By EDRi

This article is also available in:
Deutsch: [Bündnis für ein kindersicheres Internet | https://www.unwatched.org/EDRigram_10.5_Buendnis_fuer_ein_kindersicheres_Internet]

Following an invitation by Commissioner Kroes in the summer of 2011, and
founded on 1 December 2011, the CEO “Coalition to make the Internet a
better place for kids” covers the whole industry value-chain. Its 30 members
include Apple, BSkyB, BT, Dailymotion, Deutsche Telekom, Facebook, France
Telecom – Orange, Google, Hyves, KPN, Liberty Global, LG Electronics,
Mediaset, Microsoft, Netlog, Nintendo, Nokia, Opera Software, Research In
Motion, RTL Group, Samsung, Skyrock, Stardoll, Sulake, Telefonica,
TeliaSonera, Telecom Italia, Telenor Group, Tuenti, Vivendi and Vodafone.

Its statement of purpose and working plan mentions five working areas:
simple tools for users to report harmful content and contact,
age-appropriate privacy settings, wider use of content classification, wider
availability and use of parental controls and the effective take down of
child abuse material.

The CEO Coalition has recently opened itself to interested third parties.
During the last two weeks, consultations have been held on all five working
areas. Of course, from the viewpoint of the civil society, having such a big
part of industry working for child online safety appears laudable, but there
are some significant points where this endeavour could fail. At the moment,
the Commission is putting a lot of pressure on the industry to come up with
“results”. For example, in the session about effective takedown of child
abuse material (CAM), a Commission representative went as far as complaining
about the resistance he perceives, complaining there was too much talk about
civil rights and too little talk about what can be done. The only problem
with the Commission’s demand for “effective” takedown of child abuse
material is that it has (and it confirmed this in response to a
parliamentary question) failed dismally to provide any evidence whatsoever
that takedown is not functioning effectively already. This failure is all
the more abject when we consider that it has paid for statistics to be
prepared.

Also, the Commission representative felt it necessary to point out of course
that member states cannot force access providers to use deep packet
inspection (DPI) but, of course, access providers could do so “voluntarily”.
It seems long overdue for the Commissions legal service to assess the
appropriateness of promoting “voluntary” adoption of measures that would be
in contravention of the Charter and the ECJ cases Scarlet/Sabam,
Netlog/Sabam if implemented in law. As a side note, the Commission is now
seeking to create new meanings for “takedown” and “removal” of illegal or
allegedly illegal online content, with “removal” meaning definitive removal
of specific content from all locations on the Internet, even though this
interpretation was never discussed during the preparation of the recently
adopted child abuse Directive where this issue is regulated. The “efficient
takedown” emphasis totally overlooks the fact that takedown is the removal
of a symptom – unconfirmed reports from the US suggest that as many as 80%
of takedowns of allegedly criminal child abuse websites are not followed up
by a police investigation. The EU does not collect statistics on this point.
So instead of fighting the abuse that is the source of such images, this
policy, on its own, serves only to hide the representation of the abuse.
This approach is similar to what tends to happen in families where abuse
happens, where everybody prefers to look away rather than act, putting all
the energy into denial instead of helping the child victim.

The whole process is also burdened by political baggage that pre-dates its
launch. From the outside, it looks as if, at the moment, the
Commission’s Safer Internet Unit appears to be under pressure both to
resolve the quite deep problems that developed before its current management
took over and to produce “something” before the end of the term of office of
the current Commission. The most obvious approach would have been to collect
the experiences from different countries regarding the problems identified
and the outcomes of various options that have so far been tried.

At the same time the Coalition appears to have a lack of focus on specific,
known problems that might need to be solved. Instead, each discussion
appears to start from scratch, as if no experience existed. For example, the
action on reporting tools which led to discussions about the style and
placement of reporting buttons, but to no discussions about how the reports,
especially of harmful content and bullying are to be dealt with. In light of
recent revelations about how Facebook deals with reports of potentially
harmful content, this is a very serious matter, regardless of the
Commission’s unwillingness to speak about civil liberties issues.

