[OPINION] Addressing privacy concerns to prevent sexual abuse
Read Part I: Rethinking procedures to prevent child sexual abuse
(Part II of II)
Another complexity brought about by the offense of child sex abuse being captured in digital form is its ease of distribution through the internet.
In the Philippines, facilitators generally use email, chatrooms, and social messaging applications, like Yahoo!, Facebook, or Skype to communicate with pedophiles, but others have become more sophisticated and taken advantage of encrypted browsers and cryptocurrency to protect their anonymity and evade arrest and prosecution. They invoke privacy to conceal their actions. But privacy as a constitutional right is not absolute, and may be pierced by a court order or when public safety or order so requires.
Both RA 9775 or the Anti-Child Pornography Act and RA 10175 or the Cybercrime Prevention Act require internet service providers (ISPs) to install technologies that would block or filter access or transmittal of child sexual abuse imagery or material (CSAI). They are also required by law to report within 7 days circumstances relating to CSAI that go through their systems and to preserve evidence for purposes of investigation or prosecution.
There is an inherent conflict between privacy and provisions like reportorial requirements because to implement these obviously require an intrusion into the private conversations of individuals. Technology makes possible a balancing of the rights to privacy and safeguarding.
In the United States, electronic service providers (ESPs), like Google, Facebook, and Whatsapp, rely on user reports of child abuse and use technologies, like Microsoft’s PhotoDNA, or YouTube’s CSAI Match, which create hashes or signatures of images and videos uploaded or received in an account and compares them to the hashes of previously identified illegal images. Both PhotoDNA and CSAI Match are free technologies and used exclusively for the purpose of detecting CSAI. If hashes match, the policies of these ESPs include the removal of the image and reporting associated account details with the National Center for Missing and Exploited Children (NCMEC), in compliance with US laws. NCMEC analysts then refer the same to law enforcement for action, annotating details like metadata, file hashes, URLs, location of user, or the victim, if available.
In some cases referred to the Philippines, US courts have granted warrants addressed to an ESP for law enforcement to search and seize user accounts used for the creation or distribution of CSAI. However, the authors have yet to encounter a Philippine ISP or ESP to report CSAI to local law enforcement for action that has been investigated and prosecuted. (READ: Internet service providers fail to report sites transmitting child porn – DSWD)
Restructuring intervention processes
Intervention measures involving prosecution and administrative remedies are essential to safeguarding the rights of both the accused and the survivor. Noting again the peculiar circumstances of the facilitator relative to the survivor, restorative justice should be foundational in the policies and measures implemented by law enforcement, officers of the judicial system, and social welfare workers.
During prosecution, the International Justice Mission (IJM) advocates for plea-bargaining when the evidence of guilt is strong. This goes back to the necessity of prosecutors and defense lawyers understanding digital forensics evidence in order to provide wise legal advice to the private complainants and the accused, saving the parties the time and trauma of trial, especially for the survivors. For the offenders, psychoeducation through designated social workers must be seriously incorporated in their intervention programs.
Meanwhile, survivors are usually brought to a shelter to separate them from the families or communities where the offense has been committed. This allows social workers to assess the children of their physical, mental, and psychological conditions, as well as their living situation in the communities they live in. Naturally, the separation is a painful but necessary step to ensure the safety of the child and there is an urgent need to provide them with a permanent home that would give them stability and intervention programs that would address their special needs.
IJM with social welfare organizations have identified the need to develop foster care placements, especially for younger children, and are encouraging non-offending next of kin to avoid permanent separation of the child from the family. The Philippines has RA 10165 or the “Foster Care Act of 2012” that enables the Department of Social Welfare and Development (DSWD) to develop foster care parents.
According to IJM, there are many non-offending relatives who are willing to take in the children but are not financially able. Specific to survivors of online sexual exploitation of children (OSEC), it is essential to equip foster parents with knowledge and methods to tackle the trauma, stress, and other psychological, cognitive, and behavioral consequences to the child who has undergone sexual exploitation, and the legal processes that would call for the participation of the child in the event that a case is filed in court. There is a need to bring to life this law and capacitate DSWD and foster parents.
The Data Privacy Act
The “Data Privacy Act” or RA 10173 is frequently cited as preventing government agencies, schools, and churches to release information on ongoing and completed processes on complaints for sexual abuse, harassment, and violence. There is a need to rethink this restrictive interpretation of the Data Privacy Act where the law is used to limit the options society and institutions may have to prevent wrongdoing. For purposes of identifying survivors, prosecuting against CSAI or other forms of child abuse, or implementing other forms of interventions, there are many layers to which “personal information” and “sensitive personal information” of the survivors, the alleged perpetrators, and related persons would necessarily be disclosed, and may seemingly come into conflict with the Act. However, it must be noted that the Act shall not apply to information necessary for law enforcement and regulatory agencies to carry out their constitutionally and statutorily mandated functions.
Thus, using the Act as a shield of protection for wielders of such information, such as data processors and ESPs, can become a lazy excuse not to comply with other substantive laws, like the Anti-Child Pornography Act and the Cybercrime Prevention Act, that requires reporting of such information. Essentially, what the Data Privacy Act adheres to are the principles of transparency, proportionality, and legitimate purpose – these principles are celebrated in CSAI cases, where the privacy of the survivors should be protected, and the transparency and proportionality of what information should be released, to whom, and for what purpose, are all objectives in view of the fundamental rights of both the survivor and the accused.
For schools, churches, and similar work places, it might also be wise to ask prospective employees to sign limited waivers of privacy to allow situations where people would have to be informed of status and results of investigations with prevention as the major objective.
Eliminating sexual abuse in the Philippines and globally
The context within which OSEC and all other sexual abuse is perpetrated in the Philippines and other parts of the globe shows how ominous this crime is to our children and to society. Inter-country efforts to address this global threat are shared by government and the private sector alike, but the exponential rise in the incidence of unique images and the severity of CSAI show traditional law enforcement and clearing house analysts work are overloaded. ISPs or ESPs on a country-level should augment their technological capabilities in order to participate in the detection and reporting of OSEC.
Prevention-wise, community education – especially targeting hotspots of the offense – is a tool that can address the notion of facilitators that they are marring the lives of the children they are sexually exposing online. These efforts are welcome but there must be a radical change in the way we think about this crisis in order to make a dent on it.
Transformative technologies in detection and identification can be solutions but would require policies that protect fundamental privacy rights. More importantly, there is a need to scrutinize the root of the issue to eliminate it from the get-go. These are matters that need to be carefully examined but must be done now.
Likewise, the prevalence of sexual abuse, harassment, and violence in many of our institutions, including in churches and schools, for a rethinking and abandonment of traditional notions of due process and data privacy without sacrificing basic norms of fairness. – Rappler.com
Tony La Viña is former dean of the Ateneo School of Government, and Rory L. Torres (@roryltorres) is former special counsel for legal intervention of the International Justice Mission. Both teach constitutional law and human rights in several schools.