A PYMNTS Company

Does Monitoring Your Phone Affect The Essence of Privacy?

 |  June 7, 2022

By: Ot Van Daalen (European Law Blog)

On 11 May, the European Commission published its proposal for a regulation to combat child sexual abuse material (CSAM). The Commission managed to squeeze a host of controversial digital rights issues into one package: the blocking of websites, the obligatory monitoring of online content, and, the most novel one, a measure which opens the door to undermining encryption.

Because encryption technologies protect communications confidentiality, one crucial question in the upcoming policy debate will be whether this latter measure, or its implementation, is compatible with the rights of privacy and data protection under the EU Charter of Fundamental Rights (the Charter). In this contribution, I explore one aspect of that question: is it possible to argue that this measure does not respect the essence of these rights? On the basis of a preliminary analysis, I conclude that this is certainly defensible and suggest further routes for exploration.

The proposal obliges chat providers to detect illegal material and illegal behaviour

But first – what is the measure exactly? The entire Commission proposal is extensive, with 89 Articles, spanning over 130 pages. But the measure in question can be summarised in one sentence: under the proposal, a national authority would be granted the power to request an independent body (such as a court) to issue a “detection order” against a provider of “interpersonal communications services” to take measures to detect “online sexual child abuse”, which includes both distribution of CSAM and soliciting of children (Art. 2(p).) 

To give effect to the order, providers must install and operate technologies which perform such detection, and must report matches to a designated authority. These “interpersonal communications services” are services which enable online, “direct interpersonal and interactive exchange of information” (see Art. 2(b) proposal jo. Art. 2(5) Electronic Communications Code). Importantly, this includes popular chat services in the EU, such as WhatsApp, iMessenger, Telegram and Signal, all of which are end-to-end encrypted (something I’ll get to later)…