cloudflare · angelampcosta · Jan 31, 2025 · Jan 31, 2025 · Jan 31, 2025 · pedrosousa
@@ -7,7 +7,7 @@ title: CSAM Scanning Tool
 
 The Child Sexual Abuse Material (CSAM) Scanning Tool allows website owners to proactively identify and take action on CSAM located on their website. By enabling this tool, Cloudflare will compare content served for your website through the Cloudflare cache to known lists of CSAM. These lists are provided to Cloudflare by leading child safety advocacy groups such as the National Center for Missing and Exploited Children (NCMEC).
 
-Remember, by enabling the Service, you agree to the [Supplemental Terms](https://www.cloudflare.com/supplemental-terms/) for the CSAM Scanning Tool. You agree to use this tool solely for the purposes of preventing the spread of CSAM.
+Remember, by enabling the Service, you agree to the [Service-Specific Terms](https://www.cloudflare.com/service-specific-terms-application-services/#csam-scanning-tool-terms) for the CSAM Scanning Tool. You agree to use this tool solely for the purposes of preventing the spread of CSAM.
 
 ***
 
@@ -21,64 +21,51 @@ Because knowingly distributing or viewing CSAM is illegal, the owner of the webs
 
 To enable the tool:
 
-1. Log into the [Cloudflare dashboard](https://dash.cloudflare.com).
+1. Log into the [Cloudflare dashboard](https://dash.cloudflare.com/).
 2. Select your account and zone.
 3. Go to **Caching** > **Configuration**.
 4. For **CSAM Scanning Tool**, select **Configure**.
 
-When enabling the tool, you must provide an email address and NCMEC CyberTipline credentials for reporting purposes.
-
-This email address will be used to both notify you in the event Cloudflare detects a positive match, and to provide NCMEC in case they or law enforcement need more information about the content reported to them.
-
-In order to get CyberTipline API credentials, you can email the [espteam@ncmec.org](mailto:espteam@ncmec.org) to get an application started. Go to the [NCMEC website](https://www.missingkids.org/theissues/csam) for more information. Cloudflare will use the credentials you provide in order to create reports to NCMEC when potential CSAM is identified on your zones. 
-
-Once you’ve verified your reporting email and entered your NCMEC credentials, scanning to identify potential CSAM will begin.
+You must provide an email address, which will be used to notify you in the event Cloudflare detects a positive match.
 
 ***
 
 ## What happens when a match is detected?
 
-Three things happen when a potential match is detected with the tool:
-
-1. A report is filed to NCMEC. This report includes the following:
-   * The email address you provided when setting up the tool so that NCMEC can reach out for further information if required
-   * The url of the matched content
-   * The date and time the content was identified by the tool
+When a potential match is detected with the tool:
 
-2. An email is sent to you to inform you of the detection and the report. This email will include:
-   * The file path of the content that was matched
-   * The ID of the report that was filed with NCMEC
-   * The date and time the report was filed 
-
-3. If possible, a firewall block is placed to prevent further serving of the matched content. If a firewall block fails, we will indicate that the content has not been blocked in the email.
+1. An email is sent to you once per day to inform you of any detections made in the past 24 hours. This email will include the file paths of any content that was matched.
+2. If possible, a block is placed to prevent further serving of the matched content. If a block fails, we will indicate that the content has not been blocked in the email.
 
 ***
 
 ## What action should I take when a match is detected?
 
 You are responsible for understanding and complying with any legal obligations you have as a website owner when made aware of any potential CSAM. Although legal obligations vary based on the provider and the jurisdiction, website owners often have obligations to report apparent CSAM, to remove content, and to preserve records. Some of those possible obligations are as follows:
 
-* You may need to preserve and securely store a copy of the content and related data in the case NCMEC or law enforcement reach out for additional details.
+- You likely have an obligation to report apparent CSAM to the appropriate authorities. You can file a report to NCMEC with additional information via NCMEC's CyberTip reporting form or find the preferred reporting portal for your jurisdiction via the INHOPE website.
+
+<br/>
 
-You likely have an obligation to securely preserve certain information related to your report for at least 90 days in the case of an investigation. To ensure that access to the content is limited, take care not to store this information anywhere accessible to anyone but those within your organization responsible for legal requests.
+- You may need to preserve and securely store a copy of the content and related data in the case NCMEC or law enforcement reach out for additional details.
+- You likely have an obligation to securely preserve certain information related to your report for at least 90 days in the case of an investigation. To ensure that access to the content is limited, take care not to store this information anywhere accessible to anyone but those within your organization responsible for legal requests.
 
-* You should remove the content and notify Cloudflare of the removal.
+<br/>
 
-Once any preservation obligations have been fulfilled, you should remove the content from your website. This is especially important if Cloudflare’s notice to you indicates that our block was unsuccessful.
+- You should remove the content and notify Cloudflare of the removal.
+- Once any preservation obligations have been fulfilled, you should remove the content from your website. This is especially important if Cloudflare's notice to you indicates that our block was unsuccessful.
 
 ***
 
 ## How do I have a block removed from my website?
 
-To disable a block, either because you have determined that the blocked content is not CSAM (a false positive) or because you have taken down the blocked content, go to the Cloudflare dashboard for your zone and request reviews on the relevant blocks. A request to remove a block must be accompanied by a representation from you confirming that the blocked content is not CSAM or has been removed.  If applicable, we will notify NCMEC when a false positive has been identified on the reported URL.
-
-![Example error message for a domain with blocked content.](~/assets/images/support/csam-blocked-content.png)
+To disable a block, either because you have determined that the blocked content is not CSAM (a false positive) or because you have taken down the blocked content, view [Blocked Content in the Security Center](/security-center/blocked-content/) in the Cloudflare Dashboard and request reviews on the relevant blocks. A request to remove a block must be accompanied by a representation from you confirming that the blocked content is not CSAM or has been removed. 
 
 These actions are available to users with the following roles:
 
-* Admin
-* Super Admin
-* Trust & Safety
+- Admin
+- Super Admin
+- Trust & Safety
 
 ***