IWF challenges misconceptions about child abuse detection technologies

The Internet Watch Foundation (IWF) has published a new analysis aimed at countering what it describes as persistent misconceptions about technologies used to detect child sexual abuse material (CSAM) online.

According to the organisation, public discussions increasingly focus on privacy and surveillance concerns while overlooking the role these technologies play in identifying and removing illegal content at scale.

The article argues that detection tools are not experimental technologies but rather adaptations of established cybersecurity methods already used throughout the digital ecosystem.

The IWF highlights hash matching technologies, which compare the mathematical signatures of files against databases of known illegal content, as a long-established and widely used approach to content detection.

The IWF stresses that these systems do not involve mass surveillance and do not require access to the contents of private communications.

The organisation also points to perceptual hashing technologies such as PhotoDNA, which can identify known abuse images even when files have been modified or resized. Similar approaches are commonly used in cybersecurity for malware detection, phishing prevention and file verification.

According to the IWF, the principles behind child protection technologies are therefore consistent with existing online security practices.

The article further argues that no single technology can effectively address the challenge of child sexual abuse material online. Instead, platforms require multiple layers of protection, including known-content detection, identification of previously unknown material, behavioural analysis, reporting mechanisms and human moderation.

The IWF warns that limiting detection capabilities would reduce the ability of platforms and law enforcement authorities to identify abuse and protect victims.

Why does it matter?

The publication contributes to an increasingly important policy debate over how to balance privacy, encryption and child protection online. As governments consider new online safety laws and content moderation requirements, questions about whether detection technologies constitute surveillance have become central to discussions involving regulators, technology companies and civil society groups.

The IWF’s intervention also highlights a broader governance challenge. While privacy advocates warn against measures that could weaken encryption or expand monitoring, child protection organisations argue that effective detection capabilities remain essential for identifying abuse, removing illegal content and supporting law enforcement investigations. The outcome of these debates could shape future approaches to online safety, platform accountability and digital rights worldwide.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

OECD examines young people’s social media use

The OECD has warned that young people are growing up in a social media age that offers opportunities for creativity and connection, but also creates risks for learning, well-being and online safety.

In a new Digital Economy Paper, ‘Growing up in the social media age’, the OECD reviews research on young people’s social media use and analyses data from the 2022 Programme for International Student Assessment. The paper focuses mainly on 15-year-olds and examines links between social media use, academic outcomes, creative thinking and policy responses.

The OECD says social media is almost universal among 15-year-olds. Around 95% report browsing social media daily, while 88% report communicating or sharing digital content on social platforms. On average, 15-year-olds across the OECD spend almost 35 hours a week on social media.

The paper says the evidence on social media and well-being remains complex. Excessive use is often associated with negative outcomes, but correlations do not prove that social media directly causes lower academic performance, poorer mental health or reduced well-being.

The OECD finds that moderate social media use is associated with stronger academic performance than either no use or heavy use. Mathematics performance is highest among students who use social media moderately, while performance tends to decline as time spent on social media exceeds 3 hours a day.

Creative thinking follows a similar pattern. Scores peak at moderate levels of browsing social media, usually one to three hours per day, but decline when students spend more than one hour communicating or sharing digital content.

The paper also notes that school mobile phone bans are becoming more common, but implementation remains difficult. Across the OECD, 29% of 15-year-olds in schools that ban mobile phones still reported using their phone at school several times a day.

The OECD says governments need balanced policies that help young people benefit from social media while protecting them from risks, and that safeguards should also respect freedom of expression, privacy, innovation and fair competition.

Why does it matter?

The OECD paper is useful because it pushes the debate beyond a simple ‘ban or allow’ framing. It shows that young people’s social media use is widespread and often excessive, yet moderate use can be associated with positive outcomes. For policymakers, the challenge is to design rules on school phone use, age limits and platform obligations that protect children without cutting them off from digital participation, creativity and social connection.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Digital harms and child protection drive major Criminal Code reforms in Canada

Canada has enacted new criminal justice legislation aimed at strengthening protections for children, restoring mandatory minimum sentences for serious sexual offences and expanding legal tools to combat online exploitation and digital abuse. The Protecting Victims Act has been presented as a major update to the Criminal Code.

