European Electronic Communications Code briefing

guillaume perigois 0NRkVddA2fw unsplash

WeProtect Global Alliance – Briefing

December 16, 2020

What is the issue?

Technology tools that protect children from online child sexual abuse and exploitation (CSEA) risk being outlawed in European Union (EU) member states from 20th December this year, unless an agreement can be reached by three key EU institutions.

A range of detection tools (including Microsoft PhotoDNA and Google CSAI Match), which are used to identify child sexual abuse material (CSAM) and child grooming attempts, will become illegal under the incoming European Electronic Communications Code unless there is a agreement on a way forward by the European Parliament, the European Commission (EC) and the Council of Ministers – an outcome that is looking unlikely due to a group of MEPs who are opposing a proposal to maintain access to tools while a long-term, sustainable solution is finalised.

In September this year, the European Commission (EC) put forward a ​temporary derogation​ that would ensure the existing tools could continue until 2025 (or until the issue is resolved). The proposed “temporary and limited derogation” has the sole objective of enabling service providers to use technologies for the processing of data “to the extent necessary to detect and report child sexual abuse online and remove child sexual abuse material on their services”.

Despite this reassurance, lack of agreement in the European Parliament’s Civil Liberties, Justice & Home Affairs (​LIBE​) Committee looks set to delay the decision until next year. This would result in the Code passing into law on the 20th December and the child protection tools becoming illegal.

As things stand, it appears that the EC and the Council of Ministers have agreed their positions in support of the temporary derogation. The Parliament cannot express a view unless and until the LIBE Committee has presented it with one which they agree. However, a group of MEPs on the Committee has opposed the short-term proposal, citing concerns over privacy and data protection, and delaying the decision until next year.

The temporary derogation can only become law if it is agreed in a Trialogue, meaning the three co-legislators have agreed the text (the EC, the Council of Ministers and the European Parliament). Unless and until the Parliament has adopted a position, a formal Trialogue cannot begin to determine the matter, meaning children in Europe – and beyond – will be left unprotected.

Key statistics

  • In 2019, almost nine in 10 (89%) known URLs containing child sexual abuse material were hosted in Europe (​IWF​, 2020).
  • Of 16.9 million reports received by NCMEC’s CyberTipline in 2019, 16.8 million came from Electronic Service Providers, with only around 150,000 from the general public. A breakdown by company or platform can be found ​here​ (​NCMEC​, 2020).

What is at risk?

This is not just a European issue and will impact global efforts to tackle online CSEA. The detection tools in question are responsible for the vast majority of ​global​ CSAM reports, most of which are hosted in Europe. PhotoDNA, for example, is a free tool developed by Microsoft that has been in operation since 2009. It has enabled content providers to remove millions of illegal photographs from the internet, helped to convict child sexual offenders; and, in some instances, has helped law enforcement to rescue potential child victims before they were physically harmed.

Without the ability to use these types of tools to identify abuse, children in Europe and across the world will be put at risk and law enforcement will be deprived of vital intelligence to trace and prosecute offenders.

If companies are not able to operate the tools legally in Europe, there is also a high risk that they will cease to use them elsewhere. The temporary derogation also only covers existing tools. It is unclear if amendments to these tools – or indeed new innovations – would also be outlawed. If this is the case, then the Code will essentially be making innovation by tech companies to identify online CSEA illegal.

Only three months ago, in July 2020, the EC published the ​EU strategy for a more effective fight against child sexual abuse​ 2020-25, which set tackling online abuse and exploitation as a priority. The ability to use digital tools to detect, remove and report child sexual abuse online underpins this strategy. Without these tools, the European Union’s entire strategy to address online CSEA is in jeopardy.


The next meeting of the LIBE Committee is due to be held on the 9th and 10th of November, with another scheduled for the 2nd December. We need the LIBE Committee to agree a supportive position to allow the Trialogue to happen – before the 20th of December.