EU Lawmaker Questions CSAM Proposal ‘Conflicts of Interest’ – Source: www.govinfosecurity.com

Encryption & Key Management
,
Legislation & Litigation
,
Security Operations

LIBE Committee Chair Seeks Clarifications from EU Home Affairs Minister

Akshaya Asokan (asokan_akshaya) •
October 2, 2023    

The head of a key European Parliament committee said he’s concerned about media reports suggesting that a proposal mandating that instant messenger apps scan for child sexual abuse material was crafted under the influence of an American tech foundation and a non-profit with ties to the British and U.S. government.

See Also: Live Webinar | Cyber Resilience: Recovering from a Ransomware Attack

The head of the European Parliament’s Civil Liberties, Justice and Home Affairs Committee, aka LIBE, in a Thursday letter to European Commissioner for Home Affairs Minister Ylva Johansson, said he’s seeking clarification from the commissioner on her alleged ties to California-based Thorn and U.K.-based WeProtect Global Alliance.

The letter from LIBE head Juan Fernando Lopez Aguilar comes after an investigative report published Sept. 25 by Balkan Insight detailing Johansson’s ties with Thorn, which develops tools to identify child sexual abuse material, and WeProtect, an organization with roots in an U.S.-U.K. task force to combat online child pornography.

The committee is set to hear Oct. 10 from Johansson on the Child Sexual Abuse Material proposal unveiled by the European Commission in May 2022. The proposal’s CSAM scanning requirement, possibly directly on mobile devices, has provoked opposition from industry and civil liberty groups concerned that it would lead to mass surveillance. The European Commission Legal Service earlier this year concluded the proposal “constitutes a particularly serious limitation to the rights to privacy and personal data protection” (see: EU Attorneys Question Legality of Chat App Scanning for CSAM).

The report alleges that Thorn and a complex web of groups enjoy a close working relationship with Johansson and that Thorn could benefit commercially from a European CSAM scanning mandate by licensing its CSAM detection technology in Europe. Balkan Insight reports that Johansson wrote to the Thorn chief executive shortly before the bill’s introduction about the “many moments on the journey to this proposal,” while urging her to “to help make sure that this launch is a successful one.” The report also says that the European Union agency overseen by Johansson awarded nearly one million euros to WeProtect to organize a June 2022 summit in Brussels, a main topic of which was activities to enhance law enforcement collaboration.

In his letter, Aguilar said the report is concerning and “indicate a conflicts of interest.” Thorn and WeProtect did not immediately respond to requests for comment. Johansson on Sept. 29 released a statement asserting she wants to clear “some attempts to create confusion.”

“Let’s be clear: This my proposal,” she said.

Diego Naranjo, head of policy at civil society organization European Digital Rights, in a Sept. 25 statement said the Balkan Insight report “confirms our worst fears: The most criticized European law touching on technology in the last decade is the product of the lobby of private corporations and law enforcement.”

The LIBE committee letter comes after the U.K. Parliament approved a law allowing the country’s communication regulator to deploy “accredited technology” to identify and prevent child abuse material or terrorism content from reaching end users. The government has said it will forbear from using that authority so long as technology “accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content” does not exist.

In the wake of the passing of the British regulation, chat app Signal, which opposes the EU CSAM proposal, reiterated that it will exit the British market if the government undermines the privacy protections of encryption (see: UK Parliament Approves Online Safety Bill).