Dear Parliamentarian Colleagues,
On September 24, 2024, the Hungarian EU Council Presidency made yet another attempt with a new compromise proposal to reach a consensus in the Committee of Permanent Representatives (COREPER) on the highly contested CSA regulation (Proposal for a regulation of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse).
Let me be very clear: It must be our joint priority to fight and prevent sexual abuse and the sexual exploitation of children. This agreement entails some important elements to combat child sexual abuse online. However, it would put an end to the confidentiality of private communication. As much as we need to strengthen our joint efforts and collaborations to combat those heinous crimes, we cannot let this good cause be a vehicle to secretly terminate our fundamental digital rights.
Your government is among the countries supporting this current problematic bill proposal. In light of the human rights at stake, I am asking you, as an MP, to question your government about its position and urge them to vote against this proposal at the EU level.
What is our struggle about?
Besides risking to contradict the aim of the CSA proposal by intervening in the digital self-determination of those people the proposal seeks to protect, there might be several unintentional but dangerous side effects:
- Client Side Scanning (CSS) and any other mass surveillance would render confidential information carriers impossible: Scanning would affect users who rely on confidential communication and whose communication is particularly protected (professionals bound by confidentiality such as journalists, lawyers, the medical sector, but also whistleblowers and us as parliamentarians). Furthermore, built-in backdoors could compromise the confidentiality of digitally transmitted trade secrets and business transactions. Encryption protects the identity and the contents of communication participants, thus preserving the autonomy of victims of sexual abuse.
- Democratic society and democratic debate need trustworthy spaces: Democratic societies need privacy for the formation of opinions and will. The proposed measures carry the danger of leading to self-censorship, jeopardizing safe spaces for children and victims of sexual violence, but also for everyone else. Especially trusted political spaces are endangered by that. It will also likely lead to users’ unwillingness to use digital services and loss of trust in providers if their data is not secure and protected.
- Blueprint for authoritarian states and weakening cyber security: By building an architecture capable of undermining all possibility of private digital communication, the regulation might inadvertently serve as a blueprint for surveillance in authoritarian states and can serve as a built-in backdoor that can easily be exploited for all sorts of surveillance practices (e.g. trade secrets) and cybercriminals. Once built, this IT-architecture is an invitation to undermine privacy.
- Impairment of digital educational, youth, and assistance services: It will eliminate the common practice to exchange important sexual health information to such education as is the case in some European countries.
The mandatory surveillance of private messages without suspicion carries the risk of creating a climate of general suspicion. Such an approach will irreparably damage the image of the European Union as a guarantor of freedom.
Even if the Spanish, Belgian, and now the Hungarian Presidency presented compromise drafts, the core danger remains: The service providers are still supposed to search all users’ private, unencrypted as well as encrypted content. It is evident that scanning content before encryption on every device, as client side scanning would do, puts an end to the very purpose of end-to-end encryption. At the same time, the technical state of current content recognition technology is inherently flawed and would produce a wave of false accusations. Signal, Wire and Threema announced they would rather withdraw from the European market than breaching their secure messengers.
Safe and encrypted communication is paramount for every human being and and constitutes a core digital right. This is why multiple organizations and institutions, including 348 scientists and researchers, the Dutch Secret Service, the EDRi network, and over 80 MPs from multiple European member states, have been warning about this proposal.
As a national MP, I believe it to be at the core of our responsibility given to us by our citizens to remind our governments of the importance of everyone’s fundamental digital rights and to challenge their point of view if they are considering voting in favor of this proposed regulation.
I kindly ask you to join us in this fight by questioning your government about its vote on the CSA regulation.
In addition, please let us know in case you are interested in joining the Open Letter of national and European MPs against the so called chat control proposal.
Feel free to contact me for questions or comments via email (tobias.bacherle@bundestag.de).
With kind regards,
Tobias B. Bacherle