A controversial European Union legislative proposal to scan citizens’ private messages for child pornography (CSAM) poses a risk to the future of web security, Meredith Whittaker has warned in a blog post public Monday. She is president of the nonprofit foundation behind end-to-end encrypted (E2EE) messaging app Signal.
“There is no way to implement such proposals in the context of end-to-end encrypted communications without fundamentally compromising encryption and creating a dangerous vulnerability in the core infrastructure that would have global implications far beyond of Europe,” she wrote.
The European Commission presented the initial proposal for mass scanning of private messaging apps to combat the spread of CSAM online in May 2022. Since then, members of the European Parliament have united to reject this approach. They also suggested an alternative path last fall, which would have excluded E2EE applications from the analysis. However, the European Council, the legislative body made up of representatives of member state governments, continues to push for heavily encrypted platforms to remain within the scope of the scanning law.
The Council’s most recent proposal, presented in May under the Belgian presidency, includes a requirement that “interpersonal communications service providers” (i.e. messaging applications) install and operate what the draft of text described as “download moderation technologies”, according to a text published by Netzpolitik.
Article 10a, which contains the download moderation plan, states that these technologies should “detect, prior to transmission, the dissemination of known or new child pornography material”.
Last month, Euractiv reported that the revised proposal would require users of E2EE messaging apps to consent to scanning to detect CSAM. Users who have not provided consent would not be able to use features that involve sending visual content or also flagged URLs, essentially reducing their messaging experience to basic text and audio.
Whittaker’s statement calls the council’s plan an attempt to use “rhetorical games” to try to rebrand client-side scanning, a controversial technology that security and privacy experts say is incompatible with the strong encryption that supports confidential communications.
“Massive scanning of private communications fundamentally undermines encryption. Period,” she emphasized. “Whether this happens by altering, for example, the random number generation of an encryption algorithm, or by implementing a key escrow system, or by forcing communications to go through a monitoring system before be encrypted.”
“We can call it a backdoor, a front door, or ‘download moderation.’ But whatever we call it, each of these approaches creates a vulnerability that can be exploited by hackers and hostile nation states, removing the protection of unbreakable mathematics and putting a high-value vulnerability in its place.
Also attacking the Council’s revised proposal in a statement last month, Pirate Party MEP Patrick Breyer — who opposed the Commission’s controversial plan to analyze messages from the start — warned: ” The Belgian proposal means that the essence of the extreme policy and the unprecedented initial cat control proposal would be implemented without modification. Using messaging services just for texting is not an option in the 21st century.
The EU’s own data protection supervisor has also expressed concerns. Last year he warned that the plan posed a direct threat to democratic values in a free and open society.
Meanwhile, pressure on governments to force E2EE apps to scan private messages likely comes from law enforcement.
Last April, European police chiefs issued a joint statement calling on platforms to design security systems in such a way that they can still identify illegal activities and send reports on the content of messages to law enforcement. . Their call for “technical solutions” to guarantee “legal access” to encrypted data did not specify how platforms should achieve this sleight of hand. But, as we reported at the time, the lobbying was aimed at obtaining some form of client-side analysis. It is therefore no coincidence that the Council presented, a few weeks later, its proposal for “moderation of downloads”.
The draft text contains a few statements that seek to pop a proverbial fig leaf at the top of the gigantic security and privacy black hole that “download moderation” entails – including a line that states that “without prejudice of article 10 bis, this regulation neither prohibits nor makes end-to-end encryption impossible”; as well as an affirmation that service providers will not be required to decrypt or provide access to E2EE data; a clause stating that they should not introduce cybersecurity risks “for which it is not possible to take effective measures to mitigate that risk”; and another line stating that service providers should not be able to “infer substance from the content of communications.”
“These are all good feelings, and they make the proposal a paradox of self-negation,” Whittaker told TechCrunch when we asked for his response to these reservations. “Because what is proposed – imposing mandatory scanning on end-to-end encrypted communications – would compromise encryption and create a significant vulnerability. »
The Commission and the Belgian Presidency of the Council were contacted to address its concerns, but at press time neither had provided a response.
EU law is generally a three-way affair, so it remains to be seen where the bloc will end up when it comes to CSAM analysis. Once the Council has agreed on its position, so-called trilogue talks begin with the Parliament and the Commission to seek a final compromise. But it is also worth noting that the composition of Parliament has changed since MEPs agreed their negotiating mandate last year, following the recent European elections.