Temporary rules to detect child sexual abuse online

In the context of a worrying increase in the volume of child abuse material on the internet exacerbated by the pandemic, the House backed with 537 votes in favour, 133 against and 24 abstentions a piece of legislation to protect children more effectively from sexual abuse and exploitation when using webmail, chat and messaging services.

The agreement reached in April foresees the temporary derogation from Articles 5(1) and 6(1) of Directive 2002/58/EC, which protects the confidentiality of communications and traffic data. This legislation will apply for a maximum of three years, or fewer if new permanent rules on tackling child sexual abuse online are agreed in the meantime.

Voluntary detection by service providers

Service providers should use the least privacy-intrusive technologies possible.

Child sexual abuse material

Online material linked to child sexual abuse is detected using specific technologies that scan content, such as images and text, or traffic data. While hashing technology helps with images and videos, classifiers and artificial intelligence are used to analyse text or traffic data to detect cyber grooming.

The new rules will not apply to the scanning of audio communication.

Strengthened privacy protection

MEPs insisted on establishing appropriate procedures and redress mechanisms to ensure that individuals can lodge complaints if they consider that their rights have been infringed. National data protection authorities will have better oversight of the technologies used by the service providers through prior impact assessment and consultation procedures.

Quote

The Rapporteur Birgit SIPPEL (S&D, DE) said after the vote:

“Child sexual abuse is a horrible crime that violates human rights. We have to prevent it more effectively, prosecute more offenders and offer better support to survivors. The agreement is a compromise between detecting child sexual abuse online and protecting users’ privacy. It might not be perfect, but it is a workable, temporary solution for the next three years. We now urgently need the Commission to propose a long-term solution that draws inspiration from the data protection safeguards found in the temporary rules, and which, in addition, makes scanning of private communications more targeted.”

Next steps

The regulation still has to be formally adopted by the Council and will then be published in the Official Journal. It will enter into force on the third day following its publication.

Background

This legislative change was necessary in order to allow web service providers to continue applying voluntary measures to combat and prevent the spread of child sexual abuse content on the internet, following the full application of the EU Electronics Communications Code in December 2020.

The Commission intends to propose a more permanent solution to address this problem in the course of 2021.