How We Investigated the Epidemic of AI-Generated Child Sexual Abuse Material on the Internet

While major tech companies invest billions and deplete natural resources in a race to build faster, more powerful artificial intelligence systems, a silent epidemic is spreading online: the creation and circulation of AI-generated child sexual abuse material (CSAM).

Generative AI can only produce child sexual abuse material (CSAM) in only two ways: either a model’s training dataset contains CSAM directly, or it includes adult pornography and, by combining these visual references with images of children, the system generates illegal material.

A well-known example of these models is Stable Diffusion 1.5. The model was trained on the LAION-5B dataset, which researchers at the Stanford Internet Observatory later discovered, months after the model’s release, contained more than 3,000 suspected images of CSAM. And because open-source AI models like Stable Diffusion cannot modify or update their training datasets once released, the model continues to be used today to create AI-generated CSAM.

---

As a nonprofit journalism organization, we depend on your support to fund more than 170 reporting projects every year on critical global and local issues. Donate any amount today to become a Pulitzer Center Champion and receive exclusive benefits!

---

This case illustrates the kind of risk that drove our investigation. Over the course of ten months, I worked with a team of journalists and researchers to examine this disturbing phenomenon. Together, we uncovered more than a hundred instances of AI-generated CSAM circulating across the internet, from dark web forums to mainstream social media platforms like Instagram, and encrypted messaging apps such as WhatsApp and Telegram.

This crisis is well documented, underscored by dozens of alarming industry reports released each year, sometimes every month. Yet few have sought to truly understand how this technology can produce images that sexually exploit children and adolescents, especially when it was never explicitly designed for that purpose.

First step: Define your objectives

Investigating digital crimes, human rights violations, and emerging technologies is inherently complex. 

These investigations rely on original data collection, often involving hard-to-find material buried deep within the internet. The challenge intensifies when an inquiry exposes flaws in a product or company policy—requiring a transparent, replicable, and methodologically sound approach. Finally, depending on where the journalist is based, such work can carry legal, ethical, and even personal safety risks.

All of this is possible, but it starts with clarity. Defining your investigation’s purpose and main goals is not just about efficiency; It’s about protection. It helps to minimize unnecessary exposure to graphic or violent material, such as CSAM, and it creates space for a more constructive dialogue among companies, researchers, NGOs, and those working to make technology safer.

Our investigation had, for example, three main purposes:

1. To understand how artificial intelligence generates images of child sexual abuse and exploitation. These systems were built for creativity, efficiency, even entertainment—but like any powerful tool, they can be turned toward harm. We sought to examine how easily the boundary between creation and abuse can be crossed, and how often it already has been.
2. To trace how this material spreads—and in some cases, is commercialized. Our work followed the trail from encrypted messaging apps to mainstream social media, revealing networks, behavioral patterns, and the astonishing speed with which these images move across digital platforms.
3. To analyze how companies and governments are responding to the problem, with a focus on Brazil, Latin America’s largest country. We examined laws, corporate policies, and public initiatives to identify both systemic gaps and emerging responses. In the end, one conclusion stood out: This is not just a technical issue or a legal challenge—it is a human crisis, unfolding in real time.

Over time, investigations into AI-generated CSAM will evolve, with new goals, new methods, and new targets. Yet beyond the crime itself and the malicious actors behind it, understanding the paradox at its core remains essential: how a technology built to create, assist, and innovate can so easily be twisted into a tool for harm.

Because of this, defining clear objectives from the start becomes crucial. It’s what allows an investigation to stay focused, to gather evidence responsibly, and to minimize unnecessary exposure to graphic or harmful material. It also opens space for dialogue—between journalists, researchers, companies, and civil society—so that findings don’t just reveal a problem, but help build collective paths toward solutions.

Second step: Understand what AI is and isn’t

Whenever investigating AI systems (whether a large language model, a public facial-recognition system, or an algorithm that produces images of CSAM) it is essential to remember one thing: We are dealing with machines. Nothing they do happens by accident.

That may sound obvious, but it matters because every machine operates according to instructions and design choices. When an AI appears to “hallucinate,” the phenomenon is typically the consequence of design flaws, poor training data, or negligence by its creators—which makes developers at least partly responsible for those outcomes.

One initial step in any AI investigation, therefore, is to identify the type of technology involved. A chatbot behaves very differently from an image generator; an automated content classifier is not comparable to an AI used for accounting, credit scoring, or facial recognition. Each technology has its own logic, vulnerabilities, and ethical implications. Recognizing this early prevents misinterpretation and steers the investigation in the right direction.

