EU: Council discussing online content removal orders without judicial review


The proposed Regulation laying down rules to prevent and combat child sexual abuse (CSA Regulation) is most controversial for its provisions that will undermine encryption, fundamentally altering how the internet works, and thus making it less safe for all users. Calls for it to be withdrawn have been ignored by legislators. The latest Council Presidency compromise text would make it simpler for authorities to have online content removed or blocked, and limits rights to redress.

Support our work: become a Friend of Statewatch from as little as £1/€1 per month.

Image: screenpunk, CC BY-NC 2.0

Breaking the internet

After the proposed CSA Regulation was published in June 2022, Statewatch joined 72 other organisations in calling for the law to be withdrawn, in an open letter that argued:

"It is not possible to have private and secure communications whilst building in direct access for governments and companies. This will also open the door for all types of malicious actors. It is not possible to have a safe internet infrastructure which promotes free expression and autonomy if internet users can be subjected to generalised scanning and filtering, and denied anonymity.

The proposed CSA Regulation has made a political decision to consider scanning and surveillance technologies safe despite widespread expert opinion to the contrary. If passed, this law will turn the internet into a space that is dangerous for everyone’s privacy, security and free expression. This includes the very children that this legislation aims to protect."

Blocking and removal orders

Other measures included in the proposal cover blocking and removal orders that would allow the authorities to have child sexual abuse material removed from the internet, or made inaccessible by blocking.

While the original proposal included a requirement that those orders only be issued by "the Coordinating Authority or the courts or other independent administrative entities," the Swedish Council Presidency's latest text (pdf) makes it a job for the "competent authority" alone.

A footnote from the Presidency says:

"...we understand that 'competent authority' in the meaning of Article 14 is the same as 'competent authority' in the meaning of Article 25. As Member States are free to designate judicial authorities and administrative authorities as their 'competent authorities' under Article 25, nothing prevents Member States from designating judicial authorities as 'competent authorities'."

Yet there is no requirement for them to do so (Article 25 of the proposal is silent on the matter) and therefore no guarantee that they will do so.

The Presidency has also introduced changes to the redress and information provision requirements relating to blocking orders.

Whereas the party responsible for content that is removed must be informed that removal has taken place and of the reasons why, the Presidency has removed similar provisions regarding blocked content.

Under the current compromise text, those responsible for blocked content would not be informed of the reasons the content has been blocked, and would not have the right to request that the authorities "assess whether users are wrongly prevented from accessing a specific item of material indicated by uniform resource locators pursuant to the blocking order." They will, however, still be informed of their right to judicial redress.


Our work is only possible with your support.
Become a Friend of Statewatch from as little as £1/€1 per month.


Spotted an error? If you've spotted a problem with this page, just click once to let us know.

Report error