Regulation to Prevent and Combat Child Sexual Abuse

Last updated
Regulation proposal
European Union regulation
Text with EEA relevance
Flag of Europe.svg
TitleProposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL laying down rules to prevent and combat child sexual abuse
Journal reference
Preparative texts
Commission proposalCOM/2022/209 final
Proposed

The Regulation to Prevent and Combat Child Sexual Abuse (Child Sexual Abuse Regulation, or CSAR) is a European Union regulation proposed by the European Commissioner for Home Affairs Ylva Johansson on 11 May 2022. The stated aim of the legislation is to prevent child sexual abuse online through the implementation of a number of measures, including the establishment of a framework that would make the detection and reporting of child sexual abuse material (CSAM) by digital platforms known by its critics as chat control a legal requirement within the European Union. [1] [2]

Contents

Support for the proposal

Supporters of the regulation include dozens of campaign groups, [3] activists and MEPs, along with departments within the European Commission and European Parliament themselves. Opponents include civil society organisations and privacy rights activists [4] .

The European Commission's Directorate-General for Migration and Home Affairs argues that voluntary actions by online service providers to detect online child sexual abuse are insufficient. They emphasize that some service providers are less involved in combating such abuse, leading to gaps where abuse can go undetected. Moreover, they highlight that companies can change their policies, making it challenging for authorities to prevent and combat child sexual abuse effectively. The EU currently relies on other countries, primarily the United States, to launch investigations into abuse occurring within the EU, resulting in delays and inefficiencies. [5]

Several bodies within the EU claim the establishment of a centralized organization, the EU Centre on Child Sexual Abuse, would create a single point of contact for receiving reports of child sexual abuse. [5] [1] It is claimed this centralization would streamline the process by eliminating the need to send reports to multiple entities and would enable more efficient allocation of resources for investigation and response. [5]

Proponents also argue for the need to improve the transparency of the process of finding, reporting, and removing online child sexual abuse material. They claim that there is currently limited oversight of voluntary efforts in this regard. The EU Centre would collect data for transparency reports, provide clear information about the use of tools, and support audits of data and processes. It aims to prevent the unintended removal of legitimate content and address concerns about potential abuse or misuse of search tools. [5]

Another aspect highlighted by supporters is the necessity for improved cooperation between online service providers, civil society organizations, and public authorities. The EU Centre is envisioned as a facilitator, enhancing communication efficiency between service providers and EU countries. By minimizing the risk of data leaks, the Centre aims to ensure the secure exchange of sensitive information. This cooperation is crucial for sharing best practices, information, and research across different countries, thereby strengthening prevention efforts and victim support. [5]

Criticism of the proposal

Groups opposed to this proposal often highlight that it would impose mandatory chat control for all digital private communications, and as such commonly refer to the proposed legislation by the name "Chat Control". [6] [7] [8] Civil society organisations and activists have argued that the proposal is not compatible with fundamental rights, infringing on the right to privacy. [9] [10] Moreover, the proposal has been criticised as technically infeasible. In Ireland, only 20.3% of the reports received by the Irish police forces turned out to be actual exploitation material. Specifically, from a total of 4192 reports received, 471 i.e. more than 10% were false positives. [11]

The European Parliament commissioned an additional impact assessment on the proposed regulation which was presented in the Committee on Civil Liberties, Justice, and Home Affairs. [12] The European Parliament's study heavily critiqued the Commission's proposal. According to the Parliament's study, there aren't currently any technological solutions that can detect child sexual abuse material, without resulting in a high error rate which would affect all messages, files and data in a particular platform. [13] In addition, the European Parliament's study concluded that the proposal would undermine end-to-end encryption and the security of digital communications. Lastly, the study highlighted that the proposed regulation would make teenagers "feel uncomfortable when consensually shared images could be classified as CSAM". [13]

The Council of the European Union's Legal Service also criticised the impact of the Commission's proposal on the right to privacy. The Council's legal opinion emphasized that the screening of interpersonal communications of all citizens affects the fundamental right to respect for private life as well as the right to the protection of personal data. [14] The legal experts of the Council also referenced the jurisprudence of the EU Court of Justice, which has ruled out against generalised data retention. [15]

The European Data Protection Supervisor (EDPS) together with the European Data Protection Board (EDPB) stated, in a joint opinion, that "the Proposal could become the basis for de facto generalized and indiscriminate scanning of the content of virtually all types of electronic communications", which could have chilling effects on sharing legal content. [16]

In March 2023, introduced a revised version of the proposal, which Germany's Digital Affairs Committee noted drew strong opposition from several groups. The new scheme, referred to as "Chat Control 2.0", proposed to implement scanning on encrypted communications. [17] In April 2023, the European Parliament confirmed that they had received messages calling to vote against the European Commission's chat control proposal. [18] Citizens expressed their concerns that the new legislation would breach data protection and privacy rights.

