Monday, 3rd December 2018

Campaign groups say that proposed changes to European Union laws that govern internet privacy could make it more difficult to identify online child sexual abuse imagery, which in the long-term could hamper efforts to track offenders and identify and safeguard victims.

More than 30 child rights NGOs, including ECPAT UK, ECPAT International and eight ECPAT member groups want the wording of the draft Regulation on Privacy and Electronic Communications (e-Privacy Regulation) currently under consideration in Brussels, to be changed before it is adopted. In a letter to EU President Juncker, Vice President Ansip, and the Austrian Presidency of the EU, they warn that the new rules in their current form are likely to seriously endanger the safety and wellbeing of children. They argue that the proposed regulation will make it difficult for businesses to deploy software that detects this kind of material in online traffic - so it can be flagged and removed - and are asking EU ministers for a specific exemption so that this type of technology can still legally operate.

‘Technology such as Microsoft PhotoDNA and similar applications are currently used by businesses and network providers across the EU,” says Robbert van den Berg, Executive Director of ECPAT International. “These programmes enable businesses to locate child sexual abuse imagery on their systems so it can be reported to appropriate authorities, such as law enforcement, and deleted from servers. In the last few years, this technology has found and removed tens of millions of images, thwarting offenders and preventing the re-victimisation of children. The draft regulation threatens to withdraw the permissible use of this successful technology and further imperil the victims of this crime.’

Many EU businesses currently use PhotoDNA and similar software on a voluntary basis to rid their networks of child sexual abuse material. However, this will change if the new e-Privacy Regulation is adopted. The regulation is due to go before an EU ministerial meeting for discussion on the 3rd and 4th December. 

‘It is way beyond the capacity of law enforcement agencies to address the volumes now circulating online,” cautions the letter. “Police in all parts of the world have therefore repeatedly called on the private sector to do more to help, and they are committed to playing their role.  Deploying applications like PhotoDNA is exactly the kind of thing they have in mind. Yet the e-Privacy Regulation appears to threaten this wholly beneficial status quo.  We are at a loss to understand why the EU feels it is necessary to step-in and disrupt effective and established practices which self-evidently work so well.’

8.7 million images identified

In October Facebook indicated that in the third quarter of this year, PhotoDNA and comparable products helped it identify 8.7 million images that breached its child nudity policy and most of this content was removed before anyone even saw it. In the past, Google has also indicated that 99 percent of all the illegal content it removed from its services had first been identified using this technology. Similarly, the US based National Center for Missing and Exploited Children recently said it is on track to receive more than 20 million reports of illegal child sexual abuse images by the end of 2018, with the overwhelming majority of that imagery detected because of technology companies’ use of PhotoDNA. Indeed, PhotoDNA has helped or will help find some 99 percent of this material.

However, the use of PhotoDNA and similar software would be banned in the EU under the proposed new ePrivacy Regulation. If these new rules are passed, customers would have to be asked for ‘consent’ before certain types of information can be accessed by service providers – an unworkable prospect in the context of illegal child sexual abuse imagery. 

‘It is ridiculous to imagine that child sex offenders would be willing to give their consent to being monitored,” says John Carr, senior advisor to ECPAT International. “Adopting this regulation would be a huge gaffe for children’s rights. I’m sure the drafters did not intend to outlaw, reduce or limit the scope for companies to deploy these tools to identify child sexual abuse material. We need to put this right.’

Could affect all EU Member States

The proposed laws would affect all EU Member States unless they individually decide to derogate from the new rules, which ECPAT International says would inevitably lead to a patchwork of national laws.

‘This makes no sense at all when dealing with international platforms,’ says Carr. ‘The current arrangements are working well. They should leave them alone. I suspect that the current sloppy wording in the proposed regulation was written by someone who did not think it through. Any confusion surrounding the use of PhotoDNA and similar technology could be rapidly and easily cleared up.’

The regulation (the full name of which is: Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC”) is intended to apply to all businesses providing online communication services that use online tracking technologies, or that engage in electronic direct marketing. It would repeal a previous directive from 2002 and is meant to complement the recently passed General Data Protection Regulation.


Notes to editors

A word about words

When describing the sexual exploitation of children, irresponsible or ill-informed use of terminology can trivialise or sensationalise the issue, stigmatise victims and make it difficult to raise awareness or facilitate enlightened discourse.

For example, it is important to never use terms that can imply that a child has transactional agency or has provided some degree of consent. Children can never consent to sexual activities with an adult.

Below are some terms that are commonly used when describing the sexual exploitation of children, but that it is better to avoid, or use with caution:

  • ‘Child pornography’ - It is better to use the term ‘(online) child sexual abuse material/images’
  • ‘Child prostitute’ - It is better to use the term ‘child trafficked for sexual exploitation,’
  • ‘Child sex tourism’ - It is better to use the term ‘sexual exploitation of children in/through travel and tourism’
  • ‘Child sex tourist’ - It is better to use the term ‘travelling child sex offender’ or ‘transnational child sex offender’

Please never use terms that trivialise the sexual assault of children, such as ‘kiddie porn’, ‘child porn’, ‘kiddie fiddler’, or ‘paedo’. (Note that a paedophile is a person with a specific disorder who has a sustained sexual interest in pre-pubescent children. Not all child sex offenders have a paedophilic disorder and not all those with a paedophilic disorder are child sex offenders.)

For more information, consult the Terminology Guidelines for the Protection of Children from Sexual Exploitation and Sexual Abuse.


Every Child Protected Against Trafficking (ECPAT UK) is a leading children’s rights charity working to protect children from trafficking and transnational exploitation. We support children everywhere to live a life free from abuse and modern slavery. ECPAT UK is the UK member of ECPAT International, a global network of 104 organisations in 93 countries dedicated to ending the sexual exploitation of children. 

Press contacts

Sinead Geoghegan, Communications and Media Officer, [email protected], 0203 903 4628