Need help dealing with violent or distressing online content? Learn more

Periodic notice Report 3: A snapshot of eSafety's findings

This page covers findings from eSafety’s third periodic report about child sexual exploitation and abuse material and activity on online services, including grooming and sexual extortion, as well as sexual extortion of adults.

Specifically, this snapshot looks at the issue of sexual extortion, which occurs when victims are tricked or coerced into sending intimate images or videos of themselves to someone who then threatens to share the images or video unless demands are met, usually for payment. It is a widespread and acute harm, that affects both children and adults. Sexual extortion is a form of image-based abuse – the threatened or actual sharing of intimate images or videos without consent – however, when it targets children, it is also a form of child sexual exploitation and abuse.

This report covers the period from 1 July 2025 to 30 December 2025. It summarises information provided to eSafety in response to periodic reporting notices given to Apple, Discord, Google, Meta, Microsoft, Snap and WhatsApp.

Company logos for Apple, Discord, Google, Meta, Microsoft, Skype, Snap, WhatsApp.

 

On this page:

About this reporting series

These reports are produced to support transparency about compliance with the Australian Government’s Basic Online Safety Expectations (‘the Expectations’ or ‘BOSE’) which are intended to help keep Australians safe while using online services.

Among other things, the Expectations require service providers to take reasonable steps to minimise child sexual exploitation and abuse material and activity (CSEA) on their services.

A key step is detecting CSEA – either before it is uploaded or shared on a service, or immediately after it is provided on the service. Our regulatory guidance has further details.

On 22 July 2024 eSafety gave notices to eight service providers requiring them to report every six months for a two-year period on their compliance with the Expectations, focusing on CSEA. This includes sexual grooming of children (under-18s), and sexual extortion of children and adults.

The service providers were Apple, Discord, Google, Meta, Microsoft, Skype, Snap and WhatsApp.

The findings from the first reporting period (15 July 2024 to 15 December 2024) provided a baseline for comparing later reports.

The second report covered the period from 1 January 2025 to 30 June 2025.

This third report covers the period from 1 July 2025 to 30 December 2025.

Note: As Skype (Consumer) stopped operating on 5 May 2025, it no longer forms part of this reporting process.

Key findings from Report 3

eSafety continues to see concerning gaps in action taken by providers to detect CSEA (including sexual extortion of children) and sexual extortion of adults, on their services.

These are some of the gaps in providers’ responses to CSEA that are still evident since the last reporting period:

  • Proactively detecting new CSEA images and videos. When this is not done, the material may circulate on services unless and until someone reports it – even though there are tools that can be used to find it sooner and ensure that law enforcement agencies can be made aware of potential new victims who need to be identified and rescued.
  • Stopping live online CSEA from occurring in video calls. Only Microsoft is using tools to detect and disrupt live online CSEA in video calls. No other providers are using proactive detection tools to detect CSEA in video calls.
  • Implementing tools to detect and prevent children being groomed, which can involve children producing CSEA material or even meeting perpetrators in person.


eSafety continues to call on online service providers and the broader tech community to work together to develop technologies to prevent, detect and disrupt these harms.

However, we welcome responses that show that some providers have taken some positive steps to improve the safety of their service by investing time and resources in improving or expanding the tools and technologies they use to detect CSEA and sexual extortion.

eSafety will continue to shine a light on the range of tools and technologies which can be implemented and developed by providers to address acute harms like CSEA and sexual extortion. We will continue to highlight positive action as well as ongoing safety gaps and keep the pressure on industry to lift its performance.

For more detailed analysis, see our interactive transparency summary.

READ SUMMARY

Ongoing harm: sexual extortion still affecting Australian children and adults

Sexual extortion is a form of blackmail where someone threatens to share an intimate image or video of a person unless they comply with certain demands. 

Click or tap on the + to learn more about sexual extortion.

Sexual extortion often occurs in stages and can involve multiple platforms, but it can also occur entirely on a single service. Any services can be exploited for sexual extortion, and it is the responsibility of all services to implement safety measures to detect and prevent sexual extortion.

Between 1 July 2025 and 31 December 2025, eSafety received 2,206 individual complaints of sexual extortion. Not all complaints made to eSafety result in content removal or other action by eSafety and reports about children are referred to the ACCCE. Complainants often report sexual extortion incidents to online services directly which may result in content removal prior to assessment by eSafety. Although sexual extortion complaints involving a threat to share an intimate image may be reported to services, an intimate image that has not yet been posted cannot result in content removal action. The number of content removal actions taken by eSafety in relation to each service listed in the following graphs is therefore lower than the number of complaints made to eSafety.

