The UK Government is considering putting a massive police database of child abuse images and videos online, according to documents The Daily Telegraph (TDT) claims to have seen.
But privacy advocates say the move would be a risky one, and have warned it would introduce new threats for the highly sensitive data.
The documents reportedly show that the Home Office has launched a feasibility study into uploading the “child abuse image database” onto Amazon’s cloud network. The database was created in 2014 and contains tens of millions of images and videos of child abuse sized by police during previous operations.
Labelled “incredibly sensitive”, the images have only ever been accessible within police premises until now. The document raises concerns over only having access to the data-set on physical sites. As such, the Government is exploring the logistics and challenges of copying the images and then uploading them to a cloud server.
Concerns have been raised that the move would put the database at a much higher risk of being compromised by hackers, since they would no longer require physical access.
A 2019 report by cyber security firm Palo Alto Networks suggested that there were a massive amount of vulnerabilities hackers could exploit across cloud server providers; however, the report noted these faults lay with how they were used and not the provider.
According to TDT, the Home Office has already held initial talks with Amazon Web Services (AWS) over the storage of the database. AWS is already a major supplier of cloud services to UK police, and hosts a super-database set for the force which combines criminal conviction records with intelligence information.
- Government to Strengthen Security of Internet-Connected Products
- Ashley Madison Victims Fall Prey to New ‘Sextortion’ Scam
- Edinburgh Mobile App Developer xDesign Acquires Bemo
There are no plans to upload the images at this point and the study is being treated as a “fact-finding” exercise. The document notes that if the the move were to go ahead it would provide people with more flexibility as it would give police remote access, which they currently do not have.
A spokeswoman for Privacy International said: “As the Home Office increasingly turns to cloud providers to hold sensitive data which would constitute a high value target, the public needs a great deal of reassurance.
“Some of the justifications for such a move include a desire to facilitate remote access to the database and permit ‘innovation activity’. This indicates that a broadening of access to a greater number of individuals outside the police, which is a clear cause for concern.”
The group is urging the Government to consult children’s charities and those with technical knowledge to ascertain if the risks outweigh the benefits.