The pressure to deliver “something” risks to put the CEO Coalition into a
mode where it just wants to deliver anything. This creates the setting were
frankly idiotic proposals such as a scanning of all Windows computers for
criminal content (child abuse material in this case) initiated by the
automatic updates process or the proposal to whitelist the whole of the
European web came up. Unfortunately, the Iranian and Chinese governments
were not asked to send delegates to the meeting, to explain how this can be
done most effectively.

One could also get the impression that part of the coalition’s membership is
still trying to find out what this exercise is all about (especially as many
see it as a reiteration of the several consultation processes within the
Safer Internet Program that have previously happened ). Additionally, some
players appear to see this as being the chance to get a competitive
advantage over other industrial stakeholders.

The discussions around reporting and removal of
illegal or (potentially) harmful (two very different categories) deserve
particular attention.

1. Implementing parental controls[*] is being pushed. This includes
implementing them into the network (by the access providers) as a
one-size-fits-all solution – fitting all religions, all ages, all families.
This hardly seems to be an optimal solution, as it will always be easier and
more precise for one consumer to set his/her devices as he/she wishes rather
than the access provider configuring their network in a way that suits the
needs of every family connected to it.

But apart from this fundamental problem of implementing parental controls in
the network, this approach will lead to “solutions” that will violate net
neutrality and will come with serious privacy issues, as well as endangering
freedom of speech. To this end, there is an overwhelming need to properly
include in the discussions other parts of the European Commission, such as
the Directorates General responsible for Justice and for Consumer Affairs.

Additionally, any network-level restrictions (very much like the DPI
mentioned against child abuse material) will certainly attract the copyright
industry, which has a strong interest in the implementation of this kind of
technology and which has the potential to completely swallow up the
initiative if allowed to. The Coalition seems to be aware of this, just it
does not seem to take this danger seriously. On the other hand, reading some
of the responses to the Consultation on the review of the Directive on
Enforcement of Intellectual Property Rights, from some of the members of the
Coalition, perhaps this is not seen as a danger at all.

This leaves DG Information Society of the European Commission in a position
where it (in the form of the Safer Internet Unit) is applauding the mobile
sector for interfering with traffic flows (probably in contravention of
Article 52 of the Charter, as there is no evidence that it is genuinely
achieving an objective of general interest) and, at the same time, (through
the Commission units responsible for ensuring a competitive network
environment) urging the mobile operators not to interfere with traffic flows
for their own business purposes.

2. There is interest in “age appropriate privacy setting” or the
“privacy by default” as Kroes mentioned in October 2011.

Most interestingly, this concern about children’s privacy only seems to
encompass data shared with other users of the platform, not about data
processed (and probably shared) by the platform itself. In the context of
the Coalition, “Facebook” seems to be synonymous with “social networks” and
is leader of Action 2 “Age appropriate privacy settings”. Facebook seems to
be unwilling to talk about data it collects about users and also about the
tracking of users through social network plugins implemented on third party
websites.

Additionally, there seems to be some competitive arm wrestling about “age
appropriate privacy settings” versus “informed consent” or “even parental
consent” for children in social networking services (SNS). Some industry
stakeholders went further than Facebook and implemented schemes where the
parents’ consent is being actively sought. Facebook seems to wilfully ignore
that fact that children lie about their age to get on the platform and
thereby bypass what Facebook considers “age appropriate” settings thereby
exposing them to risks.

If the Coalition were to start taking privacy seriously, it would soon
realise that there are other groups who might also benefit from easier
privacy settings or the principle of informed consent – such as mentally
handicapped people or people under legal custody – so not only children
benefit from getting this done right.

All of these bad practices also leave the door open to elements who argue
that positive identification of every individual connected to the Internet
is needed (to protect the children, of course).

