Divergence and Uncertainty in Responses to EU Regulation on Child Sexual Abuse

Tim Bernard recently completed an MBA at Cornell Tech, focusing on tech policy and trust & safety issues. He previously led the content moderation team at Seeking Alpha, and worked in various capacities in the education sector. Flags fly over the the Palais de l’Europe. the Council of Europe’s principal building. Source WIRED recently published a leaked document containing feedback solicited by the European Council from EU member states regarding proposed Child Sexual Abuse regulation. At the heart of several of the questions asked of the national governments was how willing they would be to compromise on privacy in service of the goal of combatting child sexual abuse (CSA). At present, the draft regulation would include messaging platforms like WhatsApp and iMessages. A regulator would have the power to run their own detection protocols and/or impose technological solutions if self-assessments and mitigation strategies submitted by platforms were deemed inadequate. The privacy and security afforded by applications utilizing end-to-end encryption (E2EE) may be at risk in the regulation as originally drafted if the regulators choose to prescribe a detection order that interferes with it.  Some of the technologies required by detection orders may also constitute general monitoring obligations, including scanning all uploaded content for known or suspected child sexual abuse material (CSAM), and even more controversially, for solicitation of children (grooming). This would be a significant break with current EU law, which prohibits the imposition of general monitoring obligations in Article 8 of the recently enacted Digital Services Act and in…Divergence and Uncertainty in Responses to EU Regulation on Child Sexual Abuse