How does new EU privacy law protect paedophiles?
Children’s charities say police won’t be able to access suspects’ PCS
One of the trickiest legal dilemmas brought about by the internet is how to protect individuals’ privacy without restricting the police’s ability to investigate crime. With the introduction of the EU’S eprivacy Regulation (EPR), some say the balance has swung too far in favour of the individual, potentially allowing paedophiles to evade arrest.
Central to their argument is how the EPR differs from the General Data Protection Regulation (GDPR), which came into force in May.
GDPR gives you more control over how companies use your data, but crucially allows authorities to override your right to privacy in three cases: where it is of vital importance to protect the interests of an individual; to comply with a legal obligation; or to perform a task that is carried out in the public interest.
These exemptions give police legal permission to access a person’s computer if they suspect them of committing a crime, such as downloading images of child abuse. However the EPR, which is meant to protect your private life (not just your data), has no exemptions, prohibiting police and tech companies from accessing a computer until its owner has given consent. As children’s charities have pointed out, paedophiles are unlikely to grant this.
“The purpose of the regulations are to stop the abuse and misuse of people’s data and privacy but the consequence is it potentially undermines what is being done to tackle child sexual abuse online,” a legal expert told the Telegraph.
John Carr, secretary of the Children’s Charities’ Coalition on Internet Safety - representing 11 of the biggest charities including Barnardo’s and the NSPCC - wrote to the European Commission (EC) to demand it alter the regulations, so they won’t give a hiding place for child abusers.
He said: “There ought to be no room for doubt or ambiguity on a matter of such fundamental importance to the protection of children. And yet there is.”
The Government has also expressed concern, telling the EC that “personal rights should not obstruct companies from protecting children who use socialmedia platforms”.
A spokesman said officials were discussing the law with other EU member states, amid reports they are working to force through an alternative that brings it in line with GDPR.
Tech companies have made significant progress in detecting images of abuse. One breakthrough was Microsoft’s Photodna system, which analyses a photo’s ‘digital signature’, comparing it to those known to depict illegal images.
Since 2015, Cambridgebased charity Internet Watch Foundation (IWF) has been working with Google,
Facebook, Microsoft and Twitter to track down millions of child-abuse images. Charities fear some of this good work will go to waste if the EPR prevents sites accessing people’s computers.
Online child abuse is a growing problem. In September the National Crime Agency said reports of child-abuse images in the UK rose by 700 per cent in the past five years, with 80,000 people in the UK posing a risk to children online.
As it stands, the EPR is due to become law at some point in 2019, so those opposed have time to fight it. The stakes are high because, as the IWF says, the dangers children face online “is changing and evolving”.
This was backed up last month by the NSPCC which said 10 per cent of kids aged seven to 16 had been asked to remove their clothes when streaming video live online. Faced by such risks, surely the rights of children trump those of a suspected paedophile.
Police won’t be able to scan a PC unless its owner grants consent – something paedophiles are unlikely to do