Children’s digital lives do not happen in one place. Harmful sexual content can appear in a browser, a messaging app, a camera preview, a downloaded file, a social media feed, a screenshot, a video or a livestream. It is not confined to a single platform, app or predictable pathway. It can appear anywhere a child can view, capture, receive, create, save or share visual content.
That creates a seismic – and fundamentally different - safeguarding challenge.
Traditional online safety systems often rely on content being uploaded, reported or processed remotely. That may support platform moderation, but on-device safeguarding demands something different: protection that can act before, during or immediately after exposure, without first sending a child's private images or videos elsewhere for analysis.
A child may move through thousands of images, videos, messages and screen interactions every day. Most are harmless. Some are ambiguous. A small number may be seriously harmful. Effective on-device safeguarding must therefore operate across millions of fleeting moments, often in noisy, distorted or cluttered environments where harmful content is visible only briefly.
That created the central engineering question: could a visual AI model make reliable safeguarding decisions directly on a child’s device, quickly enough for real-time intervention, while preserving privacy, dignity and everyday usability?
Architecture
Designing safeguarding intelligence for the device
Many high-capacity computer-vision systems are developed for cloud environments, where compute and memory are comparatively abundant. HarmBlock was designed around the opposite assumption: it had to run on ordinary consumer devices, including older and lower-end phones.
On an internally curated mobile-safety benchmark, the current mobile-ready baseline achieved:
These figures represent different execution conditions, not a single universal speed. Model-only latency is not the same as the complete capture-to-decision pathway. The achievement is the combination: a high-performing safeguarding model compressed into a mobile-ready footprint and adapted across markedly different hardware environments without losing the core safeguarding task.
Robustness
Making the model work outside the laboratory
A strong benchmark result does not guarantee that a model will behave reliably on a child’s device.
Real inputs may be blurred, cropped, compressed, partially visible, surrounded by interface elements, or captured from another screen. Camera-based environments add further distortion through glare, flicker, reflections, rolling-shutter artefacts and the moiré effect created when one digital display is recorded by another imaging sensor.
The model improved not by avoiding failure, but by turning each failure into the next engineering decision - and feeding that decision into the next measured development cycle.
Pipeline
Engineering an efficient capture-to-decision pipeline
On-device safeguarding is not only a model problem. It is also an inference-pipeline problem.
The system had to select and prepare visual inputs, run inference efficiently and interpret outputs that fluctuated as cameras moved, lighting changed or users scrolled. That required careful coordination across preprocessing, inference and post-processing.
The Principle Was Simple
Analyse only as often as necessary, stabilise noisy inputs, and respond quickly when the risk signal is meaningful.
Evaluation
Measuring performance, fairness, and trust
HarmBlock was not evaluated through a single headline score.
The objective was not to claim perfect performance or the elimination of bias. It was to identify uneven behaviour, understand its source and reduce it through deliberate data design, targeted enrichment and continuing evaluation. This required close collaboration between our AI engineers, evaluation teams and safeguarding experts, combining quantitative performance analysis with informed review of how errors might affect children in practice.
Privacy & Security
Privacy and security through engineering
Privacy is not a promise added after the technology was built. It is one of the reasons HarmBlock was engineered to run on device in the first place.
Visual analysis happens locally, and the model returns a narrowly scoped safeguarding classification. Images and videos do not need to be sent to the cloud for inference. HarmBlock does not need to identify the child, construct a behavioural profile or create a record of their habits.
Put simply: a child’s image does not need to become a cloud event for the device to make a safety decision.
Governance
Expert-governed CSAM evaluation
CSAM requires a separate level of governance because it depicts the abuse of real children, is illegal to possess or access outside tightly controlled and authorised circumstances, and cannot be handled as ordinary machine-learning data.
This created a fundamental development challenge: how do you train and evaluate a model intended to recognise illegal content when the engineering team cannot lawfully access, inspect or move that material through ordinary development environments?
SafeToNet therefore worked with the Internet Watch Foundation through controlled, restricted-access evaluation processes using dedicated infrastructure, air-gapped workflows, structured output logging and expert review by authorised professionals.
The significance lies not only in the result, but in the engineering method behind it: demonstrating robust CSAM detection through independent, expert-governed evaluation of illegal material, without moving abusive content into ordinary engineering workflows, exposing developers to restricted imagery, or compromising the legal and ethical safeguards on which the development process depended.
Summary
Engineered for child-centred safeguarding
HarmBlock did not mature through one breakthrough. It matured through repeated testing, unexpected failure cases and successive engineering decisions that made the model smaller, faster and more reliable without losing sight of the safeguarding task. That process is continuing: each new model cycle is used to pursue greater accuracy, speed, efficiency and resilience across a wider range of devices and operating conditions.
That is HarmBlock: on-device AI safeguarding built for the real digital world children live in.
Talk to us about HarmBlock
Learn how on-device safeguarding can work within your platform, device or service.