In our work, two classes of AI quickly stood out as instruments of exploitation. The first are “nudifiers”—programs that digitally remove clothing from photographs. The second are image generators trained on pornographic datasets, which may include adult content and, in some cases, child sexual abuse material.

These technologies were built for very different purposes, yet in the wrong hands they become tools of harm. It is crucial to distinguish between them, because similar harmful outcomes can result from very different tools and carry different risks. That insight made it clear we had to examine training data and learning processes. While probing models that reproduced images of naked children, we uncovered a disturbing pattern: criminals using open-source models and fine-tuning techniques to train on photographs of children and on CSAM, then creating, distributing and selling synthetic material. In one of our stories, we reported on how users on two dark-web forums accessed via Tor were applying low-cost model-adaptation methods to tailor generators for producing artificial images of child sexual abuse—often using photos scraped from public social media accounts.

Classifying the type of AI involved was decisive. It allowed us to trace the routes for sale and distribution, link specific technologies to the digital channels exploited for commercialization, identify recurring patterns, name the platforms most frequently abused, and map the anonymity strategies perpetrators used to evade detection.

Third step: Map out how criminal networks work around (and with) AI

Every organized digital community (licit or illicit) develops its own grammar of recognition: shorthand, symbols, and routines that allow members to communicate without saying things outright. A Facebook group swapping pasta recipes will create the same kind of coded familiarity as a forum trading in far darker material. Learning to read those codes isn’t about infiltration or “policing”—it’s about understanding how a hidden culture sustains itself, and how its logic shapes the spaces we all use. Only then can this kind of reporting serve the public interest.

Even in the darkest corners of the web, there’s order. Markets built on exploitation depend on repetition, familiarity, and a brittle kind of trust. Their members rely on the same formulas: coded language, recognizable posting formats, intermediaries who vet and distribute material. Disrupt the pattern, and the economy falters.

That’s where our actual reporting began—not with the content itself, but with its architecture. We wanted to understand how AI-generated CSAM circulates: what signs give it away, what patterns repeat, and how the same networks evolve from one platform to another. What emerged was less a single community than an ecosystem, sustained by algorithms, anonymity, and the illusion of invisibility.

With that in mind, our team set out to map the signals, codes, terms, and formats used to advertise and distribute AI-generated CSAM, not only in dark-web forums, but on more accessible platforms: messaging apps, bot networks, and illicit marketplaces hiding in plain sight.

This work built on years of reporting into online child sexual abuse, not only our own, but also that of brilliant technology reporters around the world who have exposed these hidden ecosystems with rigor and care. For ethical and safety reasons, we do not (and cannot) publish the specific keywords, search strings, or coded phrases these networks use. What we can share is the method: a disciplined, replicable approach for detecting and documenting digital patterns without ever amplifying them.

For example, when we began investigating Telegram bots capable of generating AI-CSAM, we started not by clicking or testing, but by mapping. Every tool whose name or public description suggested sexually explicit or adjacent content was logged, creating a controlled foundation before any direct interaction. The goal was simple: to make every step traceable, safe, and replicable.

Our catalog took the form of a deliberately simple spreadsheet. Each row represented one tool; each column, a clear and verifiable data point. We logged:

• Date: when the tool was tested
• Result: whether the bot says it can generate CSAM
• Bot name: its public username for tracking
• Users: how many people were connected
• Groups: linked channels or clusters
• Language/country: where it seemed to operate
• Link: where it could be found
• CSAM check: manually checked if the bot could actually produce CSAM
• Clone option: if it could be copied or monetized
• Payment: whether users had to pay
• Status: if the bot was still active
• Notes: context, oddities, or patterns worth keeping

Taken together, these simple entries did more than confirm existence—they turned scattered observations into structured evidence. The spreadsheet allowed us to compare behavior across dozens of services, identify recurring technical and commercial patterns, and build a clear, defensible record that could hold up under scrutiny without amplifying the very signals that enable abuse.

Fourth step: Understand someone is always profiting from refusing responsibility

One of the most disturbing findings of our investigation wasn’t just the existence of AI-generated CSAM, but the infrastructure quietly profiting from it—its creation, circulation, and tacit toleration. Behind every illicit image lies a functioning economy: digital platforms, payment processors, AI developers, and underground marketplaces. Some actors are knowingly complicit; others, willfully negligent. Together, they thrive in the space between digital anonymity, corporate inaction, and weak regulatory oversight.

