08 June 2022
Statewatch has joined 72 other civil society organisations and professional bodies to demand in an open letter that the European Commission withdraw the proposed Child Sexual Abuse (CSA) Regulation, and replace it with an approach that upholds fundamental rights. The proposal would fundamentally undermine how the internet works, making it less safe for everyone.
Support our work: become a Friend of Statewatch from as little as £1/€1 per month.
The European Commission’s proposed CSA Regulation is likely to do far more harm than good, warns the letter, which was coordinated by European Digital Rights and remains open for signature. The proposed rules will apply to private message services (like WhatsApp and Signal), web-based emails, social media platforms, app stores, image hosting providers and more. Under the proposal, all of these services will be liable for obligations to scan, filter and/or block content – including encrypted messages.
In the important fight against child sexual abuse and exploitation, we support measures that are targeted, effective and proportionate. Many of us have previously spoken out about how to ensure that measures to keep children safe online are done according to existing human rights, the rule of law, and due process frameworks. In our work, we have direct experience of how such rules and principles are essential to uphold democracy, access to justice and the presumption of innocence.
Unfortunately, we do not believe that such measures are to be found in the proposed legislation. In fact, the proposal relies on technologies that are not able to do what the Regulation claims, and instead will attack encrypted communications, open internet spaces and online anonymity. That’s why we want the Commission to do better to tackle this critically-important issue in a way that respects privacy, security and free expression.
The signatories of this letter are made up of a broad range of groups working across human rights - including the digital rights of adults and young people; the protection of journalists and media freedom; lawyers; whistle-blowers; gender justice; democracy and peace; workers; and more.
We share a commitment to protecting online privacy, security and freedom of expression for everyone (including children) globally. These rights allow us to do our jobs, raise our voices and hold power to account without arbitrary intrusion, persecution or repression. These rights are also important for providing confidential support to survivors, for developing our autonomy and sense of self, and for accessing and enjoying almost all our other human and civil rights.
The open letter is currently available in English, German and Romanian, and remains open for additional signatories.
Full-text of the letter
Dear European Commissioners,
When you fundamentally undermine how the internet works, you make it less safe for everyone.
We write to you as 73 civil society and professional (trade union) organisations working across human rights, media freedom, technology and democracy in the digital age. Collectively, we call on you to withdraw the ‘Regulation laying down rules to prevent and combat child sexual abuse’ (CSA Regulation) and to pursue an alternative which is compatible with EU fundamental rights.
It is not possible to have private and secure communications whilst building in direct access for governments and companies. This will also open the door for all types of malicious actors. It is not possible to have a safe internet infrastructure which promotes free expression and autonomy if internet users can be subjected to generalised scanning and filtering, and denied anonymity.
The proposed CSA Regulation has made a political decision to consider scanning and surveillance technologies safe despite widespread expert opinion to the contrary. If passed, this law will turn the internet into a space that is dangerous for everyone’s privacy, security and free expression.1 This includes the very children that this legislation aims to protect.
These rules will make social media companies liable for the private messages shared by their users. It will force providers to use risky and inaccurate tools in order to be in control of what all of us are typing and sharing at all times. The Impact Assessment accompanying the proposal encourages companies to deploy Client-Side Scanning to surveil their users despite recognising that service providers will be reluctant to do so over security concerns. This would constitute an unprecedented attack on our rights to private communications and the presumption of innocence.
It is not just adults that rely on privacy and security. As the United Nations and UNICEF state, online privacy is vital for young people’s development and self-expression, and they should not be subjected to generalised surveillance. The UK Royal College of Psychiatrists highlights that snooping is harmful for children, and that policies based in empowerment and education are more effective.
The CSA Regulation will cause severe harm in a wide variety of ways :
In recent years, the EU has fought to be a beacon of the human rights to privacy and data protection, setting a global standard. But with the proposed CSA Regulation, the European Commission has signalled a U-turn towards authoritarianism, control, and the destruction of online freedom. This will set a dangerous precedent for mass surveillance around the world.
In order to protect free expression, privacy and security online, we the undersigned 73 organisations call on you as the College of Commissioners to withdraw this Regulation.
