On Monday 12 May, the Polish Presidency of the Council of the EU sent Member States a new compromise proposal on the regulation on the removal of child sexual abuse material from the Internet, with the aim of making progress on an issue that has been stalled since 2022.
The new text, which will be discussed by the working party on 21 May, does not change the philosophy followed to date, which is to once make the detection of such child sexual abuse material voluntary once again (see EUROPE 13617/12).
The main aim of this new compromise is to clarify certain existing obligations.
The latest text specifies the definition of ‘audio communication’, “updated following the request of delegations”, explains the Presidency. An ‘audio communication’ therefore means “voice communication by an electronic communications network that allows users of interpersonal communications services to interact with each other”.
It also specifies that providers must include in their report to the Coordinating Authority of establishment an assessment including the effectiveness of the mitigation measures taken by them rather than their results.
On the basis of providers’ reports on mitigation measures, the Coordinating Authority of establishment, possibly assisted by the EU Centre, should assess “the remaining risk” rather than the “level of remaining risk”.
Detection has also been reintroduced as an activity covered by Article 19 on the liability of providers, says the Presidency.
The new wording stipulates that “Providers of relevant information society services shall not be liable for child sexual abuse offences if and insofar as solely because they carry out, in good faith, the necessary activities to comply with the requirements of this Regulation, in particular activities aimed at assessing and mitigating risk, preventing, detecting, identifying, reporting, removing, disabling of access to, blocking or delisting from search results reporting online child sexual abuse”.
New additions have also been made to the responsibilities of the national authorities coordinating the future regulation, where services fail to take sufficient action against content.
This may involve re-conducting or “updating the risk assessment [...] including where appropriate by modifying the methodology used to conduct the risk assessment [...]; reinforcing the provider’s internal processes or the internal supervision of the functioning of the service; initiating or adjusting cooperation, in accordance with competition law, with other providers of hosting services or providers of interpersonal communications services, public authorities, civil society organisations or, where applicable, entities awarded the status of trusted flaggers [...]; initiating or adjusting functionalities that enables to notify online child sexual abuse to the provider through tools that are easily accessible and age-appropriate”.
The measures taken by the competent authorities in the exercise of their investigatory and enforcement powers “shall not lead to an obligation for the providers to detect child sexual abuse on their services; such detection shall remain strictly voluntary”, the compromise again points out.
Link to text: https://aeur.eu/f/gt1 (Original version in French by Solenn Paulic with Anne Damiani)