A well-intentioned law to allow digital platforms to detect and report child abuse is likely to itself break European privacy law …

Politico reports.

The European Parliament on Tuesday approved a controversial law that would allow digital companies to detect and report child sexual abuse on their platforms for the next three years.

Tuesday’s vote was the final hurdle for the bill, and will allow companies to scan their platforms for explicit material without fear of violating Europe’s strict privacy laws […]

Despite the bill’s approval, In ‘t Veld warned that the legislation would not withstand court scrutiny given Europe’s strict privacy laws. Addressing Home Affairs Commissioner Ylva Johansson on Monday, she said, “I think we both know that the result on the table is legally flawed.”

MEPs also said that the blanket scanning of private messages of European citizens to look for evidence of child grooming could clash with another set of privacy rules protecting personal data, the GDPR.

The law permitting searches for illegal material is academic in many cases, since many messaging services – including iMessage, FaceTime, and WhatsApp – use end-to-end encryption, meaning there is no way for the company that owns the service to scan user content. That has, predictably, led to renewed technically illiterate calls to outlaw end-to-end encryption.

With most of the child trafficking and abuse done through encrypted communications on apps like WhatsApp and Telegram, the Commission wants to limit how secure those communications can be. Johansson, who’s in charge of tackling illegal content online, has warned Facebook that its plan to introduce encryption could “give haven to the pedophiles.”

While Apple does use strong encryption for most user data, there is a weakness in that iCloud backups – which contain much of the data stored on iPhones – do not use end-to-end encryption, so Apple holds the keys. This is likely a deliberate compromise on Apple’s part, to allow it to assist with court orders, but has raised significant concerns in the case of China. Technically, this law would allow Apple to scan iCloud backups in Europe, but that would itself be illegal under GDPR.

Photo: Chuttersnap/Unsplash

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear