Yesterday Ministers from the 28 Member States met to consider progress on the new e-Privacy Regulation. They could still not agree a final text so the matter remains unresolved. I have only been able to listen to those Ministers who spoke in English (quite a few did) but it is clear we have strong support from some countries.
My network will be letting me know what “their”non-English-speaking Ministers said once they have had a chance to listen to and translate the proceedings but I would say we are moving in the right direction.
Vice President Ansip’s office has emailed me to say he will reply to the NGOs’ letter in due course so watch this space.
If you click here and go to 2 hours 22 minutes and 26 seconds you will hear the Vice President say that police powers are not affected by the proposed e-Privacy Regulation in respect of investigating and prosecuting child sex abuse material cases. We already knew that. Police powers were never in question.
What is at issue is the continuing ability of private companies to take proactive measures to detect, report and delete known child sex abuse materials e.g. through deploying PhotoDNA, as they have been doing since 2009, with fantastic results and no known or reported downside.
The worrying bit in the Vice President’s remarks comes at the end where he says that “mass surveillance is not allowed”. Where did that come from? Who wants mass surveillance? Not me.
PhotoDNA only matches known illegal images and it does so to defend a child’s right to privacy and human dignity. No one has a right to exchange images that have already been deemed to be illegal and which harm someone else’s fundamental rights. Do they? Anti-spam, anti-phising and various other security programmes undertake similar functions.
Several Ministers at the meeting were at pains to point out the proposed Regulation does not impact on measures taken in any country in the interests of their national security. Don’t our most vulnerable citizens, our children, deserve a similar level of consideration?
Thus, we need an explicit carve out in an Article in the Regulation which makes clear that measures to detect child sex abuse material and other forms of abusive behaviour towards children are outside the scope of the Regulation. Alternatively the text of an Article should state such measures are legal without the need for derogation.
That is limited, clear and proportionate. It gives no get out for any company to exploit any data thus obtained for commercial or indeed any other purpose. And it absolutely knocks on the head any possible suggestion that the user’s consent is required before such processing can take place.
As I said, I will report again when I have heard from Vice President Ansip. Meanwhile we need to keep our foot on the gas.
Desiderata 