The law increases penalties for offences including sexual abuse, voyeurism, sextortion and the non-consensual sharing of intimate images, including AI-generated or digitally manipulated sexual deepfakes. Authorities have also been given enhanced powers to pursue offenders operating across borders.

Additional provisions extend investigative timeframes and require internet service providers to retain certain data for longer periods, improving access to evidence in cases involving online exploitation and abuse. The legislation also introduces a new criminal offence targeting the recruitment of minors into criminal activity.

Officials said the reforms are intended to strengthen enforcement capabilities and promote greater consistency in sentencing for serious offences, while preserving limited judicial discretion where mandatory penalties would be clearly disproportionate.

Why does it matter?

The reforms reflect how child protection laws are evolving to address increasingly digital forms of exploitation. Offences such as sextortion, non-consensual image sharing and AI-generated sexual deepfakes have created new challenges for law enforcement and courts, requiring legal frameworks that can respond to technology-enabled harms as effectively as traditional offences.

The legislation also highlights a broader policy trend towards stronger investigative powers and cross-border enforcement cooperation in cases involving online abuse. As criminal activity increasingly relies on digital platforms and international networks, governments are seeking new tools to obtain evidence, identify offenders and protect victims while balancing privacy, due process and judicial oversight.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Malaysia moves to strengthen laws against AI-enabled crimes

Malaysia is moving to strengthen its legal framework to address AI-enabled offences, including deepfakes, identity impersonation and AI-generated child sexual abuse material, according to Digital Minister Gobind Singh Deo.

Speaking in the Dewan Rakyat, Gobind said Malaysia already has legal protections in several areas, particularly those involving children, but that the country’s regulatory framework must evolve to keep pace with emerging AI-related risks, especially those affecting young people.

The minister said the government is pursuing a two-pronged strategy that combines safety-by-design measures during AI development with stronger enforcement mechanisms when AI-generated content violates existing laws.

Gobind added that the government is consulting academics, religious leaders and other stakeholders as part of its review process to ensure future regulations remain effective as AI technologies continue to evolve.

Why does it matter?

The initiative reflects a growing challenge facing governments worldwide: adapting legal systems to address harms created or amplified by AI technologies. Deepfakes, synthetic identities and AI-generated abuse material are creating new enforcement challenges that often do not fit neatly within existing legal frameworks designed for earlier digital technologies.

Malaysia’s approach also highlights an emerging policy trend that combines prevention and enforcement. Rather than relying solely on criminal penalties, governments are increasingly exploring safety-by-design requirements, risk management measures and stakeholder consultation to reduce harm before it occurs. The outcome of Malaysia’s review could influence how other countries in the region approach AI governance, online safety and digital rights.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Ofcom fines adult site over age check failures

Ofcom has imposed an £80,000 fine on pornography provider First Time Videos LLC after finding that the company failed to implement legally required age assurance measures under the Online Safety Act.

The regulator concluded that the provider failed to implement the ‘highly effective’ age assurance measures required to prevent children from accessing pornographic content. According to Ofcom, robust age assurance measures are a central requirement of the UK’s online safety framework and play a key role in protecting minors online.

Alongside the enforcement action, Ofcom announced its provisional view that xgroovy.com may also have failed to comply with age assurance obligations under the legislation. The regulator further expanded an existing investigation into Sun Social Media Inc. to cover an additional adult website operated by the company.

Ofcom said the penalty was determined with regard to the size and turnover of the service, ensuring that the sanction remained proportionate while reinforcing compliance expectations across the sector.

Why does it matter?

The decision marks an important milestone in the implementation of the UK’s Online Safety Act, demonstrating that age assurance requirements are moving beyond policy commitments into active regulatory enforcement. By imposing financial penalties on non-compliant providers, Ofcom is signalling that online platforms hosting adult content will be expected to adopt effective measures to prevent children’s access.

