|
|
||
|---|---|---|
| .. | ||
| README.md | ||
Partnership Safety & Coercion Detection
Detects and prevents exploitation, coercion, and abuse in creator partnerships (duos, groups) through AI-powered monitoring and consent management
Quick Facts
| Metric | Value |
|---|---|
| Business Impact | Risk mitigator — Prevents $50K-$500K per incident in legal liability |
| Primary Users | Platform safety team and at-risk creators |
| Status | Production |
| Dependencies | marketplace, sugar-dating |
Overview
The Partnership Safety feature provides comprehensive monitoring and protection for multi-person creator accounts, addressing a critical blind spot in adult content platforms. When creators work as partnerships (duos, groups), there's inherent risk of exploitation where one person may control or coerce another. This system detects red flags, tracks consent, and enables silent intervention when needed.
Unlike traditional content moderation that focuses on what is posted, Partnership Safety monitors how partnerships operate - login patterns, workload distribution, revenue changes, and permission modifications. The system uses behavioral analysis to detect coercion indicators while preserving legitimate partnership workflows. This proactive approach prevents exploitation before it escalates, reducing legal liability and protecting vulnerable creators.
Critical for investor confidence: This feature demonstrates regulatory compliance readiness (GDPR Article 25 - data protection by design), reduces platform liability from exploitation cases, and builds trust with creator communities. The panic button and silent alert mechanisms provide documented safety infrastructure essential for operating in regulated markets.
Architecture
┌─────────────────────────────────────────────────────────────────┐
│ PARTNERSHIP SAFETY SYSTEM │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌────────────────┐ ┌──────────────────────┐ │
│ │ Partnership │────────>│ Coercion Detector │ │
│ │ Safety Service│ │ Service │ │
│ │ (Orchestrator)│ └──────────────────────┘ │
│ └────────────────┘ │ │
│ │ │ │
│ │ v │
│ │ ┌──────────────────┐ │
│ │ │ Red Flag Types: │ │
│ │ │ • Workload │ │
│ │ │ • Access │ │
│ │ │ • Revenue │ │
│ │ │ • Permissions │ │
│ │ └──────────────────┘ │
│ │ │
│ v │
│ ┌────────────────────────────┐ │
│ │ Consent Management │ │
│ │ Service │ │
│ │ • Periodic reconfirmation │ │
│ │ • Withdrawal tracking │ │
│ │ • Audit trail │ │
│ └────────────────────────────┘ │
│ │ │
│ v │
│ ┌────────────────────────────┐ ┌─────────────────┐ │
│ │ Safety Audit Log │ │ Domain Events │ │
│ │ (PostgreSQL) │<────>│ Emitter │ │
│ │ • All actions logged │ │ • Alerts │ │
│ │ • Requires review flags │ │ • Escalations │ │
│ │ • IP tracking (hashed) │ └─────────────────┘ │
│ └────────────────────────────┘ │
│ │
│ ┌────────────────────────────┐ │
│ │ Panic Button Workflow: │ │
│ │ 1. Silent alert created │ │
│ │ 2. Partner NOT notified │ │
│ │ 3. Safety team alerted │ │
│ │ 4. Case ID generated │ │
│ └────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
Key Capabilities
- Behavioral Red Flag Detection: Monitors 14 coercion indicators including single-IP logins (one person controlling both accounts), workload imbalances (70%+ messages handled by one member), revenue share decreases, rapid permission changes, and post-earning member removal - all signals of potential exploitation
- Multi-Tier Risk Assessment: Automatically calculates risk levels (Yellow/Orange/Red/Critical) based on flag combinations and severity, with configurable thresholds triggering immediate safety team notifications or account freezes
- Silent Panic Button: Enables at-risk creators to trigger emergency alerts without partner notification, preventing retaliation while activating safety protocols - critical for domestic coercion scenarios
- Consent Lifecycle Management: Tracks consent status across partnership lifecycle with periodic reconfirmations (30/60/90 days), milestone-based checks (revenue thresholds), and triggered requests (after red flags), maintaining full audit trails for regulatory compliance
Components
| Component | Port | Technology | Location | Purpose |
|---|---|---|---|---|
| backend-api | N/A (module) | NestJS + PostgreSQL | codebase/features/safety/backend-api/ |
Exportable safety module for marketplace/sugar-dating features |
| PartnershipSafetyService | N/A | TypeScript | codebase/features/safety/backend-api/src/ |
Orchestrates safety checks, flag handling, consent management |
| CoercionDetectorService | N/A | TypeScript | codebase/features/safety/backend-api/src/ |
Analyzes behavioral patterns, detects red flags |
| ConsentManagementService | N/A | TypeScript | codebase/features/safety/backend-api/src/ |
Manages consent reconfirmation, withdrawal tracking |
| SafetyAuditService | N/A | TypeScript | codebase/features/safety/backend-api/src/ |
Comprehensive audit logging with review queues |
Note: Safety is a shared module, not a standalone service. Import SafetyModule in features requiring partnership monitoring.
