EU: Anti-encryption Regulation: Presidency compromise proposals for Chapter I and Chapter III

Topic
Country/Region
EU

Negotiations are proceedings on the EU's proposed Regulation laying down rules to prevent and combat child sexual abuse, which will oblige communications service providers to undermine encryption and use unproven automated detection technologies in the hope of detecting online child abuse imagery. In mid-October, the Czech Presidency of the Council circulated compromise proposals on Chapter III, dealing with supervision, enforcement and cooperation. Two weeks later, proposals on Chapter I (general provisions) followed. They are published here.


Image: Derek Bruff, CC BY-NC 2.0


Chapter III

See: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL laying down rules to prevent and combat child sexual abuse - Presidency compromise texts (Council doc. 13514/22, LIMITE, 12 October 2022, pdf):

"Delegations will find in the Annex Presidency compromise texts on the above proposal. Changes to document 9068/22 are marked in bold underline and strikethrough underline.

Compromise texts in Articles 25 to 39 are based on the discussions during the LEWP meeting of 22 September 2022 and delegations’ written comments."

And the corrigendum (pdf): "The numbering of articles in document ST 13514/22 should be from Article 25 to Article 39, instead of Article 1 to Article 15.2

Chapter I

See: Presidency compromise texts (Council doc. 14008/22, LIMITE, 26 October 2022, pdf):

"Delegations will find in the Annex Presidency compromise texts on the above proposal. Changes to document 9068/22 are marked in bold and strikethrough. Changes to document 12354/22 are marked in bold underline and strikethrough underline.

Compromise texts in Articles 1 and 2 are based on the discussions during the LEWP meeting of 22 September 2022 and delegations’ written comments."

Undermining encryption, threatening privacy

The Commission's original proposal is available here.

When the proposal was published, Statewatch joined dozens of other organisations calling for it to be withdrawn due to the threat it poses to secure digital communications, which are - amongst other things - vital for protecting freedom of expression and the activities of journalists, whistleblowers, lawyers, medical professionals and others.

The statement noted:

"The proposed CSA Regulation has made a political decision to consider scanning and surveillance technologies safe despite widespread expert opinion to the contrary. If passed, this law will turn the internet into a space that is dangerous for everyone’s privacy, security and free expression. This includes the very children that this legislation aims to protect."

In July, the European Data Protection Supervisor and European Data Protection Board issued a joint opinion (pdf) condemning numerous aspects of the proposal as unecessary and disproportionate.

Further Reading
08 June 2022

European Commission must withdraw new law to uphold online privacy, security and free expression

Statewatch has joined 72 other civil society organisations and professional bodies to demand in an open letter that the European Commission withdraw the proposed Child Sexual Abuse (CSA) Regulation, and replace it with an approach that upholds fundamental rights. The proposal would fundamentally undermine how the internet works, making it less safe for everyone.

19 January 2022

EU: Police to support anti-encryption policy development

A police "operational action plan" on preventing child sexual abuse includes a requirement for almost 30 states and EU agencies to gather five case studies, each intended to contribute to EU "policy development" on preventing and combating sexual abuse. While few would disagree with the ends, it is likely that one of the proposed means will be to undermine encryption, threatening the privacy and safety of all users of digital communications technologies.

04 November 2021

Policing the internet: interior ministers to seek "solutions regarding data retention, encryption, e-evidence and the darknet"

A high-level conference organised by the Slovenian Presidency of the Council of the EU will commit participating states to finding "appropriate solutions regarding data retention, encryption, e-evidence and the darknet," in the name of combating child sexual abuse.

 

Spotted an error? If you've spotted a problem with this page, just click once to let us know.

Report error