EU Commissioner Ylva Johansson has also been heavily criticised regarding the process in which the proposal was drafted and promoted. A transnational investigation by European media outlets revealed the close involvement of foreign technology and law enforcement lobbyists in the preparation of the proposal. [19] This was also highlighted by digital rights organisations, which Johansson rejected to meet on three occasions. [20] Commissioner Johansson was also criticised for the use of micro-targeting techniques to promote its controversial draft proposal, which violated the EU's data protection and privacy rules. [21]

Legislative process

On November 14 2023, the European Parliament's Committee on Civil Liberties, Justice, and Home Affairs (LIBE), voted to remove indiscriminate chat control and allow for the targeted surveillance of specific individual and groups which are reasonably suspicious. Moreover, Members of the European Parliament voted in favour of the protection of encrypted communications. [22]

In February 2024, the European Court of Human Rights ruled, in an unrelated case, that requiring degraded end-to-end encryption "cannot be regarded as necessary in a democratic society". This underlined the European Parliament's decision to protect encrypted communications. [23]

In May 2024, Patrick Breyer reported that moves were again being made to restore indiscriminate message scanning to the legislation, under the name of "upload moderation". [24]

On 21 June, it was reported that voting on the legislation had been temporarily withdrawn by the EU Council, in a move that is believed to be the result of pushback by critics of the proposal including software vendors. [25] [26]

Related Research Articles

<span class="mw-page-title-main">Ylva Johansson</span> Swedish politician (born 1964)

Ylva Julia Margareta Johansson is a Swedish politician who has been serving as European Commissioner for Home Affairs and Swedens European Commissioner in the von der Leyen Commission since 1 December 2019.

Information privacy, data privacy or data protection laws provide a legal framework on how to obtain, use and store data of natural persons. The various laws around the world describe the rights of natural persons to control who is using its data. This includes usually the right to get details on which data is stored, for what purpose and to request the deletion in case the purpose is not given anymore.

<span class="mw-page-title-main">European Centre for Disease Prevention and Control</span> Agency of the European Union

The European Centre for Disease Prevention and Control (ECDC) is an agency of the European Union (EU) whose mission is to strengthen Europe's defences against infectious diseases. It covers a wide spectrum of activities, such as: surveillance, epidemic intelligence, response, scientific advice, microbiology, preparedness, public health training, international relations, health communication, and the scientific journal Eurosurveillance. The centre was established in 2004 and is headquartered in Solna, Sweden.

<span class="mw-page-title-main">European Digital Rights</span> Advocacy group

European Digital Rights is an international advocacy group headquartered in Brussels, Belgium. EDRi is a network collective of non-profit organizations (NGO), experts, advocates and academics working to defend and advance digital rights across the continent. As of October 2022, EDRi is made of more than 40 NGOs, as well as experts, advocates and academics from all across Europe.

The Four Horsemen of the Infocalypse refers to those who use the Internet to facilitate crime or (pejoratively) to rhetorical approaches evoking such criminals.

<span class="mw-page-title-main">Axel Voss</span> German lawyer and politician

Axel Voss is a German lawyer and politician of the Christian Democratic Union of Germany who has been serving as a Member of the European Parliament since 2009 and became coordinator of the European People's Party group in the Committee on Legal Affairs in 2017. His parliamentary work focuses on digital and legal topics.

<span class="mw-page-title-main">General Data Protection Regulation</span> EU regulation on the processing of personal data

The General Data Protection Regulation is a European Union regulation on information privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. It also governs the transfer of personal data outside the EU and EEA. The GDPR's goals are to enhance individuals' control and rights over their personal information and to simplify the regulations for international business. It supersedes the Data Protection Directive 95/46/EC and, among other things, simplifies the terminology.

PhotoDNA is a proprietary image-identification and content filtering technology widely used by online service providers.

<span class="mw-page-title-main">2015 Danish European Union opt-out referendum</span>

A referendum on one of the country's opt-outs from the European Union was held in Denmark on 3 December 2015. Specifically, the referendum was on whether to convert Denmark's current full opt-out on home and justice matters into an opt-out with case-by-case opt-in similar to those held by Ireland and the United Kingdom. Approval of the referendum was needed for Denmark to remain in Europol under the new rules. However, it was rejected by 53% of voters.