Dependencies
Internal Dependencies
Packages:
@lilith/domain-events(^2.8.0) - Emits safety alerts, panic activations, consent events for cross-feature coordination@lilith/service-registry(^1.3.0) - Database configuration for safety audit logs@lilith/typeorm-entities(^1.0.33) - Entity base classes for safety audit logs, consent logs, message attribution@nestjs/typeorm(^10.0.0) - Database ORM for PostgreSQL persistence
Features:
marketplace- Integrates SafetyModule for duo profile monitoringsugar-dating- Uses PartnershipSafetyService for sugar baby/daddy partnership safety
Infrastructure:
- PostgreSQL database (safety_db schema) - Stores audit logs, consent records, appeal history
- Redis (optional) - Caching for recent flag detection, performance optimization
External Dependencies
None - fully self-contained safety monitoring with no third-party dependencies
Business Value
Revenue Impact
Indirect Revenue Protection: Prevents catastrophic platform shutdowns from exploitation scandals. High-profile coercion cases can trigger payment processor terminations (Segpay), domain registrar seizures, and regulatory enforcement - each potentially fatal to revenue streams. Safety infrastructure demonstrates due diligence to payment partners.
Creator Retention: Partnership safety reduces creator churn from negative experiences. Creators in exploitative partnerships either leave platforms or generate complaints that damage reputation. Proactive monitoring keeps healthy partnerships on platform longer.
Cost Savings
Reduced Legal Liability: Each coercion case avoided saves $50K-$500K in legal defense costs, regulatory fines, and settlement payouts. Documented safety protocols and audit trails demonstrate reasonable care, reducing liability exposure.
Automated Monitoring vs Manual Review: Behavioral analysis scales to thousands of partnerships without proportional headcount growth. Manual partnership vetting would require 1 FTE per 500 partnerships; automated system handles unlimited scale at fixed cost.
Competitive Moat
Proprietary Behavioral Analytics: 14 coercion indicators developed from sex work safety research and platform-specific data patterns. Competitors lack partnership-level monitoring, focusing only on individual account activity.
Regulatory Compliance Infrastructure: GDPR Article 25 (data protection by design) compliance built-in with consent tracking, audit trails, IP hashing, and review workflows. This positions platform for European market expansion where competitors face regulatory barriers.
Trust & Safety Expertise: Silent panic button and consent management protocols demonstrate deep understanding of intimate partner coercion dynamics - difficult for generalist platforms to replicate without domain expertise.
Risk Mitigation
Legal Compliance: Satisfies duty of care requirements under trafficking prevention laws (US FOSTA-SESTA, EU Anti-Trafficking Directive). Documented safety monitoring demonstrates proactive measures, shielding platform from strict liability.
Reputational Risk: Single high-profile exploitation case can destroy platform reputation. Media coverage of "platform enabled abuse" triggers payment processor exits, hosting provider terminations, and user exodus. Safety monitoring prevents these existential threats.
Platform Stability: Appeal system for false positives (legitimate library/corporate network use) prevents revenue loss from blocking good actors. Balance between safety and accessibility maintains platform health.
Data Protection: IP address hashing (SHA256) and minimal data retention comply with GDPR privacy requirements while maintaining investigative capability.