The case also reflects a broader international trend towards stronger child online safety regulation. Governments and regulators increasingly view age assurance technologies as a key tool for protecting minors in digital environments, while balancing concerns around privacy, proportionality and implementation. Future enforcement actions could shape how platforms design and deploy age verification systems both in the UK and beyond.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Apple expands app distribution options in Brazil

Apple will introduce changes to iOS in Brazil following an agreement with the country’s competition regulator, Conselho Administrativo de Defesa Econômica.

The changes, beginning with iOS 26.5, will give developers new options to distribute apps through alternative app marketplaces, operate those marketplaces and process payments for digital goods and services outside Apple’s In-App Purchase system.

Apple said the changes reflect a recent agreement with CADE and are intended to create new options for developers in Brazil. The agreement follows competition scrutiny of Apple’s App Store rules in the country.

The company warned that alternative app distribution and payment options may create new risks, including malware, fraud, scams and privacy and security concerns. It said it has worked with CADE on measures designed to reduce those risks, including app notarisation, marketplace authorisation and protections for children.

Apple also said all current members of the Apple Developer Program must agree to updated licence terms by 6 July 2026 to access the new options in Brazil. The company has made online appointments available for developers seeking more information.

Why does it matter?

The changes show how competition enforcement is reshaping closed app ecosystems beyond the EU. Brazil’s intervention adds pressure on Apple to allow alternative distribution and payment models while preserving security and privacy safeguards. The case also highlights a recurring policy tension: regulators want more competition and developer choice, while Apple argues that opening iOS can increase risks for users.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Meta expands AI-powered teen safety protections across its platforms

Meta has announced new teen safety updates across Instagram, Facebook, and Messenger, including expanded age-appropriate content settings, AI-powered age detection, and new parental notification tools.

Meta said the updates are designed to ensure teens receive appropriate protections by default, give parents greater visibility into online activity and strengthen safeguards that support young people’s well-being.

Meta said its 13+ default content setting, recently introduced in India, is now rolling out globally across Instagram, Facebook, and Messenger. The setting is designed to limit exposure to age-inappropriate content by default, drawing on established content-rating principles and parent feedback.

On Facebook, the 13+ default setting is intended to hide content considered inappropriate for teens in areas such as Feed and Reels. It also limits teens’ ability to interact with Profiles, Pages, Groups, and Events that primarily post inappropriate content.

On Messenger, the 13+ default setting limits teens’ ability to view links to inappropriate Facebook content or chat with accounts that primarily share it.

Meta is also expanding its use of AI-powered age estimation systems to identify accounts that may belong to underage users. The company said the system analyses profile context, including birthday celebrations, school-grade mentions, posts, comments, bios, and captions, to assess whether an account is likely to belong to someone underage.

The company said it is adding visual analysis as another detection technique. According to Meta, the technology analyses photos and videos for general indicators associated with age, such as physical characteristics, but does not identify individuals and does not use facial recognition.

Meta said combining visual signals with text and interaction analysis could increase the number of underage accounts it identifies and removes. The technology will be expanded across additional parts of its apps, including Instagram Reels, Instagram Live, and Facebook Groups.

Instagram will also notify supervising parents if a teen repeatedly searches for terms related to suicide or self-harm within a short period, subject to supervision settings. Meta said the feature has been rolled out to supervising parents in the EU, Brazil, and India, with parents and teens receiving notifications that the alerts are on the way.

Parents using supervision can now manage their teens’ activity through Meta’s Family Center across Instagram, Meta Horizon, Facebook, and Messenger. Meta said parents will also be able to see a more holistic view of teen activity across its apps in the coming months, including aggregated time spent.

Why does it matter?

The announcement reflects a broader shift towards age-appropriate design, where platforms increasingly rely on default protections and automated systems rather than expecting young users or parents to configure safety settings themselves. AI-based age detection is becoming a central tool in efforts to identify underage users and enforce platform safeguards at scale.

The update also highlights ongoing debates about the balance between child protection, privacy and platform accountability. While automated age-estimation technologies may help improve online safety, regulators and civil society groups continue to scrutinise their accuracy, transparency and potential impact on users’ rights. As governments around the world consider stricter child online safety requirements, platform approaches such as Meta’s may influence future regulatory expectations.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Eurostat report highlights online hate speech exposure in the EU

More than half of young internet users in the EU encountered hostile or degrading online content in 2025, according to Eurostat data published to mark the International Day for Countering Hate Speech.