Males accounted for 85% of all complaints received by eSafety. Males aged 18 to 24 years made the most complaints (803), followed by males 25 to 39 years (574). 

Number of sexual extortion complaints by age and gender.

A vertical bar graph showing the number of complaints received by eSafety in relation to sexual extortion between 1 July and 31 December 2026, broken down by gender.

Males aged 18 to 24 years made the most complaints with 803, compared to females ages 18 to 24 with only 79 complaints received. Males aged 25 to 39 years made the second highest number of complaints with 574, compared to females of the same age with 64 complaints.

Males made more complaints than females in all age brackets. 

Note: The data in this graph includes only complaints where details on the users age were provided. Not all reports include specific platform, age or demographic data, and reports may reference multiple platforms.

eSafety complaints data further showed that Instagram was the most commonly referenced service in complaints of sexual extortion, with 695 complaints received in the six-month period (81% were complaints by 18- to 39-year-olds), followed by WhatsApp. 

Top 10 services with highest number of sexual extortion reports to eSafety.

Horizontal stacked bar graph showing the top 10 services with the highest number of sexual extortion reports to eSafety.

Instagram received the highest number of complaints with 695, followed by WhatsApp with 612 and Telegram with 558.  

* While Telegram and TikTok are not part of this reporting series, both have previously been given transparency notices by eSafety looking at the steps they are taking to address CSEA on their services.

Note: A report for sexual extortion received by eSafety can include multiple services. The data included in the graph above counts all instances where a service was included in a report and therefore will not add to the total number of individual complaints. Figure numbers 10 and under are not shown on the graph.

The services where the initial contact with the perpetrator occurred varied between children and adults. While Tinder was the most reported service where initial contact occurred for complainants from users who were 18 and older, Instagram was the most reported social media service. TikTok was the service most identified by children under 18 where the initial contact occurred, followed by Instagram and Snapchat.

Top 8 services where initial contact by the perpetrator occurred.

Vertical stacked bar graph showing the top 8 services where initial contact by the perpetrator occurred.

Tinder was the service most reported, appearing in 162 complaints, followed by Instagram with 73 and Grindr with 60. TikTok, Telegram, WhatsApp, Snapchat and Facebook made up the rest of the top 10 services.
 

* While Telegram and TikTok were not part of the periodic reporting notices they have both previously received BOSE non-periodic reporting notices.

Note: Based on reports to eSafety between 1 July and 30 December 2025 for all age groups reporting sexual extortion. The data in this graph includes only complaints where details on the initial engagement were provided. Not all reports include specific platform, age or demographic data, and reports may reference multiple platforms. Tinder and Grindr are dating apps for users over 18 and therefore no complaints data is available for users under 18.

Once initial contact has been made, the threat of sexual extortion often happens on a different service, often where messages are encrypted or ephemeral. Threats of sexual extortion identified in complaints to eSafety include demands for content or money, posting content online, threatened sharing of content publicly or within friend groups and scams threatening to share content they did not have or promising payment for content. Telegram, iMessage and Snapchat were the top three services where children under 18 identified receiving a threat, while WhatsApp, Telegram and Instagram were the services most identified by adults.  

Top 6 services 'threats' of sexual extortion occurred.

Vertical bar chart showing the top 6 services where ‘threats’ of sexual extortion occurred.

WhatsApp was the service most reported, appearing in 596 complaints, followed by Telegraph with 547 and Instagram with 241. iMessage, Snapchat and Discord made up the rest of the top 6 services.

* While Telegram was not part of the periodic reporting notices they have previously received a BOSE non-periodic reporting notice.

Note: Based on reports to eSafety between 1 July and 30 December 2025 for all age groups reporting sexual extortion. The data in this graph includes only complaints where details on the service the sexual extortion occurred were provided. Not all reports include specific platform, age or demographic data, and reports may reference multiple platforms.

In 2025, eSafety conducted research with the Australian Institute of Criminology (AIC), surveying 1,953 adolescents aged 16- to 18-years-old living in in Australia to find out how many had experienced sexual extortion and how it had happened. Read the results of eSafety’s recent research with the AIC.

