The EU Commission is collecting outstanding cases with which it can promote the interception of messengers. Great Britain is going even further.
In six weeks, the European Commission plans to present its proposal for “legislation to effectively combat child sexual abuse”. According to the meeting calendar, this could take place on 2 March as things stand.
Presumably, the package also includes the long-awaited proposal for a regulation to identify, remove and report “illegal online content” to combat child sexual abuse. Providers of messenger services or chat programmes would be obliged to automatically search their customers’ communication for relevant material and make it accessible to law enforcement.
Originally, the planned regulation was already announced for spring of last year. The reason for the delay is probably the explosive nature of the law. It also affects encrypted content, including services such as Signal, Threema or Whatsapp. MEP Patrick Breyer has coined the catchword chat control for this forced screening. As with data retention, this is a mass surveillance of all citizens without any reason.
All states should report five outstanding cases
A document on Joint Police Actions under the EMPACT instrument, published by the British civil liberties organisation Statewatch, also indicates the package solution for the chat control regulation. According to it, police investigators for the “upcoming legislative instrument on preventing and combatting child sexual abuse” are to point out problems that “need to be resolved” regarding the detection of prohibited content. Another focus is on the subsequent reporting to internet service providers.
According to the paper, all EU member states, but also the Schengen states Iceland and Norway as well as Ukraine, are to submit information on five outstanding cases to the Commission. The paper is looking for success stories where investigations have led to the rescue of victims or the arrest of perpetrators.
British campaign with shock effect
The examples collected by the Commission will be used for “policy development” of the planned legal instrument. Typically, such practical reports are cited in EU documents as evidence of the need to allow law enforcement the desired capabilities.
Despite Brexit, the UK is also participating in the joint action. The government in London is already contributing to the desired “policy development” and has commissioned an agency to implement a campaign against end-to-end encryption. The campaign is to focus on the horror of child sexual abuse. According to Rolling Stone magazine, installations are planned in which an adult and a child sit in a glass box that becomes progressively darker.
More use of Europol
The planned EU package to combat sexual abuse of children includes, apart from the surveillance of encrypted content, further measures for cooperation with internet service providers. Undercover investigations on the internet and in the so-called Darknet as well as easier tracking of financial flows are being discussed. Police authorities could also be allowed to offer computer-generated photos of children on the internet in cross-border investigations.
The police agency Europol is also to follow the phenomenon more closely and is setting up a task force to identify victims for this purpose. For this purpose, the Europol collects masses of seized photos, videos and other evidence and evaluates them with increasingly automated procedures. Finally, the judicial authorities of the EU member states are to become more involved in combating the sexual abuse of children.
Backing by the Council
According to the EU Treaties, only the Commission is allowed to draft legislative proposals. Often, however, these are made in close cooperation with or even at the request of the Council, in which the member states are organised.
The now expected proposal for access to encrypted communication also goes back to such a Council initiative. Under the German Presidency, the Member States had adopted a Resolution on encryption in December 2020. At the same time, Council Conclusions on internal security followed, calling for technical and operational solutions anchored in a legal framework for law enforcement. The Commission, among others, was tasked with implementing the demands.
Two years ago, the EU Commission had already developed a concept paper with experts from Microsoft, Google, various police authorities, the intelligence agency GCHQ and several victims’ associations on how end-to-end encryption of messengers could be leveraged to analyse the content sent. For example, the messages should be scanned for child pornographic material on the smartphones or computers.
In the summer, Apple announced the introduction of a similar procedure, in which the detection of prohibited child pornographic content in the iCloud should already take place on an iPhone. Once a certain number of files are found, Apple is supposed to check the files and, if necessary, pass them on to victims’ associations or law enforcement agencies.
After heavy criticism from press associations and human rights organisations to Apple employees, the company initially withdrew the project.
Expansion to terrorism and homeland security
It stands to reason that the introduction of chat control in the area of child sexual abuse is only the beginning and that the legislation will be expanded afterwards. For six years, the Council and the Commission have been pushing for law enforcement access to encrypted content in the area of “terrorism”.
In November, EU interior ministers met in Brdo under the Slovenian presidency for a conference on the prevention and investigation of child sexual abuse. A statement by the governments involved – including the US – said that future decryption capabilities should be used to “ensure public safety”.
This text was published in German at Golem.