[sprayk]

> I think the argument is that if you’re not able to moderate your user-generated content at the most basic levels like running image hashes against the CP database then you shouldn’t be hosting it.

Then surely some minimum level of CP detection should be part of this section, right? If the requirements here are not defined well enough, then any company, from the smallest startup to a behemoth like FB, could be liable for some CP shared through the platform in a novel way that would have been impossible to detect.