INHOPE’s global network of reporting hotlines identified a ‘sustained increase in reports relating to grooming, sexual coercion, and both financial and non-financial sexual extortion’ in their 2025 annual report. They found many cases involving minors being contacted through mainstream social platforms, messaging services, and random video chat applications and noted the growing complexity of technology-facilitated abuse and the need for monitoring and intervention to protect victims and prevent further exploitation.

All service providers must ensure they are taking steps to detect and address this harm on their services.

Read real stories of how sextual extortion can occur online:

You can also find more information about sexual extortion and image-based abuse on our website.

As of 10 December 2025, providers of age-restricted social media platforms must take reasonable steps to prevent under-16s from having accounts on their services. Currently, among others, this includes Instagram, Facebook and Snapchat, but does not include Discord, iMessage and WhatsApp.

While this means that children under 16 may be shielded from harms like sexual extortion where they are prevented from having accounts on certain services, sexual extortion continues to affect:

  • children using services that are not age-restricted social media platforms (for example, messaging services)
  • children who circumvent age assurance measures on age-restricted social media services and retain or create new accounts  
  • children aged 16 and 17, and adults 18 or older. 

Under the Unlawful Material Standards, service providers must address child exploitation material by implementing systems and processes and, if it is appropriate to do so, technologies that:

  • effectively disrupt attempts by end-users to use the service to solicit, generate, access, distribute or otherwise make available, or store, child exploitation material
  • effectively deter end-users from using the service to solicit, generate, access, distribute or otherwise make available, or store, child exploitation material.

This means service providers are required to take meaningful steps to effectively disrupt and deter new and known child sexual exploitation on their services, even if they are limited in their ability due to issues with technical feasibility, reasonable practicability, and systemic weakness.

These obligations do not cover sexual extortion of adults.

What can service providers do to detect and disrupt this harm?

Sexual extortion is perpetrated for a range of reasons. These include for financial gain, to force more sexual content from the victim and to extend coercive control over a current or former sexual partner. When financial gain is the objective, it often occurs in highly recognisable patterns with perpetrators using common phrases and scripts to trick the person they are targeting. Child safety not-for-profit organisation Thorn has published a report into financial sexual extortion which includes examples of these phrases and scripts.

Tools like language analysis technology can be used to detect these scripts by assigning a probability to written messages (such as texts) that can then be flagged for human review. However, where a service has implemented end-to-end encryption, use of proactive detection technologies is more challenging, and that service can be exploited more easily by perpetrators of sexual extortion.  

For providers of services which are end-to-end encrypted, or contain end-to-end encrypted parts, particularly in private or direct messaging where sexual extortion can occur, a multi-layered approach is needed to ensure that this unlawful material and activity is prevented, detected and addressed. Section 8 of the Expectations provides that if the service uses encryption, the provider of the service will take reasonable steps to develop and implement processes to detect and address material or activity on the service that is unlawful or harmful. eSafety’s regulatory guidance sets out examples of reasonable steps providers may take, such as:

  • using proactive detection tools that operate on non-end-to-end encrypted environments
  • using behavioural and other signals
  • ensuring users can report sexual extortion to the service and receive help
  • actively researching and developing new ways to ensure safety on non-end-to-end encrypted environments

See where providers have implemented measures in the interactive transparency summary.

While end-to-end encryption may make proactive detection more challenging, the lack of detection in these environments remains a serious safety gap. eSafety strongly encourages industry and the broader tech community to work together to develop technologies to detect sexual extortion.

Service providers are also required to effectively disrupt and deter both known and new CSEA under the Unlawful Material Codes and Standards. Providers must have systems and processes, but technologies need only be implemented where appropriate to do so.

Gaps in how service providers responded

While most service providers used some methods to detect sexual extortion, every provider had gaps in their use of tools, especially in their use of language analysis tools. The following section highlights gaps in steps providers are taking to address both sexual extortion of children and adults.

Click or tap on the + to find more information about what each service provider did (or failed to do).

eSafety’s investigations data, and reports from organisations such as Thorn, indicates iMessage is a high-risk platform for sexual extortion. iMessage is end-to-end encrypted. Apple did not use language analysis technology to detect sexual extortion of children or adults on iMessage, nor did it employ other proactive detection tools for sexual extortion on its service. 

