On 13 June in Luxembourg, the Polish Presidency of the Council of the EU will invite the Member States’ interior ministers to take note of a less than encouraging progress report regarding the Regulation on the removal of online child sexual abuse material (CSAM), presented by the Commission in May 2022.
In this public report, the Presidency explains that it has “become unlikely that an interinstitutional agreement on the proposal for a Regulation” can “be reached in time for it to enter into force before the expiry of the extended Regulation (EU) 2021/1232” on the derogation from the confidentiality directive.
This derogation, extended until April 2026 (see EUROPE 13351/14), allows service providers and content hosts to voluntarily detect CSAM content.
“To avoid a legal gap, the Presidency invites the Commission to consider proposing a further extension of the period of application of Regulation (EU) 2021/1232”, recommends the Polish Presidency.
“Despite all the efforts of the Presidency to gather support for a compromise proposal, more work is needed to reach an agreement for a mandate for negotiations with the European Parliament”.
While this regulation was initially perceived by some delegations as a potential tool for generalised surveillance of private communications, the Presidency concentrated its efforts “on developing an innovative solution for a compromise that would provide efficient tools to limit the spread of child sexual abuse online while ensuring full compliance with fundamental rights and addressing concerns related to the protection of cyber resilience and cyber security”, summarises the report.
It had in fact suggested continuing targeted voluntary detection by providers in accordance with the scope of Regulation 1232/2021 instead of establishing the possibility of detection orders and protecting cyber security including encryption, while keeping services using end-to-end encryption within the scope of the Regulation.
It also abolished the categorisation of risks and made it “a priority” to support micro, small and medium-sized enterprises in identifying and assessing the technical aspects of specific risk mitigation measures.
However, no majority was reached. In the run-up to the EU ‘Justice and Home Affairs’ Council on Wednesday 4 June, a group of countries had already asked the Commission to extend the current system, according to one source.
Link to the report: https://aeur.eu/f/h6i (Original version in French by Solenn Paulic)