We call instead for tailored, effective, rights-compliant and technically feasible alternatives to tackle the grave issue of child abuse. Any such approaches must respect the EU Digital Decade commitment to a “safe and secure” digital environment for everyone – and that includes children.
1. Access Now – International
2. Alternatif Bilisim (AiA-Alternative Informatics Association) – International
3. APADOR-CH – Romania
4. ApTI Romania – Romania
5. ARTICLE 19 – International
6. Aspiration – United States
7. Attac Austria – Austria
8. Aufstehn.at – Austria
9. Austrian Chamber of Labour – Austria
10. Big Brother Watch – United Kingdom
11. Bits of Freedom – Netherlands
12. Center for Civil and Human Rights (Poradňa) – Slovakia
13. Centre for Democracy & Technology – Europe
14. Chaos Computer Club – Germany
15. Centrum Cyfrowe – Europe
16. Citizen D / Državljan D – Slovenia
17. Civil Liberties Union for Europe – EU
18. Committee to Protect Journalists – EU/International
19. COMMUNIA Association for the Public Domain – Europe
20. D64 – Zentrum für Digitalen Fortschritt – Germany
21. Dataskydd.net – Sweden
22. Defend Digital Me – United Kingdom
23. Deutsche Vereinigung für Datenschutz (DVD) – Germany
24. DFRI – Sweden
25. Digitalcourage – Germany
26. Digitale Gesellschaft – Germany
27. Digitale Gesellschaft / Digital Society – Switzerland
28. Digital Rights Ireland – Ireland
29. European Digital Rights (EDRi) – Europe
30. Electronic Frontier Finland – Finland
31. Elektronisk Forpost Norge (EFN) – Norway
32. Electronic Frontier Foundation (EFF) – International
33. The Electronic Privacy Information Center (EPIC) – International
34. epicenter.works for digital rights – Austria
35. Equipo Decenio Afrodescendiente – Spain
36. Internet Society Catalan Chapter (ISOC-CAT) – Europe
37. Eticas Foundation – International
38. European Center for Not-For-Profit Law (ECNL) – Europe
39. The European Federation of Journalists (EFJ) – Europe
40. Fitug e.V. – Germany
41. The Foundation for Information Policy Research (FIPR) – UK/Europe
42. Global Forum for Media Development – International
43. Hermes Center for Transparency and Digital Human Rights – Italy
44. Homo Digitalis – Greece
45. Human Rights House Zagreb – Croatia
46. iNGO European Media Platform – Europe
47. International Press Institute (IPI) – International
48. Irish Council for Civil Liberties – Ireland
49. IT-Pol – Denmark
50. Iuridicum Remedium, z.s – Czech Republic
51. La Quadrature du Net – France
52. Ligue des droits humains – Belgium
53. Lobby4kids – Kinderlobby – Austria
54. Netherlands Helsinki Committee – The Netherlands
55. Nordic Privacy Center – Nordics
56. Norway Chapter of the Internet Society – Norway
57. Norwegian Unix User Group – Norway
58. Österreichischer Rechtsanwaltskammertag – Austria
59. Open Rights Group – United Kingdom
60. quintessenz – Verein zur Wiederherstellung der Bürgerrechte im Informationszeitalter – Austria
61. Panoptykon Foundation – Poland
62. Peace Institute – Slovenia
63. Presseclub Concordia – Austria
64. Privacy First – Netherlands
65. Privacy International – International
66. Ranking Digital Rights – International
67. Statewatch – Europe
68. Vrijschrift.org – The Netherlands
69. Whistleblower-Netzwerk – Germany
70. Wikimedia – International
71. Women’s Link Worldwide – Europe
72. Worker Info Exchange – International
73. Xnet – Spain
You can still add your organisation’s signature to the open letter by filling out this form.
1 Former UN Special Rapporteur on Freedom of Expression, David Kaye, reaffirms that: “encryption and anonymity enable individuals to exercise their rights to freedom of opinion and expression in the digital age”.
Image: Richard Parmiter, CC BY-NC-ND 2.0
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: MayDay Rooms, 88 Fleet Street, London EC4Y 1DH. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.