Apple instead relied on its Communication Safety feature, which was switched on by default for users under the age of 18. This detected nudity in images and videos on iMessages and FaceTime video messages and blurred the image. After receiving a Communication Safety warning of potential nudity, users could report the content to a trusted adult, or in iMessage, directly to Apple. Similar functionality was available through the Sensitive Content Warning feature on iMessage and FaceTime, which was designed for adult users. 

However, these features were not on by default for all users – they were only for children under 18 who had accurately declared their age, or whose parents or carers had set up the device with an accurate age for their child. (See the Apple Account page in The eSafety Guide for information on how to enable settings). Other users had to opt in if they wanted to use these tools. Any children with Apple devices without Communication Safety on by default, had no in-app reporting option. Similarly, any adults who did not opt in to Communication Safety had no in-app reporting option. 

Furthermore, these tools only detected nudity and only allowed users to report nude images. There are significant limitations to this approach in the case of sexual extortion, as it will not detect sexual extortion before an image is already shared. Further, a victim of sexual extortion may be deterred from making a report as the only option for reporting to Apple may be to report their own intimate image or video. 

Threats of sexual extortion also could not be reported in-app if no image or video was posted on the service. If a perpetrator was lying about having obtained the intimate content and there was actually none on the service, or if they had obtained the intimate content from a different service (like a dating service or social media), victims were not able to make a report to Apple in iMessage. This meant Apple was not prompted to look into the perpetrator’s behaviour and determine appropriate next steps to keep its users safe. This is a serious and concerning gap. 

Discord did not use language analysis technology to detect sexual extortion of children or adults. Discord discontinued its trial of language analysis tools after the first reporting period, stating that the trialled tool did not yield sufficiently accurate signals. While Discord has stated that it continues to explore options, it  did not commit to, or provide specific details on work to improve, refine, or reintroduce this technology to proactively detect and deter sexual extortion. Although parts of Discord are end-to-end encrypted, these tools could proactively work on the parts of the service which are not end-to-end encrypted. eSafety’s investigations data indicates Discord is a high-risk platform for sexual extortion.

Discord did use a Safety Alerts on Senders feature, designed in collaboration with Thorn, which was on by default for teen users (where Discord had accurate information about their age). This alerted children aged 13 to 17 when a message was sent to them from an unfamiliar user, encouraging them to think carefully before replying and allowing them to block the sender. (See the Discord page in The eSafety Guide for further safety information).

Discord also used a model to detect and remove harmful communities (a community on Discord is a specific type of server for larger groups) engaged in sexual extortion. While eSafety encourages the development of new tools such as these, sexual extortion can be perpetrated by users who are not active participants in harmful communities and for purposes other than financial gain. Tools like language analysis could detect other types of sexual extortion, such as sexual extortion by an ex-partner or someone who the victim knows personally. Tools like language analysis could detect instances like this occurring, which we consider to be an important intervention in addition to broader proactive detection methods – especially where parts of services are not end-to-end encrypted.

Discord also lacked in-service reporting mechanisms in its video and voice calls and its Go Live function, making it hard for victims to report harms occurring on these parts of the service.

Google did not use language analysis technology, nor any other form of proactive detection, to detect sexual extortion of children or adults on Google Meet, Google Chat or Google Messages. Google only used language analysis technology to detect sexual extortion on YouTube.

Google introduced an in-app reporting mechanism in relation to ‘harmful content’ for Gmail in June 2025 and more recently Google Messages. However, that mechanism required use of a lengthy and complicated webform with a number of deficiencies. In the relevant reporting period, Google received no reports from users on Google Messages – in Australia or globally – in relation to child sexual exploitation and abuse (including sexual extortion of children). (See the pages on Google, Google Account, Google Chat and Google Meet in The eSafety Guide for further safety information).

Meta used language analysis tools to detect sexual extortion on all material by default on Instagram, Facebook and Threads. However, these tools were more limited on Facebook Messenger, which was end-to-end encrypted, and on Instagram Direct, which enabled end-users to switch on end-to-end encryption if they wished. Across both these services, language analysis tools were only used on public messaging (Channels and Community Chats) and on material reported by users.

In March 2026, Meta announced that Instagram would remove end-to-end encryption for private messages in May 2026. eSafety has encouraged Meta to expand its use of tools to work proactively on Instagram Direct when end-to-end encryption is removed, given the complexities associated with using existing tools on end-to-encryption will no longer apply.

