End-to-end encryption describes a method that ensures a person sending a message, or a picture, can be sure it will not be read or be viewable by anyone other than the person to whom it was sent. Some apps already utilise end-to-end encryption and in late 2019 Facebook announced its intention to introduce it to Facebook Messenger and Instagram Direct.
On one level end-to-end encryption helps keep the content children share private – and ECPAT International agrees this is very important. However, ultimately, as it is currently set up, end-to-end encryption also puts children at risk. The end-to-end encryption method means no one – neither technology companies nor law enforcement and specialised hotlines, can view the content of the messages that have been sent without having access to the device of the sender and/or recipient. This means that those technology companies who may be voluntarily using tools to detect child sexual abuse materials on their platforms will not be able to see and/or detect anything – even if it’s there. This means illegal behaviour will go undetected.
ECPAT International is not against end-to-end encryption and believes that safeguards are needed to prevent a private entity or state agency from accessing an individual’s data. However, if end-to-end encryption becomes standard on messaging platforms, these services cannot be allowed to operate in a way that guarantees impunity for wrongdoers. That would make child protection nearly impossible in these environments.
ECPAT International also endorses the call to step up efforts in prevention and education, but we cannot allow this to shift the focus from what we know is happening and will continue to happen in online environments. The unknowns and vital questions must be addressed to ensure both our privacy and child safety online by speaking up so policy makers know what needs to be done in order to protect children in the digital space.
The more we speak about combating online child sex abuse means we can protect more children. We need your voice to help us!
Since we wrote this article, there have been inevitably developments in terms of EU law and policy that tackle child sexual exploitation and abuse. On 14 July 2021, the temporary derogation to the E-Privacy Directive was published in the official journal of the EU . This directive maintains the status quo for what concerns the proactive use of technology to detect CSAM by online service providers in the EU. The E-privacy Directive has a timeline of three years, and it is essential that longer-term legislation to tackle online child sexual abuse and exploitation is introduced by 13 July 2024.
For this reason, since 2021, ECPAT International is advocating, through Project Beacon, to ensure child protection from sexual abuse and exploitation within the European Digital Services Act that is going to be finalised between April and May 2022- Additionally, Project Beacon advocates for a more comprehensive EU Strategy for a more effective fight against child sexual abuse.
ECPAT continues to work in close partnership with organisations across the EU and globally to advocate for child protection in digital environments. This means leveraging and sharing collective expertise, networks, and voices. ECPAT believes that protecting children from exploitation and abuse online is both possible and essential, and will continue to fight for the best outcomes for children in all relevant EU and international processes.
 Regulation (EU) 2021/1232 on a temporary derogation from certain provisions of Directive 2002/58/EC as regards the use of technologies by providers of number-independent interpersonal communications services for the processing of personal and other data for the purpose of combating online child sexual abuse.
Why does it matter? Follow us on Twitter here to learn more and share your thoughts using the hashtag #ProjectBeacon.