ENDitorial: Global alliance against CP – no disconnect with reality?

By EDRi · December 19, 2012

This article is also available in:
Deutsch: [ENDitorial: Globale Allianz gegen Kinderpornographie – Wunsch und Wirklichkeit |]

Two and a half years ago, European Home Affairs Commissioner Cecilia
Malmström proposed compulsory EU-wide Internet blocking because some
countries, with the USA as the chief offender, left child abuse material
online rather than removing it. Last week, the same Commissioner
launched the “Global Alliance against Child Pornography (CP)” after this
had been proposed by the United States.

Since the initial blocking proposal, there have been many worrying
developments with regard to failures in online child protection. Within
Europe, the European Commission has been repeatedly forced to admit that
it has no proper statistics about what is happening in the EU, despite
having spent millions on “safer Internet” projects for years. In
response to one parliamentary question, the Commission had to admit
(despite having financed the EU’s hotline and notice and takedown
system) to having no data regarding “investigations and/or prosecutions
for either publishing child abuse material online or accessing such
material in the European Union” and no usable data at all from the
Internet child abuse hotlines that it has financed for most of the past

At the same time, the European Commission has seen neighbouring
countries developing repressive strategies which use “child protection”
as a justification. Turkey used “voluntary” measures to circumvent the
state’s own legal obligations. ISPs are forced to implement blocking
systems, with the blocking lists being prepared by a non-independent
committee. We can expect that Turkey’s reaction to the Chamber Judgement
of 18 December 2012 from the European Court of Human Rights to be a
stronger reliance on EU-style “voluntary measures” rather than an
attempt to bring their practices into line with its legal obligations.
Similarly, Russia has introduced a wide-ranging blocking and censorship
system which is leading to a wide range of unquestionably legal and safe
material being blocked.

Absurdly and unconscionably, we have also seen Interpol, an organisation
which is supposed to represent almost every police force in the world,
devote resources to maintaining a “worst of the worst” child abuse
Internet blocking list. Instead of resources being put into their own
members removing and investigating the worst of the worst child abuse
websites, Interpol chooses to put its time and money into supporting a
policy which is only superficial and has never been shown to have any
particular benefit.

After the banning of child abuse material by the UN Child Rights
Convention… and its re-banning by the Optional Convention to the Child
Rights Convention and then re-banning it again in the Council of Europe
Cybercrime Convention… after the promises made by the Stockholm
Declaration and the Agenda for Action, the promises made by the Council
of Europe Lanzarote Convention, members of the Global Alliance take a
solemn and non-legally binding and non-enforceable promise to take real
action to protect children online. Maybe they will. We can certainly
hope so. However, what else does the Alliance propose? Well, nothing
actually binding or enforceable, in keeping with the spirit of all
international agreements on child protection.

Some of the rather coded proposals are worrying:
a) “Encourage participation by the private sector in identifying and
removing known child pornography material located in the relevant State,
including increasing as much as possible the volume of system data
examined for child pornography images;”

The creation and making available of child abuse material are crimes –
it is not the task of industry to investigate and prosecute crimes. It
is not the task of the private sector to identify “child pornography” –
this is a task for law enforcement authorities, in cooperation with the
courts. It is not the task of private industry to examine “system data”
in relation to child abuse images. This is a task for law enforcement
authorities. Neither the EU, nor the US has any published statistical
data regarding law enforcement follow-up on, for example, websites that
have been removed as voluntary action.

b) “Evaluate whether, according to domestic law, there are any
impediments to the participation of the private sector to identify and
eliminate known child pornography images, and adopt the necessary
legislative amendments”

The European Union and United States are urging countries around the
world, such as Russia and Turkey, to change the law in order to ensure
that it is legally possible for private companies to monitor uploads to
the Internet in order to check that citizens are acting illegally.
Formally recognising such an intrusive and arbitrary surveillance of
citizens by private companies comes with huge costs for human rights and
the rule of law across the world. The cost of such an approach could be
catastrophic in terms of human rights. The cost is huge, so what is the
benefit? The wanton negligence of this approach is shown by the fact
that neither the EU, nor US knows, because existing measures have never
been assessed for effectiveness.

Recently, however, there was a pilot project in the Netherlands. Thanks
to a freedom of information request by EDRi member Bits of Freedom, we
know that the Dutch police came to the conclusion that such filtering is
of “negligible” benefit. So, once again, after all of the promises of
the past, we have another policy that is much worse than useless – child
protection remains neglected, with immense damage to civil rights globally.

c) “Increase the speed of notice and takedown procedures as much as
possible without jeopardizing criminal investigations.”
As previously mentioned, the European Commission has said that it has no
statistical information at its disposal regarding the current speed of
takedown of child abuse material. So, what does “increase the speed”
mean when you have absolutely no idea of what the speed currently is?

And it gets worse – at the launch of the event, the United States
Attorney General identified the widespread use of Microsoft’s PhotoDNA
as a target in the context of the Global Alliance. He supported the use
– outside the rule of law – of PhotoDNA as a mass filtering technology
to check every upload from every Internet user, in case it contains
previously-identified child abuse material.

Microsoft has not been able to point to any independent testing of
PhotoDNA’s accuracy in any of our conversations with them. Microsoft has
not said whether PhotoDNA has been subject to any robustness testing.
Microsoft has not been able to say if law enforcement authorities even
bother to access the log files of apparent uploads. But at least it
sounds good. And EU and US support for arbitrary mass filtering of
communications – outside the rule of law – will sound wonderful to our
International “partners” who are increasingly finding that exploiting
child exploitation is an effective way of minimising international
condemnation of restrictions on privacy and freedom of communication.

Attorney General Eric Holder Speaks at the Global Alliance Against Child
Sexual Abuse Online Ministerial (5.12.2012)

EDRi-gram: Russian bill creates blacklist of websites (18.06.2012)

Russia’s Controversial Internet Law Causing Collateral Damage (19.12.2012)

Interpol – Access Blocking

ECHR chamber judgement on Internet blocking in Turkey (18.12.2012)

Guiding principles on the global alliance against child pornography

Dutch pilot project (only in Dutch, 13.12.2012)

(Contribution by Joe McNamee – EDRi)