Microsoft did not use language analysis technology, nor any other form of proactive detection, to detect sexual extortion of children or adults on Microsoft Teams, which is not end-to-end encrypted by default. Microsoft instead relied on in-product user reporting functionality.

Microsoft did use language analysis technology to detect sexual extortion on Xbox. 

Snap only used language analysis tools to detect sexual extortion of children and adults on material that users reported. Snap could improve its detection of sexual extortion by expanding the use of these tools to work proactively on the parts of the service which are not end-to-end encrypted, rather than relying on users to report the harm.

Snap did use technology to prevent users from searching for terms, or creating usernames or display names, indicative of sexual extortion.  Snap began using keywords of sexual extortion and grooming from the Internet Watch Foundation, although these keywords were only used for detection in material reported by users to Snap.

Snap also sent warning messages to children between the ages of 13 and 17 who received messages from certain users who may have posed a risk to them. This included users who they did not already share mutual friends with or have in their contacts, users who had been blocked or reported by other Snapchat users, and users from a region where the teen’s network wasn't typically located. However, Snap stated that only 0.30% of teenagers in Australia who received a warning message clicked on the option to report or block the sender – even though 99.64% had clicked through to see the message.

WhatsApp did not use language analysis technology to detect sexual extortion of children or adults in WhatsApp messages, which was end-to-end encrypted. WhatsApp did use language analysis tools on user reports and on WhatsApp Channels, which are not end-to-end encrypted.

WhatsApp did use signals-based detection to detect words or phrases associated with sexual extortion outside of messages, including in WhatsApp Channels. WhatsApp also used signals-based detection tools to identify harmful communities (Communities on WhatsApp can include up to 2,000 members across as many as 100 groups).

WhatsApp also provided an in-app reporting mechanism for users to report material and activity to WhatsApp, although it does not include specific reporting categories, including for child sexual exploitation and abuse or sexual extortion.

Other findings

Sexual extortion is just one type of CSEA harm online.

eSafety has published other information about the steps services are taking (and not taking) to detect and address CSEA in all its forms, including the distribution of known CSEA material, creation and distribution of new CSEA material, and live online CSEA and grooming of children. See the interactive transparency summary for details. 

Safety improvements

Requiring online service providers to report to eSafety every six months for two years about how they are tackling the issue of CSEA is improving transparency and accountability and keeping pressure on them to lift their performance.

In line with this goal, eSafety observed some notable online safety improvements by service providers during this report period, when compared to the responses from the first and second reporting period. Further information to industry on these, and other measures to address CSEA, are included in the interactive transparency summary and eSafety’s toolkit for implementing Safety by Design strategies. 

Click or tap on the + to read more about some of the improvements which were observed.

  • Discord began blocking URLs to known CSEA.
  • Microsoft began blocking URLs to known CSEA on Outlook and Teams.

  • Google began hash matching (such as identifying matching images or videos) for known CSEA videos on Chat, Gmail and Gemini.
  • Snap improved its video hashing capability to better detect known CSEA videos uploaded to Stories. Snap also enhanced its image matching technology using embeddings to better detect known CSEA images uploaded to Stories.

  • Microsoft developed and implemented a new tool for detection of live online CSEA in video calls on Teams.
  • Discord improved its CSEA video detection capability through introduction of a new tool.

Meta began using two new tools to detect grooming on Instagram Direct and Messenger:

  • A conversational text model that is included in Instagram Direct and Messenger. It uses classifiers to detect indicators of likely grooming, which Meta used on reports made by users.
  • Large-language-model-based classifiers used in Instagram Direct to proactively detect potentially inappropriate interactions in private messages (without requiring a user report), including grooming by adult users globally of minors based in Australia, which may then be automatically enforced or flagged for human review.  Meta has recently started expansion of this work to also include sexual extortion.

  • Google became a member of StopNCII (Stop Non-Consensual Intimate Image Abuse), which provides a hashing service for intimate images and videos. Google also began contributing more intelligence to the Technology Coalition’s ‘Lantern’ programme, which promotes cross-platform cooperation by facilitating signal sharing of the activity and accounts that violate providers’ policies against CSEA.

  • Google introduced in-service reporting functions for reporting CSEA in Google Messages. 

For more detailed analysis, see our interactive transparency summary.

Read summary