European privacy regulators on Friday lambasted an EU draft law to fight child abuse online for posing “serious risks for fundamental rights.”
In an assessment of a European Commission proposal to force tech companies to detect and report images of child sexual abuse, the network of national privacy watchdogs, the European Data Protection Board (EDPB), and the European Data Protection Supervisor (EDPS) said they were seriously concerned that the bill could undermine people’s privacy.
Privacy regulators said that while online sexual abuse of children was a heinous crime, the Commission’s plan was disproportionate. They added that the law could risk leading to the scanning of content encompassing “virtually all types of electronic communications” and should not weaken the strongest form of encryption, known as end-to-end encryption.
“Measures allowing public authorities to have access to the content of communications, on a generalized basis, affect the essence of the right to private life,” said EDPS Wojciech Wiewiórowski in a statement.
Data protection authorities said the proposal contained many shortcomings, including vague language, and criticized the strong links between a potential future EU center to deal with illegal content and the EU’s law enforcement agency, Europol.
Proposed in May, the Commission’s proposal seeks to crack down on troves of illegal abusive material targeting children, which has ballooned since the coronavirus pandemic. Tech companies, including messaging apps like WhatsApp and Signal, could be forced by court orders to scan private exchanges for illegal content and problematic conversations.