Dark-web forums have begun to monetize AI-generated CSAM through subscription models, pay-per-view galleries, and custom image “orders.” On Telegram, bots now charge for premium services, routing payments through cryptocurrency wallets designed to obscure the trail between buyer and seller.

AI developers, too, particularly those behind open-source image-generation models, carry a share of responsibility. Criminals repurpose these systems by fine-tuning them with illegal datasets. Despite disclaimers and safety filters, open access has become a loophole for exploitation, enabling offenders to retrain and adapt existing models beyond the reach of oversight.

Mainstream tech companies have not fared better. Messaging platforms, social networks, and payment systems continue to fail at detecting or deterring the spread of AI-generated abuse. Policies banning such content exist on paper but remain inconsistently enforced. Offenders repeatedly cited Instagram, for example, as a source for harvesting photos of minors—images later manipulated with AI tools into sexualized depictions.

Regulators, meanwhile, remain a step behind. Governments and international agencies issue warnings and commission reports, but enforceable action is rare.

In Brazil, Latin America’s largest country and one of the world’s most active online populations, no dedicated framework addresses AI-generated CSAM. And although a law from the early 2000s prohibits image manipulation to produce CSAM, enforcement remains weak—and entirely silent on the role of generative AI.

Globally, this same pattern holds. Most legal frameworks lag behind the pace of technological abuse, leaving vast gaps in accountability. The problem is compounded by relentless lobbying from tech and financial sectors, working to soften or delay regulation that might constrain AI development. Even when laws against CSAM remain untouched, broader rules around data collection, training datasets, algorithmic transparency, and content moderation are quietly eroded.

In the end, the question is simple—if uncomfortable. Who profits? Shadowy AI developers exploiting open-source vulnerabilities, dark-web marketplaces, and anonymous payment services. And who fails? Tech giants, under-resourced regulators, and governments too timid—or too compromised—to confront the crisis their inaction sustains.

Fifth step: Know your ethical and legal limits

Before beginning any investigation involving CSAM, consult a lawyer. This isn’t a formality, it’s a safeguard. Laws on digital evidence, privacy, and online abuse vary sharply across countries, and a single misstep can turn a legitimate investigation into a legal liability. A good lawyer will help you set the boundaries of your work: what you can access, what you can document, and how to publish responsibly without crossing legal or ethical lines.

Legal counsel can clarify what you can and cannot access, how to document and store evidence, and how to communicate findings without violating the law. In some jurisdictions, even possessing or viewing AI-generated CSAM may be treated the same as handling real material.

Here’s what to clarify before you begin:

• Access boundaries. Understand exactly what types of material you can legally view or record. In some countries, even screenshots of CSAM—real or AI-generated—are treated as illegal possession.
• Evidence handling. Learn how to record information safely. When possible, log URLs, metadata, and hashes rather than storing full images or videos. Keep detailed notes about how and when you encountered the material.
• Reporting obligations. In certain jurisdictions, anyone who encounters confirmed CSAM must immediately report it to law enforcement. Ask how this applies to journalists.
• Publication rules. Know what can be published and what must remain confidential. Always redact, blur, or anonymize material and verify what qualifies as “public interest” in your country.

In Brazil, for example, since 2018, a specific legal framework exempts journalists, scientists, and academics from liability when publishing non-consensual sexual material only if the story serves a legitimate public interest and the victim’s identity is fully protected. Anything outside those limits may still be criminal.

If your newsroom doesn’t have legal support, create your own basic protocol before you start. Decide who can see or record sensitive material and under what conditions. Keep a shared, dated log of everything: links opened, files viewed, who accessed them, and what was done. Don’t download images or videos unless absolutely necessary. Use written descriptions, partial URLs, or screenshots that show details like timestamps or file names but not explicit content. When in doubt about legality, stop. Ask for guidance before moving forward.

And finally: Remember to report all suspected AI-generated CSAM or real CSAM to your country’s INHOPE hotline.

INHOPE (Association of Internet Hotline Providers) is a global network of hotlines that receive public reports of CSAM and work to remove, share, and escalate harmful content across jurisdictions. In 2023 alone, member hotlines processed over 785,000 reports of suspected CSAM, of which 69% (more than 540,000 URLs) were confirmed as illegal content.

The association coordinates directly with law enforcement and technology companies to ensure that harmful material is handled safely and efficiently, and you can locate your country’s hotline on the official list on their website. If no hotline exists in your country, contact a local police unit that handles cybercrime or report the material directly to law enforcement.

Never keep or forward CSAM yourself, even for documentation or because you are afraid the content will be taken down before your story is published. Reporting through the proper channels ensures that evidence is preserved, victims are protected, and the content can be removed safely and legally.

