52020AE4192

Language
- My EUR-Lex
- Sign in
- Register
- My recent searches (0)

This document is an excerpt from the EUR-Lex website

Search tips

Need more search options? Use the Advanced search

EUROPA
EUR-Lex home
EUR-Lex - 52020AE4192 - EN

Document 52020AE4192

Help

Opinion of the European Economic and Social Committee on ‘Proposal for a Regulation of the European Parliament and of the Council on a temporary derogation from certain provisions of Directive 2002/58/EC of the European Parliament and of the Council as regards the use of technologies by number-independent interpersonal communications service providers for the processing of personal and other data for the purpose of combatting child sexual abuse online’ (COM(2020) 568 final – 2020/0259 (COD))

EESC 2020/04192

OJ C 10, 11.1.2021, p. 63–64 (BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)

HTML

PDF

Official Journal

11.1.2021

Official Journal of the European Union

C 10/63

(COM(2020) 568 final – 2020/0259 (COD))

(2021/C 10/10)

Rapporteur-general:

Ionuţ SIBIAN

Referral	European Parliament, 17.9.2020 Council of the European Union, 18.9.2020
Legal basis	Articles 114(1) and 304 of the Treaty on the Functioning of the European Union
Section responsible	Transport, Energy, Infrastructure and the Information Society
Adopted at plenary	29.10.2020
Plenary session No	555
Outcome of vote (for/against/abstentions)	246/1/3

1. Conclusions and recommendations

1.1.

The EESC considers that any derogation from Directive 2002/58/EC must be carefully considered to protect the privacy of all citizens. Still, in this case, the extent of the crime and its perniciousness warrants an exception.

1.2.

The EESC agrees, in general, with the proposed regulation for a temporary and strictly limited derogation from Articles 5(1) and 6 of the Directive 2002/58/EC, which protect the confidentiality of communications and traffic data.

1.3.

In our opinion, the provisional element (that runs until 31 December 2025) is not justified and the Commission should ensure that proper privacy safeguards for children are developed and implemented sooner than five years.

1.4.

In terms of the industry standards for reporting and transparency envisaged in Article 3(e) of the proposed regulation, the EESC considers it would be useful to have a third party perform regular testing/auditing, using a sample non-CSAM (Child Sexual Abuse Material) match similar to EICAR test files in the anti-virus industry.

1.5.

In our opinion, the Commission should organise an open competition with a substantial prize (1) to encourage not only the development of open-source tools and industry standards, but also the development of possible new solutions to detect and report child sexual abuse in end-to-end encrypted electronic communications.

1.6.

The EESC believes that it is time that the European Union had its own European Centre to Prevent and Counter Child Sexual Abuse and calls on the Commission to urge that such a centre be set up and developed. In our view the centre should build on Europol’s work, to work with companies and law enforcement bodies, to identify victims and bring offenders to justice.

2. General comments

2.1.

Recent data from Europol (2) show that the COVID-19 pandemic has had a massive impact on criminal offences online. The amount of Child Sexual Abuse Material (CSAM) shared online saw a significant increase during the lockdown period.

2.2.

In 2019, out of the 16,9 million total reports of Child Sexual Abuse Material (CSAM) that were received by United States National Centre for Missing and Exploited Children (NCMEC), which included 45 million pieces of identified CSAM, 16,8 million reports were from ESPs (Electronic Services Providers). Of those, almost 3 million images and videos depicting CSAM were hosted in the European Union.

2.3.

The proposed regulation is necessary because, with the full application of the European Electronic Communications Code as from 21 December 2020, certain online communication services (3) will fall under the scope of the e-Privacy Directive (Directive 2002/58/EC). This Directive does not contain an explicit legal basis for the voluntary processing of content or traffic data for the purpose of detecting CSA online and providers would have to discontinue their activities unless Member States adopted specific national measures.

2.4.

As a response to this, and as a matter of priority, the Commission decided to come forward with a narrowly-targeted regulation to avoid having a legislative gap in the telecoms regulatory framework.

2.5.

The proposed Regulation provides guarantees to safeguard privacy and protection of personal data:

—	processing must be proportionate and limited to well-established technologies regularly used by NI-ICS (number-independent interpersonal communications services) for that purpose before entry into force;

—	technology used must be in accordance with the state-of-the-art technology used in the industry and must intrude on privacy as little as possible;

—	the technology used must in itself be sufficiently reliable and limit error rates to the maximum possible, and rectify any errors without delay, should they occur;

—	only ‘key indicators’ technology to be used to detect ‘child solicitation’;

—	processing is limited to what is strictly necessary for that purpose;

—	immediate erasure, unless online CSA detected;

—	obligation for the provider to publish an annual report on its related processing.

2.6.

In truth, all the exception does is maintain current practices.

Brussels, 29 October 2020.

The President of the European Economic and Social Committee

Christa SCHWENG

(1) Similar to EU-funded projects NESSIE and ECRYPT (eSTREAM), or competition such NIST on cryptography.

(2) Exploiting isolation: sexual predators increasingly targeting children during COVID pandemic, EUROPOL, June 2020.

(3) Like webmail or messaging services.

Top