Half-good new Danish Chat Control proposal
Denmark, currently presiding over the EU Council, proposes a major change to the much-criticised EU chat control proposal to search all private chats for suspicious content, even at the cost of destroying secure end-to-end encryption: Instead of mandating the general monitoring of private chats (“detection orders”), the searches would remain voluntary for providers to implement or not, as is the status quo. The presidency circulated a discussion paper with EU country representatives today, aiming to gather countries’ views on the updated (softened) proposal. The previous Chat Control proposal had even lost the support of Denmark’s own government.
“The new approach is a triumph for the digital freedom movement and a major leap forward when it comes to saving our fundamental right to confidentiality of our digital correspondence”, comments Patrick Breyer (Pirate Party), a former Member of the European Parliament and digital freedom fighter. “It would protect secure encryption and thus keep our smartphones safe. However, three fundamental problems remain unsolved:
1) Mass surveillance: Even where voluntarily implemented by communications service providers such as currently Meta, Microsoft or Google, chat control is still totally untargeted and results in indiscriminate mass surveillance of all private messages on these services. According to the EU Commission, about 75% of the millions of private chats, photos and videos leaked every year by the industry’s unreliable chat control algorithms are not criminally relevant and place our intimate communication in unsafe hands where it doesn’t belong. A former judge of the European Court of Justice, Ninon Colneric (p. 34-35), and the European Data Protection Supervisor (par. 11) have warned that this indiscriminate monitoring violates fundamental rights even when implemented at providers’ discretion, and a lawsuit against the practice is already pending in Germany.
The European Parliament proposes a different approach: allowing for court orders mandating the targeted scanning of communications, limited to persons or groups connected to child sexual abuse. The Danish proposal lacks this targeting of suspects.
2) Digital house arrest: According to Article 6, users under 16 would no longer be able to install commonplace apps from app stores to “protect them from grooming”, including messenger apps such as WhatsApp, Snapchat, Telegram or Twitter, social media apps such as Instagram, TikTok or Facebook, games such as FIFA, Minecraft, GTA, Call of Duty, and Roblox, dating apps, video conferencing apps such as Zoom, Skype, and FaceTime. This minimum age would be easy to circumvent and would disempower as well as isolate teens instead of making them stronger.
3) Anonymous communications ban: According to Article 4 (3), users would no longer be able to set up anonymous e-mail or messenger accounts or chat anonymously as they would need to present an ID or their face, making them identifiable and risking data leaks. This would inhibit, for instance, sensitive chats related to sexuality, anonymous media communications with sources (e.g. whistleblowers), and political activity.
All things considered, the new Danish proposal represents major progress in terms of keeping us safe online, but it requires substantially more work. However, the proposal likely already goes too far already for the hardliner majority of EU governments and the EU Commission, whose positions are so extreme that they will rather let down victims altogether than accept a proportionate, court-proof and politically viable approach.”