Sixth step: Know that AI will improve, and so will the AI-generated CSAM

As AI becomes more advanced, so does the material it can produce—including AI-generated child sexual abuse content. This is not a side effect of innovation; it is a consequence of releasing powerful technology without meaningful guardrails. The fault doesn’t lie with the machines, but with the vacuum left by complacent corporations, underfunded regulators, and societies still unwilling to confront the scale of digital exploitation.

If these systemic failures persist—if clear legal frameworks, transparent AI governance, and genuine victim protection continue to lag—the epidemic will deepen quietly, in the shadows. Journalism’s role in this fight remains essential: to expose the networks, demand accountability, and remind the world that behind every AI-generated image lies real human harm.

As AI evolves, so must the way we investigate it. The next generation of CSAM may not resemble photos at all. It may emerge from synthetic datasets, deepfake composites, or live image generation embedded within chatbots and virtual worlds. Journalists, researchers, and policymakers will need stronger technical literacy, closer cooperation with data scientists and law enforcement, and new ethical frameworks that balance exposure with protection.

The challenge ahead will be tracing crimes that are no longer static files, but adaptive systems—learning, updating, and mutating in real time. Progress in AI cannot come at the expense of children’s safety. Because behind the code, beyond the datasets and models, the real battle is—and will always be—human.

Finally, a warning: Don’t negotiate with mental health

Investigating crimes against children (especially sexual abuse and exploitation) leaves marks. It’s not abstract work; it gets under the skin. After more than three years reporting on online criminal markets, I’ve learned a few lessons that anyone entering this field should take seriously.

It was during a digital investigations course I first heard the term vicarious trauma from journalist Andy Carvin. He described how covering the Arab Spring remotely affected him so deeply that it produced physical symptoms. Prolonged exposure to violent or grotesque material can bypass the mind’s defenses and settle in the body. There’s substantial research on secondary trauma among doctors, nurses, and psychologists—but far less on what it does to journalists who must witness and interpret horror as part of their job.

That’s why protections must be intentional, put in place by reporters, and more importantly, by the editors assigning these stories. Too often, the emotional toll is treated as a private burden, something to manage quietly. It shouldn’t be.

In our team’s case, most of us had prior experience covering CSAM and cybercrime and knew how to manage the emotional and psychological weight. For those who didn’t, we made a simple rule: No one without prior experience would handle sensitive visual material, even if it was AI-generated. It was a small decision, but it protected us.

Besides this, there are many multimedia resources (unfortunately, particularly in English) from platform safety teams that deal with child exploitation. They help contextualize the work but are no substitute for professional psychological support. That support should be built into newsroom structures or sought independently when it isn’t.

Choosing to work on investigations like this is never casual. It shouldn’t be driven by scoops or spectacle, but by a commitment to the public interest. That commitment is only sustainable when emotional boundaries are respected. Knowing when to pause, step back, or stop isn’t a weakness, it’s professionalism. The work is heavy, and the responsibility is enormous. But with clear boundaries, shared knowledge, and compassion—for sources, colleagues, and oneself—it’s possible to keep going and to keep telling the stories that matter most.

Key takeaways for replicating our work

1. Build a defensible methodology before collecting data. Never start by testing random tools or interacting with illicit material. Design a system that prioritizes safety, traceability, and replicability. Record everything—time, platform, access point, and behavior—before any functionality tests. A disciplined method protects both your team and your evidence.
2. Get legal support early. Before you collect or handle any potentially illegal material, seek legal advice. Know your country’s laws on digital evidence, privacy, and child protection. A single misstep can jeopardize the investigation and expose the reporter to criminal liability. Build a legal safety net before you begin.
3. Identify the technology before interpreting the crime. Not all AI systems work the same way. A general large language model behaves differently from a fine-tuned nudifier or a generative chatbot. Misreading the technology leads to false conclusions and misplaced blame. Classify the system first, then trace how it’s being misused.
4. Protect the human infrastructure as fiercely as the digital one. Investigating child sexual abuse material—even when artificially generated—has psychological costs. No one should face it alone or without boundaries. Emotional care, trauma awareness, and peer supervision are as critical as technical protocols. Build protection into the workflow, not after it.
5. Anticipate the next frontier problem. AI evolves faster than law, policy, or journalism. Future investigations will demand hybrid skills—part reporter, part data scientist, part ethicist. Work with coders, legal experts, and victim advocates. Learn the tools before they’re turned against the vulnerable. The next form of abuse will arrive faster than the last.