Source: EURO

Disclaimer: Copyright infringement not intended.

Context: A vote by European Union (EU) countries on considering proposed legislation to tackle online child sexual abuse material (CSAM) has now been delayed after the move came under heavy criticism from tech companies and digital rights groups alike.

Details

Proposed legislation

• Dubbed as the ‘Chat Control law’, the latest version of the draft legislation requires online interpersonal communication services to implement “upload moderation”.
• In order to implement this Regulation, providers of interpersonal communications services shall install and operate technologies to detect, prior to transmission, the dissemination of known child sexual abuse material or of new child sexual abuse material.
• According to the draft, messaging apps are required to scan “images and the visual components of videos and URLs” while the detection of audio communication and text is excluded.
• it requires such apps to obtain the explicit consent of users before scanning their private communications as part of the terms and conditions of use.
• Users not giving their consent should still be able to use that part of the service that does not involve the sending of visual content and URLs.
• The accounts that are used by the State for national security purposes, maintaining law and order, or military purposes will not be subjected to scanning.

Concerns Against the EU's Chat Control Law

• Privacy and Security Risks:
  • End-to-End Encryption: Breaking encryption to scan messages introduces backdoors vulnerable to third-party exploitation.
  • Historical Precedents: Apple’s NeuralHash initiative, which faced backlash and was abandoned, highlighted risks of privacy loss and potential misuse by authoritarian regimes.
• Technical and Ethical Feasibility:
  • Unintended Consequences: Erik Neuenschwander from Apple warned that scanning specific content could lead to bulk surveillance, threatening user privacy on a larger scale.
  • Technical Challenges: The UK’s Online Safety Bill faced similar pushback from WhatsApp and Signal, which threatened to exit the UK if required to bypass encryption.
• Lack of Genuine User Consent:
  • Mandatory Scanning: Despite proposed user consent, reports indicate users refusing scans would be blocked from sending or receiving media, essentially eliminating choice.
• Industry Pushback:
  • Tech Firm Opposition: Companies like Mozilla, Proton, Surfshark, and Tuta have joined Signal in opposing the law, deeming the measures inadequate.
  • Sectoral Impact: Messaging app owners and trade associations argue the regulation undermines the integrity of encrypted communication platforms.
• Potential for Government Misuse:
  • Authoritarian Exploitation: There is concern that such surveillance capabilities could be misused by authoritarian governments to target dissenters.
  • Global Implications: Surveillance concerns extend beyond the EU, impacting democracies and autocracies worldwide.
• Temporary Derogation Controversy:
  • E-Privacy Directive: The European Commission's temporary allowance for specific providers to scan messages for CSAM is set to expire, with debates on extending it.
• Child Safety vs. Privacy Debate:
  • Rights Advocacy: Child rights organizations criticize EU leaders for insufficient action against online child abuse, while privacy advocates warn against overreach.

Current Status of the Law

• Legislative Review: A new draft to be reviewed on June 30, focusing on scanning shared photos, videos, and URLs rather than text messages and audio.
• Consent Mechanisms: Proposed adjustments to require user consent for scanning before encryption, criticized as inadequate by privacy experts.
• Industry Reactions: Continued strong opposition from tech companies and privacy advocates, labeling the concessions as "cosmetic."
• Future Uncertainty: Ongoing debates and amendments reflect the contentious nature of the law, with significant resistance from both member states and the tech industry.

Sources:

TheHindu, IndianExpress

Download PDF