A leaked EU proposal shows that CSAM scanning is planned to be mandatory in all encrypted information services to protect children. In 2021, apple finally decided to make a concession to the plan to introduce child sexual abuse material (CSAM) scanning into IOS albums, and agreed to postpone it after being severely criticized for its danger to all privacy. It is worth noting that the UK government supported Apple's plans, although it was after Apple withdrew these plans, mainly as part of its own desire to obtain a back door in end-to-end encryption.
Now, many former EU member states are already planning their own CSAM measures. These plans have made the EU intend to implement a single pan European solution, not only to standardize measures, but also because the self-regulation measures proposed by manufacturers do not protect children in place.
Alec muffett, a security adviser, posted a draft EU proposal on "developing rules to prevent and combat child sexual abuse" on twitter.
"Despite the important contributions made by some suppliers, voluntary action has proved insufficient to address the abuse of online services for the purpose of sexual abuse of children," the proposal said Therefore, some member states have begun to prepare and adopt national rules to combat online child sexual abuse. "The proposal reports that" different national requirements "for CSAM will also lead to" increased decentralization of digital single market services ".
Therefore, EU regulators recommend the implementation of rules to "guarantee the basic rights of children", but also to "establish a fair balance" in the privacy of general users.
The plan is to establish an "EU center", which will "create, maintain and operate an online database of child sexual abuse indicators that suppliers must use".
The proposal did not mention specific services in the plan details of more than 55000 words, but it pointed out that, These "measures" should be taken, regardless of the technology used by relevant suppliers in providing services, including the use of end-to-end encryption technology, which is to ensure users (including children) An important tool for communication security and confidentiality. When executing the test order, the supplier shall take all available safeguard measures to ensure that the technology they adopt cannot be used by them or their employees for purposes other than compliance with these regulations, nor by third parties, so as to avoid damaging the security and confidentiality of user communication. "
The plan seems to propose that information service providers break end-to-end encryption, that is, open the back door for the mechanism of scanning CSAM.
That's what security experts say about Apple The CSAM system is mainly but also. They believe that once CSAM is allowed to be scanned, the government will be able to require scanning of any other information they want. Matthew green, a cryptography teacher at Johns Hopkins University, described the leaked plan as "the most terrible thing I've ever seen".
The leaked EU proposal has no date, but its appendix includes a potential timetable, which will be launched from 2022 to 2027.