The – so far failed – legal journey for EU Child Sexual Abuse Material (CSAM) scanning bill could see the development this week as legislators are set to discuss a new proposal on Wednesday, February 5, 2025. The Polish Council President proposed a new version Of the bill seeking to tackle existing concerns about privacy.
The image of chat control of his critics comes as a way to stop the spread of CSAM content online by scanning all people’s communication. However, according to the new Poland’s proposal, the scan would become voluntary instead and classified as “prevention.”
Despite looking like a step in the right direction in the fight to protect encrypted communication, experts in privacy are not fully sold on this solution and warns that there are a few problems left.
“Great progress, but not yet acceptable due to mass surveillance,” Commented Patrick Breyer of the German Pirate Party. A similar view was also shared by Elina Eickstädt, spokeswoman for Chaos Computer Club, who pointed out how the new proposal asks more questions than it answers – reported Digital Rights Group Netzpolitik.
The end of online anonymity?
Chat Control has seen many twists since the Europe Commission presented the first version of the draft bill in May 2022.
The initial plan required message services and E email providers to scan all people’s messages looking for illegal material -whether encrypted, such as WhatsApp or Signal Chats.
An diluted version would later adjust the target against shared photos, videos and URLs under users’ permission. However, these changes were not enough to convince the majority of legislators, with the latest December reconciliation that does not attract the necessary majority again.
Poland’s proposal, as Breyer from the Pirate Party pointed out, represents a “larger leap forward” to protect Europeans’ basic right to keep their digital correspondence private.
He said, “It would protect safe encryption and thus keep our smartphones in safety. However, three basic problems are unresolved.”
🇬🇧half-good new polish #chatcontrol suggestions will be discussed Wednesday: #chatcontrol would remain volunteer. Would keep #Enencryption safe. But volunteer #chatcontrol 1.0 would still be general mass surveillance. (1/2)31 January 2025
For starters, Breyer explains that while Microsoft or Google can decide whether Microsoft or Google can decide whether to implement CSAM scanning, this can still provoke U targeted mass surveillance or not. This is why the European Parliament has proposed another approach involving making searches mandatory but limiting them to people or groups associated with sex sexual abuse.
Breyer is also concerned about Article 6 of the proposal, which would prevent users under the age of 16 from installing popular applications, including encrypted messaging apps, social media, video conference services and even online games. Although this minimum age would be easy to bypass, for example by using one of the best VPN services, Breyer believes it would also break down teenagers instead of making them stronger.
Last but certainly not least, Poland’s proposal did not change the controversial Article 4 (2). 3, for which users would be prohibited from creating anonymous e email or messenger accounts. “This would, for example, inhibit sensitive chats related to sexuality, anonymous media communication with sources (eg whistleblowers) as well as political activity,” Breyer warns.
What is the next?
As mentioned earlier, lawmakers are set to discuss the new chat control proposal on Wednesday.
When asked how likely it is for this version to finally get the required number of votes, Breyer Techradar told me to be skeptical of the hardline majority that agreed to pull mandatory chat control.
He said: “The proposal is likely to already go too far for the hardliner majority of EU governments and EU Commission”
