* Any views expressed in this opinion piece are those of the author and not of Thomson Reuters Foundation.
The European Union urgently needs to make sure children are protected from online sexual abuse and exploitation. Here are five steps it should take
Dr Dorothea Czarnecki is Deputy Executive Director Programmes at ECPAT International, a global organisation fighting commercial sexual exploitation of children
Lockdowns have significantly impacted children’s lives around the world. Time spent online can be positive, such as learning and socialising. But it can also increase negative experiences, like cyberbullying or even online child sexual exploitation and abuse. The United Nations Special Rapporteur on sale and sexual exploitation of children has warned of lifelong implications from lockdowns for millions of children many of whom were already at risk.
Despite this, in the name of privacy, on 21st December 2020, technology tools that protect children from online child sexual abuse and exploitation were banned across the European Union.
The new regulation placed technology companies already deploying specialised tools to voluntarily detect child sexual abuse material into legal limbo. Some just stopped scanning, with enormous consequences.
In the six weeks following the regulation coming into effect, a leading U.S. organisation for reporting issues related to child abuse, reported a 51% decrease in reports of child sexual abuse material originating from the European Union, which means a significant number remain undetected. It’s clear the risk to children was not considered when drafting the new regulation, further highlighting the urgent need for a more strategic approach by the European Union to developing policies which impact children’s lives.
EU institutions have been struggling to find a way to allow companies to resume their previous child protection measures. This puts more children at risk. Regulation is only one piece of the puzzle, but it has highlighted the urgent need to put children’s rights and safety at the centre of all future policies. How?
Safety-First Approach – Safety by design and privacy by default must be the new standard. At the point of first use the device or service should automatically be set to the maximum safety and privacy settings. This assumes all users are children and/or otherwise vulnerable. Safety and privacy should not be an opt in.
Strengthen European capacities – European law enforcement are currently highly dependent on the United States for a large proportion of online child sexual abuse reports. A change in US law or practice could have a massive adverse impact on child protection within Europe. As part of efforts to build capacity in Europe, the European Commission is exploring creating a new European Centre to prevent and counter child sexual abuse. The Centre should become a global focal point, a centre of excellence in combatting child sexual abuse on and offline. It should become a driving force in finding new and better ways to support victims, working co-operatively across the current ecosystem of online child protection agencies while being able to act independently, if necessary.
Encryption – If end-to-end encryption becomes standard on messaging platforms, we need safeguards to prevent a private entity or state agency from accessing an individual’s data. However, messaging services cannot be allowed to operate in a way that guarantees impunity for wrongdoers. That would undermine the rule of law in general and make child protection nearly impossible in these environments. We must address the unknowns and answer some vital questions to ensure our privacy and child safety online.
Transparency and trust – There needs to be a regime of trustworthiness, transparency governing the online world. If companies claim they are protecting children, the claim must be verifiable. To guard against unverifiable claims, technology companies must confirm to a mandated authority that they are honouring their legal obligations, including towards children.
Legal liability – As authorities grapple with the rise and complexity of online crimes, companies must be held accountable. Currently companies have immunity from civil and criminal liability from crimes that happen on their platforms. When a child is victimized on their platform, they should only be able to retain their immunity by demonstrating that they have taken all necessary steps to minimise the risk of harm to children.
With these changes, we can – and will – protect more children online. There is no quick and easy fix; these are significant and serious considerations that require time to get right for the long term. But at a time when the online world means school and connection to loved ones, we must act swiftly and assertively.