Although the important decision on chat control is imminent, all ministries are stonewalling. Neither the Home Office, the Justice Department nor the ‘Digital Minister’ are commenting on what Germany's position in the EU Council will be.

As part of its chat control proposal, the European Commission plans to scan billions of images and films in chats to find depictions of child abuse. It is now undisputed that this idea is wrong, dangerous and also prone to error. Nevertheless, in the years-long dispute over this issue, the new German government has refused to disclose its position on the matter.

Old wine in new bottles

The current proposal from the Danish Presidency contains all the problematic measures that have so far failed to gain approval in the EU: scanning for known and also unknown depictions of abuse, and scanning for URLs.

With the introduction of almost universal encryption in messenger services, some surveillance mechanisms have become ineffective. In order to implement the planned scans, direct access to the data is required before encryption.

This is to be achieved by means of so-called „client-side scanning“, which is just an euphemism for snooping directly on the device. It is not yet known which technical method will be used for this purpose. However, contrary to what is claimed, this scanning can never be minimally invasive, as such a scanner must act against the user's will. This necessarily requires backdoors to be planted in the protocols or on the devices.

This means that deliberate security vulnerabilities needs to be forced in messengers like Signal, WhatsApp or Threema, in order to circumvent encryption. Many millions of people use these messengers privately and professionally every day to exchange information and also to share highly personal messages and images with friends and family.

Scanning for incriminating material is technically complex and prone to error. Above all, however, it would be a dam burst that would make secure communication virtually impossible for everyone.

Consequences for IT security and fundamental rights

However, end-to-end encrypted communication must be reliable. It is one of the most crucial components of IT security in a digitalised world, and one that must not be deliberately compromised with backdoors.

The German government has declared IT security to be one of its core issues. In its coalition agreement, it promised: „As a matter of principle, we will ensure the confidentiality of private communications [...] on the internet.“ The government must not and should not allow such a dangerous initiative to be implemented at EU level.

Elina Eickstädt, spokesperson for the Chaos Computer Club, says: „If such a law on chat control is introduced, we will not only pay with the loss of our privacy. We will also open the floodgates to attacks on secure communications infrastructure.“

Just a quick reminder: Client-side scanning is not only error-prone nonsense, but would also be illegal from the outset. This is because an obligation to monitor chats to the planned abstruse extent is disproportionate and would also contradict the European Court of Justice. Indiscriminate scanning of all chat communication content represents the most serious infringement of fundamental rights imaginable, eclipsing even the brazen idea of data retention.

This type of intervention not only contradicts verdicts of the ECJ, but is also considered unlawful by the Council's Legal Service and the UN High Commissioner for Human Rights.

Links:

• Statement by the Child Protection Association on chat control (German)
• Scientist shared open letter against chat control
• How to reach your representative
• Campaign against chat control