3. Microsoft has taken the lead on the “takedown” working group, where
it enthusiastically supports the use of its “photoDNA” software. While
photoDNA (which effectively identifies previously-identified abuse images,
even when they have been cropped or otherwise distorted) clearly has some
very positive applications – such as allowing hotlines to immediately
identify known images, minimising exposure of analysts to the content, no
effort (as usual) has been given to examining the potential side-effects of
widespread use of the technology. What is the risk, for example, of creating
a potentially lucrative market for new images, if “known” images are removed
very quickly?

4. There is a discussion about automatic content classification, where
there seems to be a strong push for pan-European age-classification schemes
even for non-linear media like websites. Generally the coalition could allow
itself a little more room for pluralism. There is no “one size fits all”.
Other means for content guidance, for example descriptive (text) labels seem
to be neglected. Research that points to a higher acceptance for parental
guidance systems, rather than age-dependent restrictions, seems to be
discounted too easily.

Perhaps we should remind the Coalition that its statement of purpose was
not meant to be set in stone. Even though there would probably be some
resistance, its goals can be amended or abandoned if proven to be
impractical or not desirable. We must do this, if the Coalition truly wants
to achieve effective, proportionate solutions that will lead to a safer
Internet for children.

The several working groups take input from the civil society. The contact
can be established through INFSO-SAFERINTERNETCOALITION@ec.europa.eu. If
that does not work, you can also send feedback via the author to
help.me.get.the.ceo.coalition.on.track@mogis-verein.de

(*) On a personal side note – as a representative of a victims advocacy
group (victims of sexual child abuse):
Most children are being abused by their parents or other close relatives. We
want children and adolescents to have helpful resources be available for
them. These children need less parental control, rather than more.
Perhaps we should also be talking about non-overridable whitelists or
unlimited access to websites that label themselves as helpful resources for
children (also information about family planing, STDs and sexual identity)
For example our (MOGiS) website, because it concerns sexuality, violence and
abuse, would be rated inappropriate or harmful even for adolescents – even
though it might be a helpful resource for them (by putting their own
suffering into a context that lets them feel less alien and shows them ways
to cope)

Self regulation: responsible stakeholders for a safer Internet
http://ec.europa.eu/information_society/activities/sip/self_reg/index_en.htm

Neelie Kroes’ speech at the Safer Internet Forum – Luxembourg (20.10.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/11/703&type=HTML

Digital Agenda: Coalition of top tech & media companies to make internet
better place for our kids (1.12.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/1485&format=HTML&aged=0&language=EN&guiLanguage=en

Coalition to make the Internet a better place for kids – Statement of
purpose
http://ec.europa.eu/information_society/activities/sip/docs/ceo_coalition_statement.pdf

Safer Internet Programme :: Policy:: Public Consultation
http://ec.europa.eu/information_society/activities/sip/policy/consultations/index_en.htm

Inside Facebook’s Outsourced Anti-Porn and Gore Brigade (16.02.2012)
http://gawker.com/5885714/inside-facebooks-outsourced-anti+porn-and-gore-brigade-where-camel-toes-are-more-offensive-than-crushed-heads

Facebook in new row over sharing users’ data with moderators (3.03.2012)
http://www.telegraph.co.uk/technology/facebook/9119090/Facebook-in-new-row-over-sharing-users-data-with-moderators.html

Research on parental guidance (10.2011)
http://stakeholders.ofcom.org.uk/binaries/research/media-literacy/oct2011/Children_and_parents.pdf
and
http://stakeholders.ofcom.org.uk/binaries/research/media-literacy/media-lit11/childrens.pdf

Summary of child exploitation Directive
http://www.europarl.europa.eu/oeil/popups/summary.do?id=1106483&t=e&l=en

Microsoft’s response to the review of the IPR Enforcement Directive
(31.03.2011)
http://bit.ly/x9AYvy

Commissioner Kroes’ speech on privacy (20.10.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/11/703&type=HTML

(Contribution by Christian Bahls – German Association MoGiS)