Demonstrating that liberty and human rights are often more of a suggestion than a rule to the overlords of the European Union, a proposal has been introduced to the European Parliament to mandate full time monitoring and reporting of all messaging communications and third party hosted data storage.
“With the stated intention of fighting against ‘child pornography’, the Commission plans to oblige all providers of e-mail, chat and messaging services to search for suspicious messages in a fully automated way and disclose them to the police. This requires them to monitor and scan the communications of all citizens. End-to-end encryption would have to be undermined by ‘client-side’ scanning on all mobile phones.”
Under the guise of protecting children from CSAM (child sexual abuse material), the proposed law could be in violation of European privacy regulations, and a lawsuit from a Member of the European Parliament, Dr. Patrick Breyer (Pirate Party), who goes on to say:
“Apart from ineffective web blocking, the proposed chat control threatens to destroy digital privacy of correspondence and secure encryption. Scanning personal cloud storage would result in the mass surveillance of private photos. Mandatory age verification would end anonymous communication. Appstore censorship would be the end of secure messenger apps and patronise young people. The proposal does not include the overdue obligation on law enforcement agencies to report and remove known abusive material on the net, nor does it provide for Europe-wide standards for effective prevention measures, victim support and counselling and effective criminal investigations. Von der Leyen continues to chart the territory of censorship, mass surveillance, anonymity bans and paternalism, while leaving the activities of child porn rings completely untouched. The proposed measures deprive the entire population of trust, self-determination and security on the net. This plan is nothing other than terrorism against our digital fundamental rights, which I will not relent to fight.
“This Big Brother attack on our mobile phones, private messages and photos with the help of error-prone algorithms is a giant step towards a Chinese-style surveillance state. Chat control is like the post office opening and scanning all letters – ineffective and illegal. Even the most intimate nude photos and sex chats can suddenly end up with company personnel or the police. Those who destroy the digital secrecy of letters destroy trust. We all depend on the security and confidentiality of private communication: People in need, victims of abuse, children, the economy and also state authorities”
Some of the consequences of the law include:
- Texts, images, videos and speech could be scanned
- Providers will of end-to-end encrypted communications services have to scan messages on every smartphone (client-side scanning) and, in case of a hit, report the message to the police
- Even personal storage that is not being shared, such as Apple’s iCloud, will be subject to chat control
- Since presumably every service is also used for illegal purposes, all services will be obliged to deploy chat control
- There is no discretion in when and in what extent chat control is ordered
- According to the Swiss Federal Police, 87% of the reports they receive (usually based on the method of hashing) are criminally irrelevant
- Machine searching for unknown abuse representations is an experimental procedure using machine learning (“artificial intelligence”). The algorithms are not accessible to the public and the scientific community, nor does the draft contain any disclosure requirement. The error rate is unknown and is not limited by the draft regulation. Presumably, these technologies result in massive amounts of false reports. The draft legislation allows providers to pass on automated hit reports to the police without humans checking them.
- Machine searching for potential child grooming is an experimental procedure using machine learning (“artificial intelligence”). The algorithms are not available to the public and the scientific community, nor does the draft contain a disclosure requirement. The error rate is unknown and is not limited by the draft regulation, presumably these technologies result in massive amounts of false reports.
- In practice, age verification involves full user identification, meaning that anonymous communication via email, messenger, etc. will effectively be banned. Whistleblowers, human rights defenders and marginalised groups rely on the protection of anonymity.
- All communication services such as messenger apps, dating apps or games can be misused for child grooming and would be blocked for children/young people to use.
- Network blocking is technically ineffective and easy to circumvent, and it results in the construction of a technical censorship infrastructure
Could the consequences be far worse? It has been in the past, and only a terminal optimist would bet it all that it won’t.
The full proposal can be read below: