Our partner Cloudflare has long been committed to helping to build a better, safer Internet. As part of this mission, the company has made significant strides in combatting child sexual abuse material (CSAM) online through innovative tools and partnerships.

Cloudflare's CSAM Scanning Tool has been a free, crucial resource for customers seeking to prevent the spread of CSAM. Because of the way Cloudflare initially set up the tool, however, it was inadvertently only available to US companies. Now, the company has taken an important step forward by significantly streamlining the onboarding process, making this critical safety feature accessible to everyone around the world.

What's New with the CSAM Scanning Tool?

The updated CSAM Scanning Tool eliminates a key barrier to adoption: the requirement for National Center for Missing & Exploited Children (NCMEC) credentials. When the tool was first developed, Cloudflare believed that the direct integration with NCMEC would simplify mandatory reporting and make it easier for companies to follow up with NCMEC directly. This approach, however, failed to recognise the reality that non-US companies cannot obtain NCMEC credentials and that reports of hash matches are not as comprehensive as those that might be reported through a company’s credentials.

Cloudflare has responded to address these concerns. The change of eliminating the requirement for credentials brings two significant benefits:

1. Simplified Onboarding: The tool now only requires a verified email address for notifications, allowing customers to implement the scanning capability in seconds.
2. Global Accessibility: By removing the NCMEC credential requirement, non-US companies can now utilise this powerful tool, expanding its protective reach internationally. Cloudflare will report hash matches directly to NCMEC as third party reports.

How the Technology Works

When enabled by a customer, the CSAM Scanning Tool automatically processes images as they enter Cloudflare's cache. The system:

• Creates cryptographic hashes of images
• Compares these hashes against a database of known CSAM
• Immediately blocks content URLs when potential matches are detected
• Notifies the customer via their verified email address
• Submits a daily third-party report by Cloudflare to NCMEC.

This automated approach ensures swift action against known abusive content while maintaining privacy and security standards.

Building a Safer Internet Together

Since launching these updates to the CSAM Scanning Tool, Cloudflare has seen a significant increase in adoption among its customers. The improvements have also enhanced the reporting process, streamlining reports and helping NCMEC focus its resources more efficiently on critical cases.


Explore the CSAM Scanning Tool.