We set out to explain the tools, systems, and considerations that underpin industry efforts to identify and remove this abusive and illegal content. The session focused on providing a clear, technical overview of how detection operates today: what tools are used, how they perform, and how companies approach key questions like accuracy, privacy, and scale.
Below, we are sharing the presentation portion of the discussion, focused on how these systems are implemented across platforms.
How known CSAM detection works
Detecting and removing CSAM is one of the most critical ways industry works to disrupt harm and help protect children online.
For years, companies have taken voluntary action to do this, using a range of technologies to identify, remove, and report abusive content. One of the most widely used and effective tools is hash matching.
Hash matching works by creating a unique digital fingerprint (or “hash”) of a known CSAM image or video. That fingerprint can then be used to identify and remove matching illegal content across platforms, without needing to view the underlying image.
This allows companies to detect known CSAM quickly, accurately, and in a way that is designed to protect user privacy.
Across the industry, hash-matching remains a core part of broader detection systems. Companies are increasingly combining multiple tools—such as classifiers and behavioral signals—alongside hashing to identify both known and novel abuse.
To learn more about how voluntary detection works across industry, read our earlier explainer.
What we heard: key themes from audience questions
We received more than 60 questions from participants during the session. While we weren’t able to address all of them live, several clear themes emerged. Below are some of the most common questions and responses.
1. How does hash matching actually work and what does it detect?
Hash matching is designed to detect known, illegal CSAM – content that has already been identified and confirmed as abusive. The hash databases used by companies can include material previously identified by platforms themselves, as well as material previously identified by trusted sources such as child protection organizations and hotlines.
It’s important to note that hash matching does not identify new, “never-before-hashed” CSAM. That’s why companies may use it alongside other tools, including classifiers and behavioral signals, to help detect possible instances of abuse.
2. What happens after CSAM is detected?
When CSAM is identified—whether through hashing, other tools or user reporting—companies take action to remove the content and report it to relevant authorities, such as the National Center for Missing and Exploited Children (NCMEC).
Detection systems are designed to enable rapid response, though timelines can vary depending on the platform or service, the type of content, and the review processes in place. The priority across industry is clear: remove illegal and harmful content as quickly as possible and ensure it is reported appropriately.
Detection can also contribute to identifying accounts involved in sharing or distributing abusive material, helping platforms take further enforcement action.
3. How do companies balance detection with user privacy?
A key point discussed during the session is that many detection tools—particularly hash matching—are designed to be privacy-preserving.
Rather than analyzing content in a human-readable form, hash matching compares the digital fingerprints of images or video. This gives companies the ability to identify known CSAM without needing to view or process the underlying image, or associated messages, directly.
More broadly, companies consider privacy, safety, and effectiveness together when designing and deploying detection systems, which operate in tandem with other safeguards, and continuously evaluate how to improve that balance.
4. Are detection tools effective and why are reports increasing?
Participants asked whether rising CSAM reporting figures reflect a growing problem or improved detection.
The answer is both complex and important: increases in reports can reflect improvements in detection capabilities, greater adoption of tools like hashing, and stronger reporting practices across industry. At the same time, the underlying threat continues to evolve as bad actors may develop new tactics.
Continuing the conversation
The discussion highlighted both the progress that has been made and the work that continues across industry to strengthen detection, improve response, and better protect children online—including removing and reporting novel CSAM and adapting to evolving threats such as AI-generated.
This week, the Tech Coalition will publish its annual transparency report and Lantern program transparency report, providing further insight into how companies are advancing efforts across prevention, detection, response, and enforcement.
To stay up to date, you can subscribe to our newsletter.
