A disaster for children is brewing, thanks to a new EU law. Here’s why
Guest blog by John Carr
Tools that are currently being used to identify, remove and, in some cases, prosecute child sex abuse material online are due to be made illegal in the EU on 20 December.
The tools, which have been in use for several years, have made an enormous difference to the amount of pictures and videos of children being sexually abused that are removed and reported worldwide.
Why would anyone want to stop that?
The whole horrible mess is an unintended consequence of an EU Directive, adopted in 2018 and due to come into force in December.
Itself realising belatedly the mistake, the European Commission has tried to stop it. So have children’s groups from every EU Member State and 19 international children’s organisations. But time is running out. And some people are being obstructive.
Until a few years ago, the numbers of online child sexual abuse images and videos reported could be measured in the thousands. The National Center for Missing and Exploited Children (NCMEC), America’s internet hotline, and its UK equivalent, the Internet Watch Foundation, had to wait for people to stumble over the material or be sent it unsolicited. Individuals then had to find out how, and where, to report it, and pluck up the courage to do so.
People like me had always suspected that the true volume of illegal material “out there” on the internet was large – much larger than was being reported by these clumsy reactive methods. But we had no way of proving it.
In 2017, the Canadian Child Protection Centre made a revolutionary breakthrough. They took a database of known child sex abuse images and videos and linked it to a specially crafted web browser they called “Arachnid”. In a six-week trial Arachnid processed more than 230 million web pages, identified 5.1 million unique web pages hosting child sex abuse material and detected over 40,000 unique images of child sex abuse. Now read that again. They did all that in only six weeks. Nothing on that scale had ever happened before.
Individual companies started copying the Canadians’ lead. The number of illegal images reported and removed began to rise exponentially. Another big step forward.
In 2019, NCMEC received 17 million of these images and videos, which were then forwarded to the police in all the countries from which they had been uploaded. Around 74,000 came to the British police via this route.
Now all this is threatened. The proactive tools companies have been using with messaging services such as Facebook Messenger and Instagram Direct face being declared illegal on 20 December in EU Member States. That includes the UK, since until 1 January 2021 we remain part of the EU’s framework.
And it’s not just tools that detect illegal images that are in peril. It’s other proactive tools, for example those that try to detect and deter grooming, or bullying, or threats of suicide and self-harm.
After 1 January, the UK could choose to ignore or change the law. But if the global platforms our children use can no longer deploy these tools in the major European markets, the level of threat to children living in the UK will still rise. And let’s not get excessively parochial about this: the new directive represents a threat to children everywhere and we should all be shouting at the top of our voices to get it stopped or reversed.
The Commission agrees
Having realised what a colossal blunder this was, on 10 September 2020 the Commission brought forward a proposal for a temporary suspension of the new law until the matter could be sorted out. This would have allowed platforms to continue to use the tools so that the Directive could be reviewed without the pressure of time.
The proposal was very widely supported.
But not by everyone
The Commission’s proposal now has to be agreed by all three law-making parts of the EU (Commission, Council of Ministers and Parliament). The Commission and the Council of Ministers are on board. The LIBE Committee – the Committee on Civil Liberties, Justice and Home Affairs – is leading for the Parliament in this matter and they now have to produce a text so all three bits can sort out an agreed position But the mainly German members of the LIBE seem reluctant to allow the matter even to be discussed and they are stopping it from being put on the agenda.
If the EU doesn’t sign off a text, the proposal to suspend the Directive will die. And on 20 December children will be in much greater danger than they were the day before.
I am writing this on 29 October 2020. Yesterday morning, a member of the LIBE Committee, Patrick Breyer of the German Pirate Party, published a blog revealing that he thinks the child protection tools should never have been used in the first place. He has asked the Data Protection Authority in Schleswig Holstein to give a ruling.
Given that Breyer could have brought his challenge at any time since 2009, or at any rate since the GDPR became operative in 2018, you have to wonder about the sincerity of his motives. Is he just trying to snarl things up until the December deadline has passed?
Breyer claims to care about children and about privacy. If that were really the case, why disregard the right to privacy and human dignity of the victims of the pictures and videos?
What can you do?
It is vital that those of us who recognise the gravity of this situation shout about it now. Something that was never intended, and which will have dreadful consequences for children, should not be allowed to pass. It would be a terrible injustice if child protection tools that are successfully uncovering millions of crimes a year became illegal.
John Carr is Secretary of the Children’s Charities’ Coalition on Internet Safety, an advisor to the UN, to the EU and to the UK government. In the latest episode of Tech Shock, the Parent Zone podcast, he chats to Vicki Shotbolt and Geraldine Bedell about whether age-verification tools could and should be used on the internet.