Microsoft Detects Child Abuse Images in OneDrive Account Leading to Arrest

Microsoft has informed a child protection group about images of a young girl that had been saved to its OneDrive cloud storage service, leading to the arrest of a man in Pennsylvania and charges of possession and distribution of child abuse images.

Tyler James Hoffman, 20, was arrested on 31 July for five felony charges relating to possession and distribution of child pornography, according to a criminal complaint obtained by The Smoking Gun, a site dedicated to leaked law enforcement documents.

The complaint states that Microsoft detected Hoffman allegedly uploading illicit images to his OneDrive account, which comprises of email and cloud storage, on two separate occasions earlier this year.

Microsoft then tipped off the National Center for Missing and Exploited Children (NCMEC), giving them the user's email address, IP address and the name of the Facebook profile associated with the email address.

Hoffman was questioned by the police and is now in Monroe County Correctional Facility awaiting a preliminary hearing on 14 August.

Google detection

The court documents do not explain how Microsoft detected the information, but it follows the news last week that search giant Google sent a tip to the NCMEC based on images detected by its automatic email-scanning technology.

The tip from Google led to the arrest of a registered sex offender – a 41-year-old man in Texas who had allegedly been distributing explicit images of children via his Gmail account and secretly filming children who entered the Denny's restaurant where he worked.

Google makes use of a "hashing" technology to tag known child sexual abuse images, so that the system flags up duplicate copies of the images found elsewhere without humans having to view them.

Microsoft told the BBC in 2012 that it also uses hashing technology to locate child pornographic images, which are cross-referenced with a database maintained by Interpol.

However a security expert at a web hosting firm Leaseweb told the BBC that many paedophiles now know how to make changes to images in order to avoid detection, such as changing the image's file extension or even altering the colour of a single pixel, so that the scanning system fails to pick the image up.