Eurostat said 54.0% of internet users aged 25 to 34 and 53.7% of those aged 16 to 24 had encountered hostile or degrading messages during the previous three months. Exposure declined with age, falling to 46.4% among people aged 35 to 44, 38.9% among those aged 45 to 54, 32.8% among those aged 55 to 64, and 28.1% among people aged 65 to 74.

Among internet users aged 16 to 24, young women reported higher exposure than young men, at 57.2% compared with 50.4%. Eurostat said the pattern was observed across all types of hostile or degrading messages.

For both young women and young men, the most commonly reported hostile messages related to political or social views and racial or ethnic origin. The largest gender gaps were recorded for messages concerning sexual orientation, sex and disability.

Eurostat said hostile or degrading content may be directed at respondents or at other people, and can include messages, comments, photos, memes, videos and other online material.

The findings underline the scale of online hostility facing younger internet users in the EU and the continuing challenge for policymakers, platforms and civil society organisations working on digital safety and content governance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UNESCO backs new initiative against online hate speech

Organisations and experts in Kyrgyzstan have launched the country’s first multistakeholder coalition focused on online harmful content and content moderation, with support from UNESCO and the European Union.

The Aikyn Sanarip coalition was launched in Bishkek on 17 June, ahead of the UN International Day for Countering Hate Speech. It brings together civil society, media representatives, government bodies, academics, international organisations and bloggers.

UNESCO said the coalition will provide a platform for dialogue on freedom of expression, digital rights, online safety and greater accountability from digital platforms.

The launch also featured the first national study on freedom of expression and content moderation in Kyrgyzstan. The research examines how hate speech spreads across digital platforms, how content is moderated in Kyrgyz-language digital spaces, and where legal and institutional gaps remain.

UNESCO said users in Kyrgyzstan increasingly encounter hate speech, disinformation and online harassment. At the same time, the country lacks a clear legal definition of hate speech, and mechanisms for addressing harmful content remain fragmented.

The European Union supported the forum under UNESCO’s Social Media 4 Peace project, which promotes multistakeholder responses to harmful online content while protecting freedom of expression.

Why does it matter?

The launch shows how online hate speech and harmful content are becoming governance issues beyond major platform markets. Kyrgyzstan’s new coalition links digital rights, online safety and platform accountability, while also highlighting a difficult balance: tackling hate speech and disinformation without undermining freedom of expression. The initiative may offer a model for multistakeholder responses in countries where legal frameworks and platform moderation practices remain underdeveloped.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Spain’s data protection authority issues privacy guidance for video game industry

The Spanish Data Protection Agency (AEPD) has published a new guide outlining data protection recommendations for the video game industry, urging companies to embed privacy safeguards throughout the entire game lifecycle.

According to the AEPD, modern video games have evolved into complex digital ecosystems that collect, analyse and process significant volumes of personal data. This may include account information, gameplay activity, behavioural data and other user-generated information, creating potential privacy and security risks.

The guide notes that AI-enabled and online gaming services increasingly rely on data-driven business models, making compliance with the General Data Protection Regulation (GDPR) particularly important. The agency emphasised that privacy protections are especially important for children and other vulnerable groups, given their significant participation in online gaming environments.

The recommendations span the entire development process, from pre-production and design to post-launch operations, covering transparency obligations, data minimisation, profiling controls and cybersecurity measures. Privacy and responsible data practices should be integrated into games from design through to end-of-life in Spain.

Why does it matter?

The guidance reflects the growing importance of data protection in the gaming industry as video games increasingly function as connected digital platforms rather than standalone entertainment products. Online services, in-game economies, AI-powered features and behavioural analytics have expanded the volume and sensitivity of personal data processed by game developers and publishers.

The recommendations also highlight broader regulatory concerns around children’s privacy and responsible data use. As gaming platforms become more immersive and data-driven, regulators are placing greater emphasis on privacy-by-design principles, transparency and user control. The AEPD’s guidance signals that compliance with data protection rules is becoming an integral part of game development, not simply a legal requirement applied after products are launched.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot