While the Polish Presidency of the EU Council failed to reach an agreement, the Danish Presidency of the EU Council has made the regulation on removal of child sexual abuse material online a priority.
And it wants to move quickly, by trying to obtain an agreement (‘general approach’) as early as the ‘Justice and Home Affairs’ Council on 13 and 14 October. On 1 July, it thus already proposed a new compromise with a view to a working party meeting on 11 July. In this text, seen by Agence Europe, the Presidency has chosen to return to the original logic of the draft regulation, i.e. mandatory detection orders for “known” and “new” content.
Faced with persistent deadlock over this file, presented in 2022 and likened by some to widespread surveillance of private communications, the Polish Presidency opted for voluntary detection orders (see EUROPE 13654/7).
The new text also stipulates that scanning of content will be limited to images and website links, excluding text and audio messages. Scanning will also apply to end-to-end encrypted services, with user consent required.
The compromise text thus specifies that the “scope of detection orders covers known and new child sexual abuse material, while grooming (solicitation of sexual services) is out of the scope, subject to its possible inclusion in the future through a review clause. Detection is limited to visual content and URLs, while text and audio content are excluded. And detection in interpersonal communication services using end-to-end encryption is enabled prior to the transmission of content requiring users’ consent”.
“Child sexual abuse material should remain detectable in all interpersonal communications services through the application of vetted technologies, when uploaded, under the condition that users give their explicit consent under the provider’s terms and conditions for a specific technology being applied to such detection in the respective service. Users not giving their consent should still be able to use that part of the service that does not involve the sending of visual content and URLs”, explains the text.
Contacted by Agence Europe, EDRi, the association for the defence of digital freedoms, believes that talking to EU governments about encryption is “banging your head against a brick wall”.
“The same tired ideas from the Commission and several previous Presidencies like Hungary and Belgium - undermining encryption and surveilling people’s chats en masse - have been resurrected by the Danish Presidency. This zombie is just as ugly and incompatible with EU law as those that came before it”, commented Ella Jakubowska, Head of Policy at European Digital Rights (EDRi).
“Technologists, lawyers and human rights experts have repeatedly warned that this sort of scanning cannot be done in a way that protects digital security and human rights. The Danish Presidency are no closer to a real solution than their predecessors”. (Original version in French by Solenn Paulic)