Comment

Comment on I just developed and deployed the first real-time protection for lemmy against CSAM!

xtremeownage@lemmyonline.com ⁨1⁩ ⁨year⁩ ago

not upload CSAM to for trolling communities. Even novel GenerativeAI CSAM. Users cannot upload CSAM images and never submit a post or comment (making them invisible to admins). The images will be automatically rejected during upload

There wouldn’t be anything to delete, as it would have never been saved with this.

source

Sort:hotnew top

shagie@programming.dev ⁨1⁩ ⁨year⁩ ago
www.law.cornell.edu/uscode/text/18/2258A

(a) Duty To Report.—
(1) In general.—
(A) Duty.—In order to reduce the proliferation of online child sexual exploitation and to prevent the online sexual exploitation of children, a provider—
(i) shall, as soon as reasonably possible after obtaining actual knowledge of any facts or circumstances described in paragraph (2)(A), take the actions described in subparagraph (B); and
(ii) may, after obtaining actual knowledge of any facts or circumstances described in paragraph (2)(B), take the actions described in subparagraph (B).
(B) Actions described.—The actions described in this subparagraph are—
(i) providing to the CyberTipline of NCMEC, or any successor to the CyberTipline operated by NCMEC, the mailing address, telephone number, facsimile number, electronic mailing address of, and individual point of contact for, such provider; and
(ii) making a report of such facts or circumstances to the CyberTipline, or any successor to the CyberTipline operated by NCMEC.

…

(e) Failure To Report.—A provider that knowingly and willfully fails to make a report required under subsection (a)(1) shall be fined—
(1) in the case of an initial knowing and willful failure to make a report, not more than $150,000; and
(2) in the case of any second or subsequent knowing and willful failure to make a report, not more than $300,000.

Check with a lawyer if blocking an upload that your server has access to because of suspected CSAM constitutes “actual knowledge or any facts or circumstances”.

source
- xtremeownage@lemmyonline.com ⁨1⁩ ⁨year⁩ ago
  HEY LOCAL PD OFFICE,
  
  SOMEONE UPLOADED SOME POTENTIALLY CHILD PORN TO MY LEMMY INSTANCE.
  
  No… I don’t have an IP for who uploaded it.
  
  Sorry, I don’t know where it came from. It just got federated across the fediverse to me.
  
  No… I don’t have the content either, it doesn’t get saved.
  
  Sorry… I guess I really don’t have any details at all for you.
  
  source
  - zoe@infosec.pub ⁨1⁩ ⁨year⁩ ago
    hosting a lemmy instance in the us is a headache
    
    source
    xtremeownage@lemmyonline.com ⁨1⁩ ⁨year⁩ ago
    Hence my reaction to these issues. lemmyonline.com/post/459013
    
    But… under new management now, in Germany. lemmyonline.com/post/587565
    
    source
    droans@lemmy.world ⁨1⁩ ⁨year⁩ ago
    Nearly every country has strong Anti-CSAM laws on the book which require reporting known distribution.
    
    source
  - shagie@programming.dev ⁨1⁩ ⁨year⁩ ago
    NCMEC is very different than reporting to your local PD office.
    
    source
obinice@lemmy.world ⁨1⁩ ⁨year⁩ ago
So the image never touches the server side, even in RAM, it always remains only on the client machine, and it’s checked there?

If so, then this could be a pretty neat tidy way to deal with this issue, otherwise the image is on the server, even if you “delete it real fast” or such, and I imagine then you’d still need to be in compliance with the law regarding saving and reporting it.

source
- Deiv@lemmy.ca ⁨1⁩ ⁨year⁩ ago
  Did you read the post? The image is sent to an endpoint that has a hosted AI solution that checks it
  
  It 100% touches the server, it’s just not stored anywhere and gets blocked
  
  source