CyberTipline 2021 Report
The National Center for Missing & Exploited Children’s CyberTipline offers the public and online electronic service providers an easy way to quickly report suspected incidents of sexual exploitation of children online.
Since the CyberTipline’s inception in 1998, we have received millions of reports and reviewed hundreds of millions of images and videos of suspected child sexual abuse material (CSAM) in an effort to locate exploited children and help law enforcement rescue them from abusive situations. We work to disrupt the trading of child sexual abuse images and videos online and help survivors begin to rebuild their lives.
In 2021, NCMEC’s CyberTipline received 29.3 million reports of suspected child sexual exploitation, an increase of 35% from 2020.
CyberTipline Reports
The CyberTipline receives reports about multiple forms of online child sexual exploitation. Reports regarding CSAM, legally referred to as child pornography, make up the largest reporting category. Over 99% of the reports received by the CyberTipline in 2021 regarded incidents of suspected CSAM. The number of reports for nearly every category increased in 2021.
Number of reports by reporter incident type
| Reporting Category | 2019 Reports | 2020 Reports | 2021 Reports |
|---|---|---|---|
| CSAM (possession, manufacture, and distribution) | 16,939,877 | 21,669,264 | 29,309,106 |
| Child Sex Tourism | 683 | 955 | 1,624 |
| Child Sex Trafficking | 11,798 | 15,879 | 16,032 |
| Child Sexual Molestation | 4,747 | 11,770 | 12,458 |
| Misleading Domain Name | 838 | 3,109 | 3,304 |
| Misleading Words or Digital Images on the Internet | 8,631 | 8,689 | 5,825 |
| Online Enticement of Children for Sexual Acts | 19,174 | 37,872 | 44,155 |
| Unsolicited Obscene Material Sent to a Child | 1,613 | 3,547 | 5,177 |
| Grand Total | 16,987,361 | 21,751,085 | 29,397,681 |
Electronic Service Provider Reports
The CyberTipline receives reports from the public and online electronic service providers (ESPs). To date over 1,800 companies have access to make reports.
In 2021, over 29.1 million of the 29.3 million total reports were from ESPs.
Number of reports by source
PUBLIC
240,598
ESP
29,157,083
TOTAL
29,397,681
Higher numbers of reports can be indicative of a variety of things, including larger numbers of users on a platform or how robust an ESP's efforts are to identify and remove abusive content from their platforms.
In 2021, CyberTipline reports provided by ESPs included 39.9 million images, of which 16.9 million were unique, and 44.8 million videos, of which 5.1 million were unique.
CyberTipline Files
Reports made to the CyberTipline by ESPs can include images, videos and other files related to what’s being reported like suspected child sexual abuse material. This content must be analyzed along with the report.
Unfortunately, child sexual abuse images and videos are often circulated and shared online repeatedly. CSAM of a single child victim can be circulated for years after the initial abuse occurred. One of the CyberTipline’s critical functions is to identify unique images through the work of analysts and the use of technology.
File Review, Triage and Technology Enhancements
NCMEC makes CyberTipline reports, including NCMEC’s additional analysis, available to law enforcement around the world. The goal is to help law enforcement prioritize the most urgent cases within the incredible volume of reports.
In 2021, NCMEC reimagined our response to suspected CSAM submitted to the CyberTipline by companies. Through a process involving multiple verifications, analysts review content and tag each file with information about the type of content, the estimated age of the people seen in the videos or images, and other details. NCMEC then leverages the technology in a variety of tools to automatically recognize and tag those same images and videos when they are submitted in future reports.
NCMEC successfully tagged over 22 million files in 2021 alone and has tagged over 30 million files to date.
NCMEC uses this information to triage reports to ensure that the most urgent cases, those where a child may be suffering ongoing abuse, get immediate attention. We also protect our analysts from repeated viewing of the same abusive imagery.
By implementing these technology tools, we can focus our efforts on newly produced CSAM. When new images and videos are identified among the millions we receive each week, our analysts look for clues to uncover the identity or location of the child or suspect and make that information available to law enforcement.
Last year, because of our detailed analysis of newly created CSAM, NCMEC alerted law enforcement to over 4,260 potential new child victims.
