On 11 May, the European Commission presented a draft regulation to combat sexual abuse of children on the internet. This was open for public comment until 12 September and will now be discussed in the parliamentary procedure over a period of about two years.

The draft regulation can be downloaded here.

From the point of view of the Digital Opportunities Foundation, we comment on the draft as follows:

We expressly welcome the draft regulation since it is the first time a law in the EU follows a fundamental and comprehensive child rights approach focusing on the primacy of the best interests of the child according to the EU Charter of Fundamental Rights Art. 24 (2).

Among the options in consideration the EC has chosen the most far-reaching proposal (E) with regard to the protection of children, addressing detection, reporting and deletion of both known depictions of abuse and "new" material, as well as solicitation of children with sexual intent (grooming). The obligation to assess the risk of grooming within apps is a milestone in combatting child sexual abuse online.

The fight against CSAM must start with a risk assessment and risk mitigation measures by the service providers, since prevention is crucial. Only if and when these preventive operations turn out to be inefficient, the process potentially leading to a detection order will be initiated. The regulation outlines transparently the necessary steps before a detection order is issued and the safeguards to eliminate the violation of fundamental rights as far as possible. We appreciate detection orders being issued by a court or national authority based on a thorough validation process, any order will be limited in time and addressing only a certain type of content on the respective service. Research as well as law enforcement investigations give evidence that sexualised violence follows escalation pathways, the earlier these paths can be stopped the better.

We acknowledge the need to ensure the privacy of interpersonal communications, but the regulation needs to take into account private chats because this is where perpetrators initiate contact with children. The EC suggests scanning technologies look for behavioural patterns suggestive of abuse, but not to analyse the actual content of the communication at first. We trust in the structural safeguards already foreseen in the draft regulation to prevent surveillance of all personal communication without cause.

The draft recognizes end-to-end encryption as an effective means of ensuring the confidentiality of communications and explicitly does not exclude it as an instrument (para. 26). The draft leaves it up to providers to choose the appropriate technology, but makes it unequivocally clear that providers are obliged to detect CSAM and grooming in their services. Our expectation would be for service providers to invest in the development and deployment of such technology right now to have it operational when the parliamentarian process hopefully is finished in mid 2024 with the new regulation chiming into force.

We welcome the co-operational approach for the European Centre to prevent and counter child sexual abuse (EU Centre), which is an important component of the regulation. The tasks foreseen for the Centre must be addressed on a trans-national level without putting in question the work of national authorities. Only the time horizon of 8 years till it is fully operational is too long. We expect the EC to undertake preparational measures for the Centre to be ready to start in 2024. The centre must operate independent from law enforcement although in close co-operation with Europol.

The interim derogation is a strong example how to overcome the only seemingly insurmountable contradiction between privacy and child protection. Like all people also children have the inalienable right to privacy as laid down in the UN-CRC Art. 16. Art. Also they have the right to protection from any form of exploitation (Art. 34 - 36). The approach of the regulation is justified by General Comment 25 on children’s rights in relation to the digital environment esp. by a call for special protective measures on the part of the states in chapt. 12. Also it requires states in para 118 not to criminalise self-generated sexual content children possess or share with their consent and solely for their own private use. We suggest the EC reviews the draft to ensure it is fully compliant also with this para.

An open letter from civil society organisations on the draft regulation can be found at Sexual Abuse - Civil Society Open Letter to the EU

The 17th annual Internet Governance Forum (IGF) meeting will be hosted by the Government of Ethiopia in Addis Ababa in a hybrid format from 28 November to 2 December 2022.

The theme of this year’s IGF is "Resilient Internet for a Shared Sustainable and Common Future". Representatives from business, science and civil society will meet with high-ranking government representatives from all over the world and address the following topics in various event formats:

• Connecting All People and Safeguarding Human Rights
• Avoiding Internet Fragmentation
• Governing Data and Protecting Privacy
• Enabling Safety, Security and Accountability
• Addressing Advanced Technologies, including AI

Many sessions at this years IGF will cover the topic of children’s and young people’s rights to protection, empowerment and participation in the digital environment. Multiple of these sessions have a strong focus on data privacy and protection.

We have put together a list of the sessions that will cover aspects of children and young people growing up in a digital environment. This way you can decide which parts of the program are of interest to you. All sessions are designed to actively involve participants, whether they are on-site or online. Within the IGF week we will report from the event, with a special focus on these sessions.

Registration is required to attend the IGF. It is recommended that you register in good time before the start of the event. You will receive a confirmation that entitles you to access the on-site events and the digital Zoom meetings.

IGF-Sessions on "Growing up in a digital environment":

Tuesday 29.11.2022

• 12:15-13:45 CET (=10:15-11:45 UTC), Room Banquet Hall A: IGF 2022 WS #523 Youthful approach at data protection in messaging apps
• 14:35-16:05 CET (=12:35-14:05 UTC), Room CR3: IGF 2022 WS #183 Digital Wellbeing of Youth: Selfgenerated sexualised content
• 16:30-17:30 CET (=14:30-15:30 UTC), Room Banquet Hall A: IGF 2022 WS #269 Data privacy gap: the Global South youth perspective

Wednesday, 30.11.2022

• 11:50-13:20 CET (=10:50-12:20 UTC), Room CR1: IGF 2022 DC Main Session: Our Digital Future: How Dynamic Coalitions Support the Global Digital Compact
• 14:05-15:35 CET (=12:05-13:35 UTC), Room CR5: IGF 2022 WS #341 Global youth engagement in IG: successes and opportunities
• 15:50-17:20 CET (=13:50-15:20 UTC), Room CR4: IGF 2022 WS #318 Gen-Z in Cyberspace: Are We Safe Online?

