CDT and dozens of other organizations, companies, and cybersecurity experts have released a joint letter highlighting the threat posed to encryption by the latest "compromise" proposal from the EU presidency on the proposed EU Regulation on Child Sexual Abuse. Members of the Global Encryption Coalition organized the letter, which argues that the proposal’s mandate for mass "upload moderation" is essentially a rehashed version of client-side scanning approaches seen in earlier iterations of this regulation. Detection of child sexual abuse material (CSAM) images would necessitate scanning images and videos that users upload.
The joint letter emphasizes that compelled scanning at the upload point, combined with mandatory reporting of suspected CSAM to authorities, undermines privacy in end-to-end encrypted services. The letter states, "Users would be required to consent to such scanning as a condition of using online services to upload images and video," which implies that consent would not be freely given as required by EU law. The coalition has called on Ministers in the Council of the European Union to reject this compromise proposal.
In addition to releasing the joint letter, CDT Europe also published a detailed briefing document outlining concerns regarding this proposal from the EU presidency on the proposed CSAM regulation.
