New Delhi: A few weeks ago, the European Union's Europol made over 25 arrests during a crackdown on AI-generated Child Sexual Abuse Material (CSAM). The operation which spanned 35 countries led to 70 arrests, the rescue of 39 children, and the seizure of devices.
The main accused, a Danish national, ran an online platform which allowed users access to AI-generated content depicting child abuse, after making a "symbolic online payment."
This is the brute reality of child sexual abuse in the digital era, a state-of-the-art borderless crime, amplified by anonymity, which is difficult to detect using traditional frameworks. AI-generated abusive content like deep-fake manipulation, chat-bots and other emerging forms like self-generated content, live-streaming of CSAM, online grooming, and Webcam Child Sex Tourism (WCST) are on the rise. Even though the artificially created content has no real victims, it raises serious concerns about the human tendency to derive gratification from simulated suffering inflicted upon children, eventually triggering demand for such content everywhere.
A Legal Turning Point: From Moral Denial to Legal Recognition
India accomplished a breakthrough in its legal journey on September 23, 2024, when the Supreme Court delivered a landmark Judgment in Just Rights for Children Alliance v. S Harish, addressing the legal governance and criminalisation of “CSEAM- Child Sexual Exploitation and Abuse Material”, earlier known as “Child Pornography”.
The case arose from a Madras High Court judgment that quashed the criminal proceedings against an accused found in possession of CSEAM. It held that mere possession/storage or viewing of such material without an intent to transmit does not constitute an offence under the Information Technology Act, 2000 or Protection of Children from Sexual Offences Act, 2012 (POCSO Act).
The Supreme Court not only overturned the High Court's order of terming possession, storage and watching of CSEAM in private as a matter of “mere moral decay” but also criminalised the downloading, viewing, possession, and storage thereof, whether shared or not.
The court also issued a sweeping set of directions, marking a watershed moment in India's jurisprudence on digital child protection. These directions inter-alia mandated legislative reforms by way of replacing the term “Child Pornography” with CSEAM to also cover the generative nature of content. “Child pornography” is misleading and trivialises the severity of the crime, as it implies consensual adult content while ‘CSEAM' accurately reflects the exploitative nature of these materials, including AI-generated depictions.
Statistics and Trends: Scale of the Problem
The judgment comes amidst an alarming surge in incidents in India. The National Centre for Missing and Exploited Children (NCMEC), USA, in its tip-line report 2023, reveals that India accounts for around 9 million of the 36.2 million suspected CSEAM reports worldwide.
A 2023 report, Entangled in the Web: Cybercrimes against Children in India by India Child Protection, stated that there was a five-fold increase in such cases from less than 3% in 2017 to 15% in 2021 in the country. Meanwhile, NCRB data revealed a staggering 2,561% increase in reported child pornography cases from 44 in 2018 to 1,171 in 2022.
Recognising the gravity of such cybercrimes, the Government of India implemented the Cyber Crime Prevention against Women and Children Scheme under Nirbhaya Fund. Moreover, a MoU has been signed between NCRB India, MHA and NCMEC for facilitating the tip-line reports on online child sexual explicit contents.
Impact of Judgment
However, the last couple of months have seen some direct and tangible impact of the judgment.
Within a week of the judgment, Punjab's Cybercrime Division arrested a man and identified 54 suspects for disseminating CSEAM via platforms like Instagram and Telegram.Similarly, in Hyderabad, three individuals were held for downloading and sharing CSEAM on social media platforms. These arrests were facilitated by cyber tip-line reports that provided crucial leads such as IP addresses and emails.
In October 2024, in a major operation dubbed “Paedo Hunt,” the Delhi Police raided 20 locations and booked 11 individuals for circulating CSEAM.
State Governments, too, have sprung into urgent action. Odisha Government announced the formation of a dedicated task force to coordinate with law enforcement for investigating and prosecuting CSEAM-related crimes, and committed to a zero-tolerance policy.
The Indian legislature has also taken steps to ensure the online safety of children. Clause 9[7] of the Digital Personal Data Protection Act, 2023, provides for “parental verification” for processing of children's data, thereby aiming to curb CSEAM by restricting the profiling, targeting, and behavioural advertising of children.
This judgment is not the end, but the beginning—one of many necessary interventions to dismantle this growing menace. We now need a revolutionary approach to pierce through technological warfare such as cryptocurrency, which is widely used by perpetrators due to its anonymity and decentralisation.
Global Practices and India
The global legal frameworks have evolved to deal with this complex cross-border crime, and while India has taken some gigantic strides, our regulatory response and enforcement must keep pace.
The United States criminalizes not only real child-abuse content, but also computer-generated, and AI CSEAM. It also mandates the platforms to report to NCMEC, while empowering a NCMEC-Tech Industry Consortium to protect children in digital spaces.
The laws in the United Kingdom not only cover all generative forms of CSEAM, but also prescribe strict penalties for failing to proactively detect or remove CSEAM. Its regulatory watchdog, ‘Ofcom' holds digital platforms accountable on their legal responsibility to protect users, especially children, from online harm.
While India's legal framework has evolved significantly, it lacks stringent provisions and penalties targeting virtual or AI-generated CSEAM. Our laws do not explicitly cover all forms of non-real and AI-generated depictions. Resultantly, our mandatory reporting, enforcement and inter-agency coordination mechanisms require a complete overhaul given the transnational, anonymous, and rapidly evolving nature of these crimes.
Conclusion: Implementation and International Revolution
A borderless crime requires a borderless response. The Supreme Court's judgment is a jurisprudential innovation that aims to realign India's legal compass towards a child-centric justice system. It has been over eight months since the verdict was delivered. While the directions are open-ended, the top Court may form a judicial monitoring committee or amicus-curiae model to oversee implementation.
In an era where digital boundaries blur and technological innovation outpaces the regulatory frameworks, the time is ripe for India to not only enforce the landmark verdict but also to spearhead an international digital safety convention to protect the most vulnerable across borders. Simultaneously, accountability of technology platforms, cryptocurrency exchanges, and hosting sites must be etched into law and practice. A multiagency taskforce similar to Ofcom or a Tech industry consortium also must be considered to enable a structured, proactive, and collaborative response to digital child sexual abuse.
Because justice must evolve not only in statutes, but also in cyberspace, protocols, and multilateral cooperation.
(Rachna Tyagi, is a General Counsel at Just Rights for Children and Partner Ethicus Legal and Consulting Solutions).
