- The VPN industry has spoken out against the bill to scan sexual abuse on controversial children (CSAM)
- Members of the TRUST VPN initiative warns that legislators should “reject any regulation that weakens encryption standards”
- The members of the EU Council share their final position on the Danish proposal for the so-called cat control on September 12, with the next meeting scheduled for October 14
EU legislators should reject any regulation which obliges the doors of encryption, weaken encryption standards or impose unwelling technical requirements.
This is the commitment of the TRUST Initiative VPN (VTI), a consortium that includes some of the best VPN suppliers on the market, because EU members share their final positions on the Danish version of the Children’s Sexual Abuse Regulatory Proposal (CSAR) to the Council.
Nicknamed chat control by its criticisms, the bill seeks to introduce new obligations for all messaging services operating in Europe to scan user cats – even if they are encrypted – in the search for known and unknown child abuse material (CSAM).
Although Virtual Private Network (VPN) software is outside the extent of the law – for the moment, at least – VTI members fear that this so -called digitization on the customer side will irrevocably ruin VPN even on technology.
“Encryption protects everyone, that is, he does not protect anyone,” said Emilija BertaiskaitÄ—, co -president of VPN Trust Initiative.
“Governments around the world – and especially in Europe this week – must come from an enlightened position and defend a strong encryption as the cornerstone of privacy, digital confidence and democratic values.”
How could cat control break up the encryption?
In its current form, the Danish CSAM digitization proposal would oblige WhatsApp, Signal, Protonmail and other messaging services to carry out a blind analysis of private messages.
Above all, compulsory digitization should occur directly on the device before messages are encrypted, targeting URLs, images and shared videos. Only governments and military accounts are excluded from the scope of the bill.
Despite the proposal mentioning the commitment to preserve encryption protections from start to finish, experts believe that technologies on the customer side simply cannot do it.
“The CONTROL CONTROL CUSSIBLE CUSTRY COMPANY CONDITIONS CREATE A FALSE CHOOSE between security and security,” Laura Tyrylyte, private life defender at NordVPN, a member of VTI, told Techradar. “Solutions should not be transactional. We cannot solve a problem, even as serious as children’s safety, to the detriment of the creation of systemic safety vulnerabilities that expose everyone to greater risks.”
The CEO of NYMVPN, Harry Halpin, also spoke out against cat control, deeming him “a big step back for private life”.
“The digitization of everyone’s intimate conversations is a disproportionate response that normalizes surveillance,” he explains. A measure that could be easily reused to target journalists, activists or political opponents. Such a stolen door will also create a vulnerability that hostile criminals and governments could exploit.
“The best approach is targeted, surveys based on mandates, the rapid withdrawal of illegal content, reports on clear industry and specialized resources teams,” added Halpin.
What is the probability that cat control will pass?
On the eve of today’s meeting (September 12), Luxembourg and Germany joined the opposition, bringing the list of countries opposing the bill to eight.
The latest rumors shared by the former deputy deputy for the German pirate party and the jurist of digital rights, Patrick Breyer, also indicate that Slovenia has moved from intervention to those against.
If this is true, only three members of the EU remain undecided (Estonia, Greece and Romania), and we will have to wait and see if these governments will eventually take a final position in the Council.
Do you know?
Tuesday, September 9, more than 500 scientists in cryptography and researchers signed a letter to warn the EU advice from the risk of accepting the proposal in its current form. It was the third time since 2022 that experts have requested compulsory cat scanning.
However, support remains stronger, 15 countries (including France, Italy and Spain) being in favor of the bill, in accordance with the latest data.
According to the main director of European government and regulatory affairs of the Internet company, David Frautschy, it is “a bad result” for privacy and secure communications in the EU.
“It’s not over, but the window is closing quickly. The process will be finished by October 14. So we encourage citizens to convince their decision -makers that the right way to follow is to support a strong encryption, not to weaken or undermine it by sweeping on the customer side,” added Frautschy.
What is certain, however, is that cat control is only one of the proposals that could endanger encryption protections for Europeans – and VPNs could also become a target because some EU experts explicitly mentioned them as “key challenges” at investigative work.
Commenting on this point, Tyrylyte de NordVPN told Techradar: “Once deployed, the scanning infrastructure on the customer side can be insignificant to extend surveillance beyond its initial objective.
