Sprache ändern: English

Leak: EU governments double down on penalising privacy-friendly and encrypted messaging services with chat control bulk scanning orders

European Parliament Freedom, democracy and transparency Press releases

An updated version of the methodology to be used in the Child Sexual Abuse Regulation, leaked by the news portal Contexte, reveals more details on the approach pursued by the Belgian Council Presidency: The text doubles-down on services that allow people to protect themselves. If services are used through pseudonyms, VPNs, encryption or without an account, they will score worse on the risk scale, and will be more likely to be served a detection order mandating scanning of all communications content. The same applies if a services allows users to use cryptocurrencies or if it allows users to connect from another jurisdiction (like VPNs, TOR). If a services enables the „direct sharing of content without using centralised servers“, via P2P, that makes it score worse, because it would evade server-side scanning. If a privacy-friendly platform cannot or does not collect data on users (to monitor their behaviour or metadata), it will score worse. Services through which users “predominantly engage in public communication” (i.e. instead of private chats) will score better and thus be less likely to receive detection orders.

Pirate Party Member of the European Parliament and digital freedom fighter Patrick Breyer comments: “Basic services such as Signal, TOR, encrypted email services like ProtonMail, torrenting platfroms are being demonized by this methodology. Privacy-friendly communication services are to become the most extremely monitored. This leaked paper reveals most EU government’s push to mass surveillance and undermining encryption on services essential to citizens, NGOs, lawyers, etc. In contrast, the European Parliament’s approach would only permit the interception of conversations by people connected to child sexual abuse, while mandating many more safety-by-design measures than the Council only mentions in this paper without making them mandatory. We Pirates will not stop fighting for our fundamental right to digital privacy of correspondence and secure encryption.”