of law at the national and international levels and ensure equal access to justice for all Indicator: Number of cases prosecuted and penalties imposed for failing to report CSAM
SDG 16: Peace, Justice, and Strong Institutions Target 16.9: By 2030, provide legal identity for all, including birth registration Indicator: Number of individuals depicted as minors in CSAM who report their own images without fear of prosecution
SDG 16: Peace, Justice, and Strong Institutions Target 16.10: Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements Indicator: Compliance with reporting protocols and data retention policies by providers
SDG 16: Peace, Justice, and Strong Institutions Target 16.a: Strengthen relevant national institutions, including through international cooperation, for building capacity at all levels, in particular in developing countries, to prevent violence and combat terrorism and crime Indicator: Implementation of cybersecurity procedures for CSAM by NCMEC-contracted vendors

Copyright: Dive into this article, curated with care by SDG Investors Inc. Our advanced AI technology searches through vast amounts of data to spotlight how we are all moving forward with the Sustainable Development Goals. While we own the rights to this content, we invite you to share it to help spread knowledge and spark action on the SDGs.

Fuente: wsgr.com

 

Join us, as fellow seekers of change, on a transformative journey at https://sdgtalks.ai/welcome, where you can become a member and actively contribute to shaping a brighter future.