- More than 500 scientists and cryptography researchers have signed a joint letter against the EU controversial digitization proposal on sexual abuse (CSAM)
- Experts warn that the Danish version of the text still fails to respond to concerns about encryption, blind monitoring and precision
- The members of the EU Council must share their final positions on the so-called Cat’s control bill on September 12
More than 500 scientists and cryptography researchers have signed an open -joint letter to share their concerns about the EU controversial sweeping proposal on sexual abuse (CSAM). For the third time since 2022.
By its criticisms as a cat control, the bill aims to introduce new obligations for all messaging services operating in Europe to scan user cats, even when they are encrypted, in the search for CSAM equipment.
The members of the EU council should share their final positions on the Danish version of the proposal on Friday September 12, with adoption expected in October 2025 if an agreement is reached.
While including certain improvements in previous versions, experts believe that the last iteration of the text still cannot respond to concerns about encryption, blind monitoring and the precision of detection.
“I think that many changes that have occurred are only smoke and mirrors,” Techradar Bart, Belgian cryptographer and professor at the University of Leuven, told Techradar behind the open letter.
You will find below the main litigious points highlighted by the experts in the open letter.
The Danish cat control version always breaks encryption
The risk of breaking encryption has been the main objection against the proposal from the start.
Encryption is responsible for keeping our communications private and secure. The tastes of WhatsApp, Signal, Protonmail and the best VPN applications use end -to -end encryption (E2E) to blur the content of user messages in an illegible form and prevent unauthorized access.
If the Danish chat control text passes, all the files and multimedia URL you have sent via WhatsApp and similar services should be analyzed for CSAM materials.
Above all, the proposal requires that the CSAM detection technology should not lead to a weakening of the protection provided by encryption. However, according to experts, this cannot occur without undermining the E2E protections, because any detection technology “inevitably introduces a single point of failure” in encrypted communications.
In addition, “the new proposal does not respond to our concerns concerning the potential for the creep of detection functions on devices,” wrote experts.
Precision continues to be a problem – and AI cannot help
Another great concern for experts surrounds the lack of precision of detection technology – something that could de facto fail with the aim of increasing the effectiveness of surveys on law enforcement.
“Existing research confirms that cutting -edge detectors would produce rates of false positives and false negatives unacceptably raised, which makes them unsuitable for large -scale detection campaigns at the scale of hundreds of millions of users, as required by the proposed regulations,” reads the open letter.
Experts also suggest that AI -based technologies cannot be the solution either, given the “huge attack surface” they have. “We expect these technologies to be very ineffective in the case of detection of the CSAM,” they conclude.
What is the next step?
Friday, September 12, EU members should share their positions on the Council.
Did you know?
A source knowing the case told Techradar that Germany, a decisive country to block or support the bill, could consider refusing to take a stand. Germany is among the members still undecided at the time of the editorial staff, alongside Estonia, Greece, Luxembourg, Romania and Slovenia.
Despite the list of countries opposing the growth of the law, support for cat control remains solid, 15 countries supporting the proposal against six opposites and six still undecided, according to the latest data.
The question of whether 500 signatories are sufficient to transform undecided members in the ranks of the opposition is too early to find out. What is certain, however, is that cat control is far from being the only proposed regulation that could endanger encrypted communications as we know them.
Commenting on this point, Preenel told Techradar: “There is enormous pressure to have access to encrypted data: this is not only the CSAM case, there is also the protective document. This is the real debate, and I think CSAM is used as an excuse to open the door.
“I think however that the police should obtain more power to investigate if the providers do not take the right measures. They could be authorized, in my opinion, to make infiltration and to fight these groups with targeted surveys, if there are real suspicions. What I think is not acceptable, however, is to break the encryption for everyone.”
