Hidden In Plain Site: Paedophiles Use Facebook Groups

Uploaded on 2016-02-26 in FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

Paedophiles are using secret groups on Facebook to post and swap obscene images of children, the BBC has found.

Settings on the social network mean the groups are invisible to most users and only members can see the content.

Children's Commissioner for England Anne Longfield said Facebook was not doing enough to police the groups and protect children.

Facebook's head of public policy told the BBC he was committed to removing "content that shouldn't be there".

A BBC investigation found a number of secret groups, created by and run for men with a sexual interest in children, including one being administered by a convicted pedophile who was still on the sex offenders' register.

The groups have names that give a clear indication of their content and contain pornographic and highly suggestive images, many purporting to be of children. They also have sexually explicit comments posted by users.
We found pages specialising in pictures of girls in school uniform - accompanied by obscene posts.
Images appeared to be stolen from newspapers, blogs and even clothing catalogues, while some were photographs taken secretly, and up close, in public places. One user had even posted a video of a children's dance show.

How do Facebook groups work?

Any Facebook user can set up a group - there are three settings options - open, closed and secret.

Secret groups cannot be found using the search facility and only members can see what content is inside them.

Only people invited by existing members can join the group.
The Internet Watch Foundation creates a list of web pages with child sexual abuse content and any found to be on Facebook groups are taken down automatically, Facebook says.

Any other material reported to the social network as inappropriate goes through an internal review procedure to check if it is in breach of its community standards.
\
Facebook says it removes content that includes "solicitation of sexual material, any sexual content involving minors, threats to share intimate images and offers of sexual services".

We set up our own fake profile and managed to gain access to some of these groups.
Using Facebook's own reporting facility, we told the company about images and comments we thought were unacceptable.
In one secret group called "cute teen schoolies", we found a picture of a girl in a vest, aged 10 or 11, accompanied by the words "yum yum". Facebook responded that it did not breach "community standards" and the image stayed up.

In other secret groups we found pictures of children in highly sexualised poses. There were also innocent pictures stolen from other Facebook sites, school homepages and newspapers and most were accompanied with obscene posts. They also did not breach Facebook's community standards.

We reported a whole group too - called "we love schoolgirlz" - with obscene content - and that did not get taken down either.

In total we reported 20 images. Users took some down themselves - Facebook removed four - leaving half still up.

We were so concerned about some material we found that we handed it over to the police. We also alerted both the Internet Watch Foundation and the National Crime Agency to the contents of our findings.

Diane (not her real name) discovered innocent pictures of her daughter had been stolen from her own blog site. They were then posted on a site used by paedophiles and swapped by members, who also posted sexual comments about them.

She said: "I was horrified. Thinking that these innocent snapshots of my (then) 11-year-old daughter had become the subject of vile comments and disgusting exchanges between members of these groups was really upsetting.

"But equally upsetting is the fact that Facebook allows these secret groups to exist, unmonitored and unchecked, making them rife for abuse by paedophiles.

"There must be a duty of care to users to make sure that paedophiles can't hide on these secret groups, stealing and sharing images of children they find online."

Children's Commissioner for England Anne Longfield said: "I'm shocked those don't breach community standards, any parent or indeed child looking at those would know that they were not acceptable."

She said she did not believe Facebook was doing enough to protect children.

"I don't think at the moment, given what we know about the vulnerability of so many children to predators, that they are doing enough," she said.
Her view was echoed by former police commander Andy Baker, former deputy chief executive of the Child Exploitation and Online Protection Centre.

"I'm not on Facebook, and one of the reasons I'm not is because of what they don't do," he said.

'Network of opportunities'

He was especially concerned by the existence of secret groups.
"It just opens a complete network of opportunity to paedophiles, that's why these secret groups should not exist."

We asked Facebook for an interview but our request was refused, so we spoke to Rishi Saha, the company's head of public policy, at an event to mark safer Internet day.

He told the BBC: "When it comes to specific groups I think it's really important that we investigate the groups, so if you're able to share the details of these groups with me then I can work with my colleagues who do the investigations on these and make sure we're investigating them and we're removing the content that shouldn't be there."

Mr Saha added that Facebook would "deal directly with law enforcement to make sure they're aware of these groups and follow the proper process".

"I think it's really important that we do that and I can give you that commitment that we're going to do that," he said.

BBC

« Israel Is 15 Years Ahead in Cyber Warfare
Cyber Risk Insurance Is A Patchwork »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CERT-FR

CERT-FR

CERT-FR is the French national government computer security incident response team.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

BrainChip

BrainChip

BrainChip is the leading provider of neuromorphic computing solutions, a type of artificial intelligence that is inspired by the biology of the human neuron - spiking neural networks.

ICS Cyber Security Conference

ICS Cyber Security Conference

SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

TryHackMe

TryHackMe

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers.

SynSaber

SynSaber

SynSaber is a data collection, detection, and visibility solution that forms the foundation of industrial cybersecurity.

Kyndryl

Kyndryl

Kyndryl has a comprehensive portfolio that leverages hybrid cloud solutions, business resiliency, and network services to help optimize your IT workloads and transformations.

Appalachia Technologies

Appalachia Technologies

Appalachia is a full service Managed Services Provider with a focus on cybersecurity, backed by the best engineers.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

Oz Forensics

Oz Forensics

Oz Forensics is a global leader in preventing biometric and deepfake fraud. It is a developer of facial Liveness detection for Antifraud Biometric Software with high expertise in the Fintech market.

CorePLUS Technologies

CorePLUS Technologies

CorePlus solutions are designed to empower organizations with the tools they need to ensure the utmost protection for their assets, people, and information.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.