The EU proposes mass tracking through chat and email technology of citizens to detect and prevent child sexual abuse. The Belgian presidency is reviving the Proposal for a Regulation of the European Parliament and of the Council that was rejected at the end of last year due to criticism of the intrusion into people’s privacy. Now, after several changes to the text, it is expected to be presented to the European Commission.
The draft Regulation establishing rules to prevent and combat child sexual abuse requires companies that have messaging, chat, or email applications to use mass tracking technologies on conversations and, if they detect possible cases of child sexual abuse, to notify the relevant authorities.
The changes made to the text to avoid “undue interference with fundamental rights and ensure proportionality” reduce reporting obligations and these companies will only report data and conversations of users who have accessed potentially illegal material on two or more occasions or have attempted to solicit minors on more than one occasion.
The EU will provide guidelines on what activities are considered child sexual abuse so that technological tracking detects the dissemination of material or conversations that may be criminal. Once the technology detects these activities, human verification of conversations will be required to prevent “false positives” before referring them to the authorities. Each country must designate its competent authority, which can be an administrative, police, or judicial body.
“Providers of publicly available hosting and interpersonal communication services are uniquely placed to detect possible online sexual abuse of minors. The information they can obtain when providing their services is often crucial for investigating and effectively prosecuting child sexual abuse crimes,” states the draft Regulation. “Therefore, they should be required to report possible online child sexual abuse in their services, whenever they become aware of it, that is, when there are reasonable grounds to believe that particular activity may constitute child sexual abuse. […] For the sake of efficiency, the manner in which they acquire such knowledge should be irrelevant,” the text indicates.
Restricting rights
Furthermore, it also justifies that the European Directive on the processing of personal data and the protection of privacy in the electronic communications sector allows Member States to adopt legislative measures to restrict the scope of rights and obligations related to the confidentiality of communications when such restriction constitutes an appropriate and proportionate measure to prevent, investigate, detect, and prosecute criminal offenses.
What will not be monitored
Tracking can be done on chat conversations and also on audio, but the rule does not allow the listening of phone conversations. Excluded from this control are confidential and classified information, information covered by professional secrecy, trade secrets, and electronic communications services that are not publicly available.
The regulation aims to apply this obligation to all companies providing these services within the EU. If they are based outside, they must have a legal representative within the EU.