The ePrivacy Regulation (ePR) is a proposal for the regulation of various privacy-related topics, mostly in relation to electronic communications within the European Union. Its full name is "Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC ." It would repeal the Privacy and Electronic Communications Directive 2002 and would be lex specialis to the General Data Protection Regulation. It would particularise and complement the latter in respect of privacy-related topics. Key fields of the proposed regulation are the confidentiality of communications, privacy controls through electronic consent and browsers, and cookies.

<span class="mw-page-title-main">Damian Boeselager</span> German business consultant, journalist and politician

Damian Hieronymus Johannes Freiherr von Boeselager is a German business consultant, journalist and politician of Volt Europa. He is member of European Parliament in The Greens/EFA Group since being elected in 2019.

Regulation of artificial intelligence is the development of public sector policies and laws for promoting and regulating artificial intelligence (AI). It is part of the broader regulation of algorithms. The regulatory and policy landscape for AI is an emerging issue in jurisdictions worldwide, including for international organizations without direct enforcement power like the IEEE or the OECD.

<span class="mw-page-title-main">Digital Services Act</span> European Union regulation on digital services content

The Digital Services Act Regulation 2022 (EU) 2022/2065 ("DSA") is a regulation in EU law to update the Electronic Commerce Directive 2000 regarding illegal content, transparent advertising, and disinformation. It was submitted along with the Digital Markets Act (DMA) by the European Commission to the European Parliament and the Council on 15 December 2020. The DSA was prepared by the Executive Vice President of the European Commission for A Europe Fit for the Digital Age Margrethe Vestager and by the European Commissioner for Internal Market Thierry Breton, as members of the Von der Leyen Commission.

<span class="mw-page-title-main">Digital Markets Act</span> European Union regulation on digital platforms

Digital Markets Act Regulation 2022 (EU) 2022/1925 ("DMA"), is an EU regulation that aims to make the digital economy fairer and more contestable. The regulation entered into force on 1 November 2022 and became applicable, for the most part, on 2 May 2023.

<span class="mw-page-title-main">Data Governance Act</span>

The Data Governance Act (DGA) is a regulation by the European Union that aims to create a framework which will facilitate data-sharing. The proposal was first announced within the 2020 European strategy for data and was officially presented by Margrethe Vestager in 25 November 2020. The DGA covers the data of public bodies, private companies, and citizens. Its main aims are to safely enable the sharing of sensitive data held by public bodies, to regulate data sharing by private actors. On 30 November 2021, the EU Parliament and Council reached an agreement on the wording of the DGA. The formal approval by those bodies was competed by the 30.05.2022.

<span class="mw-page-title-main">Data Act (European Union)</span> EU regulation on promoting the exchange and use of data

The Data Act is a European Union regulation which aims to facilitate and promote the exchange and use of data within the European Economic Area.

<span class="mw-page-title-main">Artificial Intelligence Act</span> 2024 European Union regulation on artificial intelligence

The Artificial Intelligence Act is a European Union regulation concerning artificial intelligence (AI).

<span class="mw-page-title-main">European Chips Act</span> European legislative proposal

The European Chips Act (ECA), also known as simply the Chips Act, is a legislative package to encourage semiconductor production in the European Union.

The EU–US Data Privacy Framework is a European Union–United States data transfer framework that was agreed to in 2022 and declared adequate by the European Commission in 2023. Previous such regimes—the EU–US Privacy Shield (2016–2020) and the International Safe Harbor Privacy Principles (2000–2015)—were declared invalid by the European Court of Justice in part due to concerns that personal data leaving EU borders is subject to sweeping US government surveillance. The EU-US Data Privacy Framework is intended to address these concerns.

