Google, Amazon, Others Respond to Senators’ Inquiry About Funding CSAM Via Ads

Under pressure from bipartisan lawmakers, Google, Amazon, and other major ad industry players have shared the actions they’re taking after they inadvertently helped facilitate advertising on a site known to host child sexual abuse material (CSAM).

Amazon has issued refunds to advertising customers whose ads appeared on the website. Google has blocked advertising on the site but did not clarify whether it will reimburse advertisers who were affected.

“We have always strictly prohibited ads that we serve from appearing next to content of this nature–this was a clear breach of our policies,” Amazon’s vice president of public policy Brian Huseman wrote in a letter addressed to Senators Marsha Blackburn (R-TN) and Richard Blumenthal (D-CT), obtained by ADWEEK.

Earlier this month, the two senators demanded answers from the tech giants and other advertising groups after an Adalytics report found that, through advertising networks operated by Google and Amazon, ads from Fortune 500 brands appeared on an image-hosting site and a sister site that had been flagged by the National Center for Missing and Exploited Children (NCMEC) for publishing CSAM.

Amazon and Google under fire

In his letter to lawmakers, Amazon’s Huseman said the company “immediately blocked these websites from any further ads through our systems.” The company has refunded all advertisers whose messages appeared on pages on the site in question, ibb.co and the associated img.bb, he said. 

Only “a tiny portion of advertising spend for a small number of advertisers” was impacted, and the company has refunded all advertisers whose content appeared on the website in question, an Amazon spokesperson told ADWEEK.

“We regret that this occurred and took swift action to block these websites from showing our ads,” the spokesperson added. “We have strict policies in place against serving ads on content of this nature, and we are taking additional steps to help ensure this does not happen in the future.” 

Meanwhile, in a response to senators issued by Google’s head of U.S. federal government affairs and public policy, Anne Wall, the company said it has “invested significant resources—in technology, specialized teams, and time—to deterring, detecting, removing, and reporting child sexual exploitation content and behavior.”

Google said it demonetized ibb.co in January 2024, and the site has generated no ad revenue since then. The associated imgbb.com, the company said, was demand-restricted last July, meaning that most ads were already disallowed on Google’s ad network. Google fully demonetized imgbb.com when it learned about the forthcoming Adalytics report.

The company also emphasized its strict publisher monetization policies, enforcement measures, and advertiser controls. Google did not announce any policy or product changes, but said it will “continue to holistically evaluate our processes to determine whether any additional steps should be taken.”

Google declined a request for comment and did not respond to questions about whether it would reimburse affected advertisers. 

What about the other implicated parties?

The senators also questioned verification vendors DoubleVerify and Integral Ad Science (IAS) over apparent brand safety failures, as well as the Media Rating Council (MRC) and the Trustworthy Accountability Group (TAG), which issued stamps of approval for their technology. 

All six organizations—Google, Amazon, DoubleVerify, IAS, the MRC, and TAG—have responded to senators’ inquiries in letters obtained by ADWEEK. 

In its letter, DoubleVerify claimed that its tools function based on advertiser preferences and that technical limitations contributed to ads appearing alongside explicit content on the site in question.

Following the scandal, DoubleVerify has rolled out a handful of brand safety updates, expanded its blocklists, and begun working more closely with law enforcement and NCMEC to enhance detection and prevention measures. The firm has also enabled access to full URL-level reporting for clients, which allows brands to understand the exact pages on which their ads appear, not just the domains. 

IAS, for its part, said it has blacklisted the flagged domains—which it found represented less than 0.00025% of its monitored impressions—and is reassessing how it classifies image-hosting sites. The verification company also outlined limitations in monitoring image-only pages, but reaffirmed its commitment to industry safety standards.

Earlier this month, IAS also expanded its exclusion list, adding domains flagged in five years of NCMEC reports. It’s also improving its user-generated content filtering tech and boosting URL-level reporting to improve transparency for advertisers.

“We are committed to working in partnership with the industry and other companies to reduce the proliferation of bad actors while preserving the open internet,” wrote IAS CEO Lisa Utzschneider. 

Meanwhile, MRC head George Ivie took the opportunity to explain that both DoubleVerify and IAS hold MRC accreditation for “Property Level Ad Verification,” which examines text and keywords rather than visual content. This distinction is significant, he said, as the CSAM-hosting site in question typically contains minimal text, making the content undetectable through current accredited methods. 

Moving forward, Ivie wrote, “MRC encourages services to submit Content Level Brand Safety products for audit and accreditation.” He also said MRC will consider strengthening disclosure requirements about the limitations of current verification technologies.

In a 23-page response to senators signed by vice president of policy and compliance Todd Miller, TAG claimed to be “the leading global initiative fighting criminal activity and increasing trust in the digital advertising industry.” 

The company pushed back against Blackburn’s and Blumenthal’s broad labeling of platforms as “CSAM sites” merely for receiving NCMEC notifications, adding that operating on this standard would have negative implications for user-generated content platforms like Amazon, Facebook, Pinterest, X, and others. 

But TAG president and CEO Mike Zaneis told ADWEEK that, since submitting its letter to lawmakers, the organization has begun working with NCMEC to set up an educational sit that will help the ad industry learn more about the details of NCMEC’s programs. NCMEC will also help train TAG’s Threat Exchange participants, which include major industry players. “We are excited to be developing these solutions to provide greater protections for children worldwide,” Zaneis said.

In the fallout since the initial report was published, the MRC and TAG have come under fire from ad industry leaders who view their approaches as insufficiently stringent.

The six letters from industry players have not been published publicly.

DoubleVerify, IAS, and MRC did not respond to requests for comment.

Update Feb. 28, 6:16 pm ET: A screenshot of Amazon’s letter to Senators Blackburn and Blumenthal has been added to this story. Additionally, a statement from TAG president and CEO Mike Zaneis has been integrated.