A controversial European Union legislative proposal to scan the private messages of citizens in a bid to detect child sexual abuse material (CSAM) is a risk to the future of web security, Meredith Whittaker warned in a public blog post Monday. She’s the president of the not-for-profit foundation behind the end-to-end encrypted (E2EE) messaging app Signal.
“There is no way to implement such proposals in the context of end-to-end encrypted communications without fundamentally undermining encryption and creating a dangerous vulnerability in core infrastructure that would have global implications well beyond Europe,” she wrote.
The European Commission presented the original proposal for mass scanning of private messaging apps to counter the spread of CSAM online back in May 2022. Since then, Members of the European Parliament have united in rejecting the approach. They also suggested an alternative route last fall, which would have excluded E2EE apps from scanning. However the European Council, the legislative body made up of representatives of Member States governments, continues to push for strongly encrypted platforms to remain in scope of the scanning law.
The most recent Council proposal, which was put forward in May under the Belgian presidency, includes a requirement that “providers of interpersonal communications services” (aka messaging apps) install and operate what the draft text describes as “technologies for upload moderation”, per a text published by Netzpolitik.
Article 10a, which contains the upload moderation plan, states that these technologies would be expected “to detect, prior to transmission, the dissemination of known child sexual abuse material or of new child sexual abuse material.”
Last month, Euractiv reported that the revised proposal would require users of E2EE messaging apps to consent to scanning to detect CSAM. Users who did not consent would be prevented from using features that involve the sending of visual content or URLs it also reported — essentially downgrading their messaging experience to basic text and audio.
Whittaker’s statement skewers the Council’s plan as an attempt to use “rhetorical games” to try to rebrand client-side scanning, the controversial technology which security and privacy experts argue is incompatible with the strong encryption that supports confidential communications.
“[M]andating mass scanning of private communications fundamentally undermines encryption. Full stop,” she emphasized. “Whether this happens via tampering with, for instance, an encryption algorithm’s random number generation, or by implementing a key escrow system, or by forcing communications to pass through a surveillance system before they’re encrypted.”
“We can call it a backdoor, a front door, or ‘upload moderation’. But whatever we call it, each one of these approaches creates a vulnerability that can be exploited by hackers and hostile nation states, removing the protection of unbreakable math and putting in its place a high-value vulnerability.”
Also hitting out at the revised Council proposal in a statement last month, Pirate Party MEP Patrick Breyer — who has opposed the Commission’s controversial message-scanning plan from the start — warned: “The Belgian proposal means that the essence of the EU Commission’s extreme and unprecedented initial chat control proposal would be implemented unchanged. Using messenger services purely for texting is not an option in the 21st century.”
The EU’s own data protection supervisor has also voiced concern. Last year, it warned that the plan poses a direct threat to democratic values in a free and open society.
Pressure on governments to force E2EE apps to scan private messages, meanwhile, is likely coming from law enforcement.
Back in April European police chiefs put out a joint statement calling for platforms to design security systems in such a way that they can still identify illegal activity and send reports on message content to law enforcement. Their call for “technical solutions” to ensure “lawful access” to encrypted data did not specify how platforms should achieve this sleight of hand. But, as we reported at the time, the lobbying was for some form of client-side scanning. It looks no accident, therefore, that just a few weeks later the Council produced its proposal for “upload moderation”.
The draft text does contain a few statements that seek to pop a proverbial figleaf atop the gigantic security and privacy black hole that “upload moderation” implies — including a line that states “without prejudice to Article 10a, this Regulation shall not prohibit or make impossible end-to-end encryption”; as well as a claim that service providers will not be required to decrypt or provide access to E2EE data; a clause saying they should not introduce cybersecurity risks “for which it is not possible to take any effective measures to mitigate such risk”; and another line stating service providers should not be able to “deduce the substance of the content of the communications”.
“These are all nice sentiments, and they make of the proposal a self negating paradox,” Whittaker told TechCrunch when we sought her response to these provisos. “Because what is proposed — bolting mandatory scanning onto end-to-end encrypted communications — would undermine encryption and create a significant vulnerability.”
The Commission and the Belgian presidency of the Council were contacted for a response to her concerns but at press time neither had provided a response.
EU lawmaking is typically a three-way affair — so it remains to be seen where the bloc will finally end up on CSAM scanning. Once the Council agrees its position, so-called trilogue talks kick off with the parliament and Commission to seek a final compromise. But it’s also worth noting that the make-up of the parliament has changed since MEPs agreed their negotiating mandate last year following the recent EU elections.