Pirates: Wednesday’s vote on EU’s Chat Control bill could open the floodgates to unprecedented surveillance [Updated]
Wednesday EU governments are to endorse proposed EU legislation (“child sexual abuse regulation” or “chat control”) which provides for automatically searching all private communications and chats for indications of potentially illegal images or videos (CSAM). The final wording that is being put to a vote has been leaked today by POLITICO.[1] At the request of France language has been added that when scanning services using end-to-end encryption (so-called client-side scanning), the surveillance code must “not lead to a weakening of the protection provided by the encryption” (Article 10). However it is uncertain whether a sufficient majority of governments will support this proposed text which would force users to accept automated searches or be blocked from sending and receiving images, videos or links via any app offering communications features. Yesterday German news outlet Der SPIEGEL reported that the German crime agency BKA classified more than half of the chats, photos and videos leaked voluntarily via US-based NCMEC as “not criminally relevant” in 2023 – as many as never before.[2] German pirate party Member of the European Parliament Patrick Breyer published a call to contact EU governments and organise protest on his homepage, naming some that are yet undecided.[3] Signal has announced to rather withdraw their services from the EU than succumb to implementing client-side scanning bugs in their app. Switzerland-based Threema also announced that they would be subject to the legislation and would “call on fellow communication services to join us in leaving the EU.”[4]
Breyer comments: “We’re on the brink of a surveillance regime as extreme as we witness nowhere else in the free world. Not even Russia and China have managed to implement bugs in our pocket the way the EU is intending to. To silence critics within the French government and to fool the public, the final proposal pays lip service to secure encryption while in fact, as hundreds of scientists have made clear, destroying it. They understand this very well, as the exception in Article 7 for ‚accounts used by the State for national security purposes, maintaining law and order or military purposes‘ demonstrates. Besides, encrypted or not, indiscriminate searches and error-prone leaks of private chats and intimate photos destroy our fundamental right to private correspondence. If chat control passes, it will open the floodgates to chilling monitoring of our private correspondence for any kind of purpose, as Europol has already called for. Following the logic of chat control, the opening and scanning of all physical letters could be next.”
In the runup to the vote on Wednesday, a working group is meeting tomorrow for a “questions and answers” session on the proposal.[3]
Update: the vote has been moved to Thursday.[6]
[1] Leaked proposal: https://www.patrick-breyer.de/wp-content/uploads/2024/06/csam_cleaned.pdf
[2] SPIEGEL story: https://www.spiegel.de/netzwelt/netzpolitik/kinderpornografie-zahl-der-falschen-verdaechtigungen-bei-online-bildern-massiv-gestiegen-a-a746b118-82e7-4560-8ba4-45f02489768c
[3] Breyer’s call for action: https://www.patrick-breyer.de/en/council-to-greenlight-chat-control-take-action-now/
[4] Threema’s comments: https://threema.ch/en/blog/posts/stop-chat-control
[5] Agenda: https://www.parlament.gv.at/dokument/XXVII/EU/189072/imfname_11385615.pdf
[6] Update: COREPER II agenda: https://data.consilium.europa.eu/doc/document/ST-11316-2024-INIT/fr/pdf#page=4
Breyer’s website on the chat control proposal: https://chatcontrol.eu