The Association of the Internet Industry criticises the current proposal for the CSAM Regulation, which is to be voted on this week in the Council. The proposal by the Belgian EU Council Presidency envisages that communication services such as WhatsApp, Signal or Facebook can be obliged to standardly search users’ personal images and videos upon request – even if the communication is protected with end-to-end encryption. This is to be done by means of so-called “upload moderation”, which is to take effect before messages are sent. This approach is contrary to EU law and jeopardises the integrity of encryption mechanisms.
eco – Association of the Internet Industry warns of the consequences of this Belgian quick fix and in particular the “upload moderation”, where users are allegedly supposed to voluntarily consent to chat controls to share images and videos. Without such consent, users would no longer be allowed to share images, videos and URLs via the service and would lose important communication functions. This, however, contradicts the principle of voluntary consent under EU law.
Alexandra Koch-Skiba, Head of the eco Complaints Office, emphasises: “The protection of children and young people from sexual abuse is an important goal that eco has been strongly committed to for over 25 years via its Complaints Office activities. Nevertheless, or precisely for this reason, we critically assess the EU Commission’s draft regulation, because the provisions it currently contains lead to general surveillance and counteract important end-to-end security technologies. The required consent for client-side scanning constitutes forced consent that is incompatible with EU law. At the same time, the added value for effectively combatting illegal Internet content is highly questionable.”
In eco’s view, the claim in the proposal that client-side scanning does not jeopardise end-to-end encryption is misleading. Technically, it is impossible to scan every uploaded image without jeopardising encryption. “And in fact, the proposal means nothing more than someone reading our letters before we could even put them in the envelope. The regulation would thus seriously curtail civil liberties and eventually fail before the ECJ,” says Koch-Skiba.
Together with other stakeholders, eco recently signed two letters to the EU Member States to draw attention to the risks of this proposal and to protect the integrity of end-to-end encryption.
Joint Statement on the dangers of the compromise proposal on EU CSAM
Joint Industry Call for Protecting Encryption in the Child Sexual Abuse Regulation