Tech Groups Urge Amendments to EU Child Sex-Abuse Prevention Plan

Proposed EU rules to fight child sexual abuse need changes, tech organizations said Tuesday. The organizations "are deeply committed to making the digital space safe for everyone, and, in particularly, to protecting children online," but some provisions of the regulation need "further reflection" to achieve their objective, said groups including the Computer & Communications Industry Association Europe, ACT|The App Association, Cloud Infrastructure Services Providers in Europe and the Information Technology Industry Council. They recommended the proposal's scope be narrowed to focus on service providers that are best placed to take effective mitigation and enforcement actions, such as on providers that present a high risk of online child abuse. Risk mitigation efforts should be broader and include voluntary measures that the industry carries out proactively, they said. The tech sector has been active in defining child safety online, and under the current voluntary system developed technology to help prevent, detect, report and remove the increasing amount of child sexual abuse worldwide, the groups said. Providers are also concerned there's no operational plan to transition from the current ePrivacy law, which allows voluntary scanning, to the proposed regulation, which would allow scanning only with a detection order that could be issued only after a long process of checks and balances. They also recommended the regulation explicitly protect encryption: By requiring service providers that employ end-to-end encryption to filter and scan for child sexual abuse material and grooming, the measure risks weakening or breaking encryption. The legislation calls for the creation of an EU Center, but the organizations noted there's already a framework for reporting child sexual abuse. Since this is a global issue, they added, there should be more cooperation with existing entities and the role of the EU body in the system should be clarified.