Crunch time approaches in Brussels. Members of the LIBE Committee and later the plenary need to focus on the following questions:
- When the GDPR was making its way through the European Instistitions do you think the co-legislators expressly intended to make it impossible for tech companies to prevent their customers from publishing, exchanging or storing images (still pictures or videos) of children being raped?
- When the GDPR was making its way through the European Instistitions do you think the co-legislators expressly intended to prevent or delay the identification and removal from public view of images of children being raped?
- When the GDPR was making its way through the European Instistitions do you think the co-legislators expressly intended to make it easy for sexual predators to locate and engage with children?
- When the GDPR was making its way through the European Instistitions do you think the co-legislators expressly intended to prevent companies from trying to identify children who might be contemplating suicide or self-harm so as to divert them from that path?
I believe the answer to all of these questions is a simple, unqualified “no”.
Are there ways of deploying the kinds of child protection tools referred to which are entirely and unequivocally compliant with the highest privacy standards?
I believe the answer to that question is a simple, unqualified “yes”.
So now I am an MEP
Let’s say I am a Member of the LIBE Committee, from Poland or Ireland – I am an Irish citizen and I could become a Polish citizen. I am 100% in favour of protecting children to the greatest extent possible. But what do I see?
A lack of transparency and safeguards
I have no evidence any company has behaved inappropriately or put anyone in danger, child or adult, when processsing data that might be associated with the deployment of child protection tools. All I have is a deeply rooted suspicion. Call it a hunch.
This deeply rooted suspicion was allowed to take hold and flourish because there is no trusted transparency regime with associated safeguards and metrics emanating from accountable public sources which could assure me all is well.
I am asked to take everything on trust. That is wrong. No other word for it and it must be addressed in the forthcoming Digital Services Act. But what do I do in the meantime?
Two wrongs do not make a right
I look at how poorly some individual Member States have responded to the child protection challenge, as evidenced, for example, by their failure to implement fully the terms of the 2011 EU Directive but also by their failure to act more broadly in society at large where the bulk of child sex abuse and threats to children occur.
I conclude the national politicians responsible, maybe even in my own Party, are only paying lip service to the idea of protecting children.
I look at the patchy engagement of some law enforcement agencies.
I look at how the different child protection tools we are discussing have emerged from private tech companies, starting back in 2009, and finally I look at what I think are the failures of Commission officials and Member States to address all these things satisfactorily up to now.
I might even reflect on my own responsibility here. This is not my first term as an MEP.
But still. What do I do?
Having looked at what I believe is a series of process failures and other shortcomings do I then decide my higher duty is to those processes? Do I vote to bring an end to the tools? Even for a short while until the mess is sorted out and all the procedural ducks are in a neat, bureaucratically satisfying row? Should I vote to throw out the Commission’s interim proposal? Should I refuse to give children the benefit of the doubt?