I agree the future proposed here would be totalitarian, but it's important to be clear that today *this is not currently a legislative proposal in the EU*.
It's not been proposed, it's not being voted on, and it's not coming into force any time soon.
There are two things that have been proposed:
1. Adding a temporary exemption ('derogation') within privacy regulations to ensure online service providers can scan user data for CSAM if the provider so chooses without being in breach of GDPR. In the US and elsewhere, providers who wish to do were already doing this. This just provides a quick fix to avoid GDPR from shutting down existing service provider's own child protection programs. More details: https://www.europarl.europa.eu/legislative-train/theme-promo...
2. Asking the EU Commission to investigate and analyze possible proposals for longer-term legislative solutions to this issue, by defining more clearly what service providers options and obligations are with regard to CSAM, and proposing various other ways the EU could protect children from abuse offline & online.
One _possibility_ is that the commission could propose legislation mandating scanning of all messages and AI to automatically search for grooming. Some parts of that legislative option are mentioned as ideas to be considered (see the "Inception impact assessment" PDF in the commissions analysis) alongside various other options. There's nothing suggesting that this is the leading option though. That PDF also makes detailed note of privacy concerns as topics to consider too, and the resulting public consultation on that specific assessment received a huge amount of feedback against such measures.
So far, there is no proposed legislation like what's described in this video. If there were, it's likely that there would be major public outcry, and there is no indication that it would pass.
It's possible the commission could propose this, but it's also very plausible that the commission proposes some other framework of obligations, which makes it clear when and how online services must scan for CSAM, without mandating searching of all private communications. For example, mandating CSAM scanning of publicly accessible content online, and mandating that private message providers include "report this message" tools to allow users to report otherwise inaccessible content by themselves.
Of course, there is always the possibility that the EU could veer away from privacy protections into being a totalitarian state, sure, but nobody is currently proposing legislation along those lines. There's a wide spectrum of reasonable possibilities on the table here that would be genuine improvements. There's no need to panic about the imminent death of privacy quite yet.
Thank you for this clarification. This topic has been previously discussed on HN and sadly the top comments seem to always result in poorly informed pitchfork parties against the EU and its institutions.
I would urge people to read the linked texts in your comment. I think they will see that it is entirely possible to follow the (imperfect) thought process of the EU Commission from these primary sources, since they are quite readable.
>Of course, there is always the possibility that the EU could veer away from privacy protections into being a totalitarian state, sure, but nobody is currently proposing legislation along those lines.
This eventually didn't hold up in court, but it pretty much shows where the Union has been on the privacy scale right from the start when it comes to governments doing the snooping.
He's a politician that I suspect most of us here largely agree with, but he's still a politician. This is best looked at as campaign literature. The pirate party are sensationalising dangers that don't (yet) exist, in large part imo because it boosts their profile.
It's difficult, because I too would be very concerned about this issue, once there's actually a proposal to object to! I'm entirely on their side on this issue, if reality were as presented here, but campaigning against a strawman that might never be proposed whilst disingenuously implying that it's imminent feels a lot like fearmongering to me.
Frustratingly, it would be quite possible & useful to campaign against this with nuance instead: "the commission is considering proposals to better fight CSAM - have your say, make suggestions & help define tech solutions to do this while preserving privacy", rather than "the EU is going to destroy all privacy ASAP". And it's not like we're short on other genuine issues to campaign on either.
It's not been proposed, it's not being voted on, and it's not coming into force any time soon.
There are two things that have been proposed:
1. Adding a temporary exemption ('derogation') within privacy regulations to ensure online service providers can scan user data for CSAM if the provider so chooses without being in breach of GDPR. In the US and elsewhere, providers who wish to do were already doing this. This just provides a quick fix to avoid GDPR from shutting down existing service provider's own child protection programs. More details: https://www.europarl.europa.eu/legislative-train/theme-promo...
2. Asking the EU Commission to investigate and analyze possible proposals for longer-term legislative solutions to this issue, by defining more clearly what service providers options and obligations are with regard to CSAM, and proposing various other ways the EU could protect children from abuse offline & online.
The EU's summary of the overall process is at https://ec.europa.eu/home-affairs/policies/internal-security... (even more detail here: https://ec.europa.eu/home-affairs/system/files/2020-07/20200...). The details of the derogation regulations are at https://www.europarl.europa.eu/legislative-train/theme-promo..., and there's more detail on the commission's ongoing analysis to eventually define proposals here: https://ec.europa.eu/info/law/better-regulation/have-your-sa...
One _possibility_ is that the commission could propose legislation mandating scanning of all messages and AI to automatically search for grooming. Some parts of that legislative option are mentioned as ideas to be considered (see the "Inception impact assessment" PDF in the commissions analysis) alongside various other options. There's nothing suggesting that this is the leading option though. That PDF also makes detailed note of privacy concerns as topics to consider too, and the resulting public consultation on that specific assessment received a huge amount of feedback against such measures.
So far, there is no proposed legislation like what's described in this video. If there were, it's likely that there would be major public outcry, and there is no indication that it would pass.
It's possible the commission could propose this, but it's also very plausible that the commission proposes some other framework of obligations, which makes it clear when and how online services must scan for CSAM, without mandating searching of all private communications. For example, mandating CSAM scanning of publicly accessible content online, and mandating that private message providers include "report this message" tools to allow users to report otherwise inaccessible content by themselves.
Of course, there is always the possibility that the EU could veer away from privacy protections into being a totalitarian state, sure, but nobody is currently proposing legislation along those lines. There's a wide spectrum of reasonable possibilities on the table here that would be genuine improvements. There's no need to panic about the imminent death of privacy quite yet.