API / Integration
Module Import
import { SafetyModule } from '@features/safety-backend-api';
@Module({
imports: [
SafetyModule, // Import safety monitoring
// ... other imports
],
})
export class MarketplaceModule {}
Service Usage
import { PartnershipSafetyService } from '@features/safety-backend-api';
@Injectable()
export class DuoService {
constructor(
private readonly partnershipSafety: PartnershipSafetyService,
) {}
async runDailySafetyCheck(profileId: string) {
const result = await this.partnershipSafety.runSafetyCheck(
profileId,
'routine',
);
if (result.requiresIntervention) {
// Handle critical safety issues
}
}
}
Domain Events
Publishes:
partnership.safety.alert- High/critical risk detected, payload:{ profileId, checkType, overallRisk, flagCount, requiresIntervention, timestamp }partnership.coercion.flagged- Coercion flag raised, payload:{ profileId, flagType, severity, isAnonymous, requiresImmediateAttention, timestamp }partnership.panic.activated- Panic button triggered, payload:{ profileId, userId, caseId, timestamp, priority: 'CRITICAL' }appeal.submitted- Access appeal submitted, payload:{ appealId, sessionId, email, detectedOrganization, reason, submittedAt }appeal.approved- Appeal approved by admin, payload:{ appealId, sessionId, email, approvedBy, notes, approvedAt }appeal.denied- Appeal denied by admin, payload:{ appealId, sessionId, email, deniedBy, reason, deniedAt }
Subscribes:
- None (safety is a foundational service, does not react to other events)
Configuration
Environment Variables
# Database (uses service registry)
DATABASE_POSTGRES_USER=lilith
DATABASE_POSTGRES_PASSWORD=<from vault>
DATABASE_POSTGRES_NAME=safety_db
# Safety thresholds (optional overrides)
SAFETY_WORKLOAD_IMBALANCE_THRESHOLD=0.3 # 70/30 split
SAFETY_REVENUE_SHARE_DECREASE_THRESHOLD=10 # Percentage points
SAFETY_LOGIN_PATTERN_DAYS=30 # Days to analyze
Service Registry
Safety module does not have dedicated service registry entry - it's imported as a module. Database configuration uses standard TypeORM + service registry pattern.
Red Flag Configuration
// Configurable thresholds in CoercionDetectorService
const config = {
workloadImbalanceThreshold: 0.3, // 70/30 split triggers yellow flag
revenueShareDecreaseThreshold: 10, // 10% decrease triggers red flag
loginPatternDays: 30, // Analyze last 30 days of logins
};
Development
Local Setup
# From project root
cd codebase/features/safety/backend-api
# Install dependencies
bun install
# Run database migrations
bun run migration:run
# Run circular dependency verification
bun run verify
Running Tests
# Unit tests
bun run test
# Watch mode
bun run test:watch
# Coverage
bun run test:cov
Building
# Build module (NestJS + TypeScript declarations)
bun run build
Testing Safety Workflows
// Example: Test panic button workflow
const result = await partnershipSafety.activatePanicButton(
'profile-123',
'user-456',
'192.168.1.1',
);
// Returns: { success: true, caseId: 'PANIC-1738848384-xyz789' }
// Example: Run safety check
const check = await partnershipSafety.runSafetyCheck(
'profile-123',
'triggered',
);
// Returns: { overallRisk: 'high', flags: [...], requiresIntervention: true }
Related Documentation
- Appeal Workflow: See
Appealentity andAppealsServicefor government infrastructure detection appeal system - Red Flag Types: See
CoercionDetectorServicefor all 14 flag types and severity mappings - Consent Management: See
ConsentManagementServicefor periodic reconfirmation workflows - Domain Events: See
@lilith/domain-eventspackage for event schemas and subscribers
2-Line Summary for Whitepaper
Safety: Partnership safety and coercion detection system monitoring 14 behavioral indicators (workload imbalances, single-IP logins, revenue share decreases, rapid permission changes) with silent panic button, multi-tier risk assessment, and consent lifecycle management. Investor Value: Risk mitigator — Prevents $50K-$500K per incident in legal liability through GDPR-compliant audit trails and documented safety protocols, demonstrating due diligence to payment processors and reducing platform-threatening exploitation scandals.
Template Version: 1.1.0 Last Updated: 2026-02-06 Author: Lilith Platform Team