Removal orders, reporting requirements and governance architecture are the focus of a new Council text on the legislative proposal against child sexual abuse material (CSAM).
The EU draft law to fight the dissemination of CSAM includes several requirements for hosting services that make websites available and interpersonal communication services like messaging apps to report and take down suspect content.
The Swedish presidency circulated a new text dated 17 May touching upon these obligations to be discussed on Thursday and Friday (25-26 May) at the Law Enforcement Working Party, a technical body of the EU Council.
The original proposal states that both judicial and administrative authorities can issue removal orders that mandate the takedown of illegal content. However, the new text indicates that member states can decide whether removal orders can “only be issued by a judicial authority at the request of the competent authority”.
If that is the case, the EU country should inform the European Commission, which in turn should make the information available. The same applies to blocking orders, according to the text.
Member states must also be able to provide “ex-post administrative or judicial review” of the competent authorities’ orders – “in accordance with national law”.
Such reviews are used to decide whether a specific intervention was justified and whether it worked or not. The text states that this also applies even if the review is conducted based on different legislation.
In addition, the text specifies that information sharing by the coordinating authorities should happen in an automated manner, and it must go through a secure information system at the national level.
The draft law obliges hosting service providers and interpersonal communication services to inform the new EU Centre to prevent and combat child sexual abuse whenever it becomes aware of suspected CSAM in any way that is not via a removal order.
In these cases, the text specifies that ‘where relevant’, the service provider should inform the centre whether it has voluntarily disabled access to the suspected material or whether urgent action is needed.
As EURACTIV reported, there was already more focus on competent authorities in a previous file version. The latest compromise text suggests that the competent authorities should have the power to remove access to materials in all the member states, “in accordance with relevant national requirements.”
In other words, the competent authority of the country where the service is established can request to disable access in all EU member states.
EU Centre and coordination
The compromise text pushes for mutual assistance between the coordinating authorities, the member states’ competent authorities and the EU Centre.
According to the document, if the EU Centre forwards follow-up reports of any possibilities of child sexual abuse, it has to be specified whether that “contributed to an ongoing investigation.” If no action was taken, the reasons must also be specified.
The text also introduced the principle that there should be “direct exchanges” between the coordinating authorities and either the service providers or the victims.
Moreover, the compromise mandates that a contact officer is appointed to coordinate between the EU country and the EU centre, and a representative of the coordinating authority is appointed to sit on the centre’s Board of Directors.
Lastly, according to the document, another task for the coordinating authorities is the drafting of an annual activity report at the national level.
[Edited by Luca Bertuzzi/Nathalie Weatherald]