Hash Sharing
Another benefit of the recent enhancements to the CyberTipline process is the ability to grow our list of hash values which is part of an important initiative to stop the spread of CSAM. Hash values are unique digital fingerprints assigned to pieces of data like images and videos. When an image or video is identified as containing known CSAM, NCMEC adds the hash value to a list that is shared with technology companies.
The companies can then use these hash values to voluntarily scan their systems so the abusive content can be identified, reported and removed. Likewise, when NCMEC receives a report about a child sexual abuse image with a known hash value, it can quickly determine if the image has already been reported, and if the child in the image has been identified.
In 2021, NCMEC added 1.4 million hash values to our growing list of over 5 million hash values of known child sexual abuse material.
In 2021, the average response time following a NCMEC notification for images or videos was less than 2 days.
Removal Notices & Tracking
We often receive CyberTipline reports about imagery of child sexual exploitation that is being shared online. In some cases, the reports are made by the child victims themselves or their guardians/caregivers. The CyberTipline is a lifeline for families who are struggling to have explicit images of their child taken down.
After visually reviewing the reported imagery, NCMEC staff members notify the electronic service provider where the image or video has been shared. Based on how a company or their platform operates, content may be removed or users blocked or banned from their services in response to a notification. Once a notice has been sent to the company, NCMEC staff manually track the response and will generate additional notices until we can confirm that the content is addressed.
NCMEC generates several types of notices to companies depending on the circumstances.
NCMEC may notify a company based on:
CSAM
Child sexual abuse material which may violate federal and/or state law or a company’s Terms of Service, or Member Services Agreement or Community Guidelines or Standards.
Exploitative
Exploitative content which depicts identified child victims, but the images themselves may not reach the legal threshold of child sexual abuse material. Examples of this are images or videos that may contain nudity, non-pornographic content originating from child sexual abuse material or otherwise sexually suggestive content of identified child victims.
Predatory Text
These notices may contain text that is related to sexually predatory comments or personal information about an identified child victim or CSAM survivor. Personal information identifying the child in the image/video may pose safety concerns for the child or survivor.
Of the 29.3 million reports that the CyberTipline received in 2021, 93% resolved to locations outside the U.S.
Global Response
Most CyberTipline reports involve the upload of child sexual abuse material by users outside of the U.S. This is largely due to the fact that ESPs must comply with 18 USC 2258A which requires U.S. companies to report to the CyberTipline if they become aware of suspected CSAM on their platforms and servers. Because these companies have users worldwide and those incidents are reported to NCMEC, by extension the CyberTipline serves as a global clearinghouse.
Most CyberTipline reports of CSAM include indicators of where the files were uploaded. It is important to note that country-specific numbers may be impacted by the use of proxies and anonymizers. In addition, each country applies its own national laws when assessing the reported content. These numbers are not indicative of the level of child sexual abuse in a particular country.
Case Management Tool
With 93% of CyberTipline reports resolving internationally, it’s imperative that there is a referral system in place enabling a global response to CyberTipline reports. The Case Management Tool enables NCMEC to securely and quickly share reports with law enforcement around the world.
The system allows law enforcement in the U.S. and abroad to receive, triage, prioritize, organize and manage CyberTipline reports. It also helps police agencies refer reports to other law enforcement agencies for a more targeted response. The system helps NCMEC notify law enforcement of high priority reports.
As of 2021, 84 law enforcement agencies in 143 countries around the world have direct access to CyberTipline reports.
There are 71 international police forces who are able to receive CyberTipline reports directly, and 61 additional countries who are able to receive reports through a U.S. federal law enforcement attaché. Interpol also assists in the dissemination of CyberTipline report information to certain countries where we don’t have a direct connection to law enforcement. In support of easier adoption and use by international users, the Case Management Tool fields and interface are available in 8 languages with 10 additional translations planned. Domestically all Internet Crimes Against Children task forces also have access.
Archives
NCMEC will #NeverStop working on behalf of children to give them the safe childhoods they deserve.
If you’re a victim of child sexual exploitation on the internet or are aware of CSAM, sex trafficking or other crimes against children online, please make a report at CyberTipline.org or call NCMEC at 1-800-THE-LOST (1-800-843-5678).