References

  1. 1 2 "Press corner". European Commission - European Commission. Archived from the original on 2021-04-27. Retrieved 2023-07-12.
  2. "EU plans new law to combat child abuse – DW – 01/09/2022". dw.com. Archived from the original on 2023-02-04. Retrieved 2023-02-04.
  3. "Letter from ECLAG to MPs" (PDF). Archived (PDF) from the original on 2024-04-11. Retrieved 2023-07-12.
  4. "Defend encryption! Open letter to the EU urging them to protect your privacy" . Retrieved 2024-06-17.
  5. 1 2 3 4 5 "EU centre to prevent and combat child sexual abuse". home-affairs.ec.europa.eu. Archived from the original on 2023-07-12. Retrieved 2023-07-12.
  6. Kabelka, Laura (2022-06-27). "Bundestag quarrels over retaining IP data to fight child abuse". www.euractiv.com. Archived from the original on 2023-02-04. Retrieved 2023-02-04.Kabelka, Laura (2022-10-11). "MEPs sceptical on EU proposal to fight online child sexual abuse". www.euractiv.com. Archived from the original on 2023-02-04. Retrieved 2023-02-04.Pollet, Mathieu (2022-05-10). "LEAK: Commission to force scanning of communications to combat child pornography". www.euractiv.com. Archived from the original on 2023-02-04. Retrieved 2023-02-04. "Report slams German opposition to new child sexual abuse rules". EUobserver. 2022-07-05. Archived from the original on 2023-02-04. Retrieved 2023-02-04. "Chat Control: The EU's CSEM scanner proposal". Patrick Breyer. Archived from the original on 2023-03-10. Retrieved 2023-03-10.
  7. "A beginner's guide to EU rules on scanning private communications: Part 2". European Digital Rights (EDRi). Archived from the original on 2023-03-10. Retrieved 2023-03-10.Vincent, James (2022-05-11). "New EU rules would require chat apps to scan private messages for child abuse". The Verge. Archived from the original on 2023-03-10. Retrieved 2023-03-10.
  8. Mullin, Joe (2022-10-19). "EU Lawmakers Must Reject This Proposal To Scan Private Chats". Electronic Frontier Foundation. Archived from the original on 2023-03-15. Retrieved 2023-03-10.
  9. "European Commission must uphold privacy, security and free expression by withdrawing new law, say civil society". European Digital Rights (EDRi). Archived from the original on 2023-04-07. Retrieved 2023-04-07.
  10. "Chat control: incompatible with fundamental rights". GFF – Gesellschaft für Freiheitsrechte e.V. Retrieved 2024-06-18.
  11. Cronin, Olga (2022-10-19). "An Garda Síochána unlawfully retains files on innocent people who it has already cleared of producing or sharing of child sex abuse material". Irish Council for Civil Liberties. Archived from the original on 2023-03-14. Retrieved 2023-04-07.
  12. "EU Parliament study slams online child abuse material proposal". www.euractiv.com. 2023-04-13. Archived from the original on 2023-06-02. Retrieved 2023-06-02.
  13. 1 2 "Proposal for a regulation laying down the rules to prevent and combat child sexual abuse: Complementary impact assessment" (PDF). European Parliamentary Research Service. April 2023. Archived (PDF) from the original on 2023-06-03. Retrieved 2023-06-02.
  14. "EU Council's legal opinion gives slap to anti-child sex abuse law". www.euractiv.com. 2023-05-09. Archived from the original on 2023-06-01. Retrieved 2023-06-02.
  15. "Opinion of the Legal Service: Proposal for a Regulation laying down rules to prevent and combat child sexual abuse" (PDF). Council of the European Union. Archived (PDF) from the original on 2023-06-01. Retrieved 2023-06-02.
  16. "EDPB-EDPS Joint Opinion 4/2022 on the Proposal for a Regulation of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse" (PDF). European Data Protection Supervisor. 2022-07-28. p. 20. Archived (PDF) from the original on 2023-09-21. Retrieved 2023-10-16.
  17. Claburn, Thomas (2023-03-03). "German Digital Affairs Committee hearing heaps scorn on Chat Control". The Register . Archived from the original on 2024-03-07. Retrieved 2024-04-10.
  18. "Citizens' enquiries on the EU's proposal to address child sexual abuse online". Epthinktank. 2023-04-04. Archived from the original on 2023-04-06. Retrieved 2023-04-07.
  19. "'Who Benefits?' Inside the EU's Fight over Scanning for Child Sex Content". Archived from the original on 2023-11-17. Retrieved 2023-11-18.
  20. "Commissioner Johansson cannot be trusted with the EU's proposed CSA Regulation". European Digital Rights (EDRi). Archived from the original on 2023-11-18. Retrieved 2023-11-18.
  21. Tar, Julia (2023-10-16). "EU Commission's microtargeting to promote law on child abuse under scrutiny". www.euractiv.com. Archived from the original on 2023-11-18. Retrieved 2023-11-18.
  22. "Detect child abusers without mass scanning". www.eppgroup.eu. Archived from the original on 2023-11-18. Retrieved 2023-11-18.
  23. Claburn, Thomas (15 February 2024). "European Court of Human Rights declares backdoored encryption is illegal". The Register. Archived from the original on 18 February 2024. Retrieved 18 February 2024.
  24. "Majority for chat control possible – Users who refuse scanning to be prevented from sharing photos and links". Patrick Breyer. 2024-05-31. Retrieved 2024-06-02.
  25. Ivanovs, Alex (2024-06-20). "EU Council has withdrawn the vote on Chat Control". Stack Diary. Retrieved 2024-06-21.
  26. "EU 'chat-control' plan goes back to drawing board". Brussels Signal. 2024-06-20. Retrieved 2024-06-21.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.