Thursday 1.12.2022

• 8:30-10:00 CET (=6:30-9:00 UTC), Room Banquet Hall B: IGF 2022 DCCOS Translating data & laws into action for digital child rights

Friday 2.12.2022

• 10:15-11:35 CET (=8:15-9:45 UTC), Room PBR: IGF 2022 WS #471 Addressing children’s privacy and edtech apps
• 12:45-13:45 CET (=10:45-11:45 UTC), Room LBR:IGF 2022 WS #252 Building a safe & trustworthy digital world for all children
• 14:00-15:00 CET (=12:00-13:00 UTC), Room PBR:IGF 2022 WS #352 Youth lenses on Meaningful Access and Universal Connectivity

Through two consultations, the Commission is seeking the views of EU citizens on existing and future regulatory measures to combat child sexual abuse.

The public consultation, which is open until July 13 2022, aims to evaluate and possibly revise the EU Sexual Abuse Directive, and it is part of the data collection activities following the Inception Impact Assessment published in September - October 2021. This public consultation will inform the evaluation and revision of the EU Child Sexual Abuse Directive, and give citizens and stakeholders the opportunity to provide their feedback on current and future challenges in combatting child sexual abuse, sexual exploitation and child sexual abuse material and possible ways to reinforce, develop and update the existing framework.

Furthermore, the consultation of the new regulatory proposal "Combating Child Sexual Abuse: Detection, Removal and Reporting of Illegal Content Online" is open until September 2022.

Child sexual abuse (CSA) can take multiple forms which can occur both online (e.g. forcing a child to engage in sexual activities via live streaming or exchanging child sexual abuse material (CSAM) online) and offline (e.g. engaging in sexual activities with a child or causing a child to participate in child prostitution). When the abuse is also recorded and shared online, the harm is perpetuated. The EU Directive on combating child sexual abuse, sexual exploitation and child pornography (2011/93) is the main EU legal instrument to combat these crimes. The Directive sets out a comprehensive response, in particular: - It approximates definitions of criminal offences, sets minimum levels for criminal penalties and facilitates reporting, investigations and prosecution of such crimes - It sets out prevention measures, including awareness raising, and intervention programmes for offenders and persons who fear they might offend, - It reinforces provision of support to victims including prevention of additional trauma caused by participating in criminal proceedings.

On 24 July 2020, the Commission adopted the EU Strategy on a more effective fight against child sexual abuse, which proposes concrete actions to set up a comprehensive response to these crimes. One of the actions is to evaluate the EU Directive which has been in place since 2011 to identify best practices and any remaining legislative gaps. If necessary, new priority actions will be proposed to ensure that this legislation continues to reach the goals that it sets out to achieve.

The Commission presented a new regulatory proposal on 11 May, "Combating Child Sexual Abuse: Detecting, Removing and Reporting Illegal Content Online." This is now open for public consultation, initially until 5 September (midnight CEST). This deadline is continuously moving backwards until the regulatory proposal is published in all EU languages.

Some providers are already voluntarily using technology to detect, report, and eliminate child sexual abuse online in their services. However, the actions taken by providers vary widely and a significant number are not yet taking any action at all. According to a recent impact assessment, voluntary measures to combat child sexual abuse online are insufficient, so the Commission is planning to introduce mandatory measures.

The proposed Regulation consists of two main building blocks:

1. It imposes obligations on providers concerning the detection, reporting, removal and blocking of known and new child sexual abuse material, as well as solicitation of children, regardless of the technology used in the online exchanges
2. It establishes the EU Centre on Child Sexual Abuse as a decentralised agency to enable the implementation of the new Regulation.

Taking part in the consultation is possible via the EU consultation system. You can find the consultation process here

• „Combating child sexual abuse - review of EU rules“ til July 13th, 2022

and


• „Fighting child sexual abuse: detection, removal and reporting of illegal content online“ til Sept. 6th, 2022.

On 1 and 2 June 2022, the summit of the global WeProtect Alliance took place in Brussels, where a communiqué how to combat child sexual abuse online was adopted. Please find the communiqué on the WeProtect Global alliance website at https://www.weprotect.org/library/communique-summit-2022-turning-the-tide/

On May 11, the European Commission released a proposed Regulation laying down rules to prevent and combat child sexual abuse. It is timely and historic, not just for Europe but for the world. When passed, this legislation has the potential to make an impact far beyond the EU and help advance the global fight against child sexual abuse in both the offline and online worlds.

Focusing on the online dimension of child sexual abuse, EU Commissioner for Home Affairs Ylva Johansson emphasizes that there has been a 6000% increase in reports of child sexual abuse online in the EU in the last ten years alone. Most of the images and victims remain hidden, their abuse unseen and unreported. But even the tip of the iceberg is enormous: the National Center for Missing and Exploited Children received close to 85 million files containing child sexual abuse material in 2021. In the previous year, that number was 65 million. Over 62% of online child sexual abuse material (CSAM) worldwide is hosted on servers based in the EU. It will take collaboration between citizens, institutions, policymakers, tech companies, and nonprofit organizations to tackle a problem at this scale.

We, as a collective of organisations that strive for children’s rights, safety, and security online and offline, support the European Commission’s proposal as a critical step toward better protection of children’s rights. The proposed Regulation presents a vision of a responsible internet where children are free to be curious and explore online spaces safely. It aims to ensure that technology is developed and used in conformity with European Union values and in accordance with fundamental rights, with particular attention paid to protecting children.

The full open letter, currently signed by 99 civil society organizations (updated 20.07.2022), can be downloaded here in English, Spanish, Italian, Portuguese, French and Greek.

For more information or to add your name and organisation to the list please contact emily.slifer@wearethorn.org