203 Amendments of Tiemo WÖLKEN related to 2022/0155(COD)
Amendment 285 #
Proposal for a regulation
Recital 1 a (new)
Recital 1 a (new)
(1a) When using artificial intelligence algorithms on images, it is well documented that bias and discrimination can occur due to the lack of representativeness of certain population groups in the data used to train the algorithm. These biases should be identified, measured and eradicated in order for the detection systems to be truly profitable to society as a whole.
Amendment 287 #
Proposal for a regulation
Recital 1 b (new)
Recital 1 b (new)
(1b) The use of end-to-end encryption should be promoted and, where necessary, be mandatory in accordance with the principles of security and privacy by design. Member States should not impose any obligation on encryption providers, on providers of relevant information society services or on any other organisations with regard to any level of the supply chain that would result in the weakening of the security of their networks and services, such as bypassing authentication and accessing encrypted data or creating deliberate weaknesses by providers to allow for access to encrypted data.
Amendment 288 #
Proposal for a regulation
Recital 1 c (new)
Recital 1 c (new)
(1c) End-to-end encryption is an important tool to guarantee the security and confidentiality of communications of users, including those of children. Any weakening of encryption could potentially be abused by malicious third parties. Nothing in this Regulation should therefore be interpreted as prohibiting or weakening end-to-end encryption.
Amendment 399 #
Proposal for a regulation
Recital 27 a (new)
Recital 27 a (new)
(27a) The Commission shall ensure in the draft general budget of the Union that the European Data Protection Board and European Data Protection Supervisor are provided with sufficient human, technical and financial resources, premises and infrastructure necessary for the effective performance of its tasks and exercise of its powers pursuant to this Regulation.
Amendment 446 #
Proposal for a regulation
Recital 55
Recital 55
(55) It is essential for the proper functioning of the system of mandatory detection and blocking of onlineof child sexual abuse set up by this Regulation that the EU Centre receives, via the Coordinating Authorities, material identified as constituting child sexual abuse material or transcripts of conversations identified as constituting the solicitation of children, such as may have been found for example during criminal investigations, so that that material or conversations can serve as an accurate and reliable basis for the EU Centre to generate indicators of such abuses. In order to achieve that result, the identification should be made after a diligent assessment, conducted in the context of a procedure that guarantees a fair and objective outcome, either by the Coordinating Authorities themselves or by a court or another independent administrative authority than the Coordinating Authority. Whilst the swift assessment, identification and submission of such material is important also in other contexts, it is crucial in connection to new child sexual abuse material and the solicitation of children reported under this Regulation, considering that this material can lead to the identification of ongoing or imminent abuse and the rescuing of victims. Therefore, specific time limits should be set in connection to such reporting.
Amendment 450 #
Proposal for a regulation
Recital 56
Recital 56
(56) With a view to ensuring that the indicators generated by the EU Centre for the purpose of detection are as complete as possible, the submission of relevant material and transcripts should be done proactively by the Coordinating Authorities. However, the EU Centre should also be allowed to bring certain material or conversations to the attention of the Coordinating Authorities for those purposes.
Amendment 503 #
Proposal for a regulation
Article 1 – paragraph 1 – subparagraph 2 – point b
Article 1 – paragraph 1 – subparagraph 2 – point b
(b) obligations on providers of hosting services and providers of number- independent interpersonal communication services to detect and report online child sexual abuse;
Amendment 507 #
Proposal for a regulation
Article 1 – paragraph 1 – subparagraph 2 – point c
Article 1 – paragraph 1 – subparagraph 2 – point c
(c) obligations on providers of hosting services to remove or disable access to child sexual abuse material on their services;
Amendment 513 #
Proposal for a regulation
Article 1 – paragraph 1 – subparagraph 2 – point d
Article 1 – paragraph 1 – subparagraph 2 – point d
Amendment 526 #
Proposal for a regulation
Article 1 – paragraph 3 – point d
Article 1 – paragraph 3 – point d
(d) Regulation (EU) 2016/679, Directive 2016/680, Regulation (EU) 2018/1725, and, subject to paragraph 4 of this Article, Directive 2002/58/EC.
Amendment 532 #
Proposal for a regulation
Article 1 – paragraph 3 a (new)
Article 1 – paragraph 3 a (new)
3a. This Regulation shall not prohibit, weaken or undermine end-to-end encryption, prohibit providers of information society services from providing their services applying end-to- end encryption, or be interpreted in that way.
Amendment 534 #
Proposal for a regulation
Article 1 – paragraph 3 b (new)
Article 1 – paragraph 3 b (new)
3b. This Regulation shall not undermine the prohibition of general monitoring under Union law or introduce general data retention obligations, or be interpreted in that way.
Amendment 538 #
Proposal for a regulation
Article 1 – paragraph 4
Article 1 – paragraph 4
4. This Regulation limits the exercise of the rights and obligations provided for in 5(1) and (3) and Article 6(1) of Directive 2002/58/EC with the sole objective of enabling providers of number- independent interpersonal communications services, without prejudice to Regulation (EU) 2016/679, to use specific technologies for the processing of personal data to the extent strictly necessary to detect and report child sexual abuse material and remove child sexual abuse material on their services insofar as necessary for the execution of the detection orderwarrants issued in accordance with Section 2 of Chapter 1 of this Regulation.
Amendment 541 #
Proposal for a regulation
Article 1 – paragraph 4 a (new)
Article 1 – paragraph 4 a (new)
4a. This Regulation does not apply to audio communications.
Amendment 543 #
Proposal for a regulation
Article 1 – paragraph 4 b (new)
Article 1 – paragraph 4 b (new)
4b. This Regulation does not apply to text communications.
Amendment 546 #
Proposal for a regulation
Article 2 – paragraph 1 – point b
Article 2 – paragraph 1 – point b
(b) ‘interpersonal communications service’ means a publicly available service as defined in Article 2, point 5, of Directive (EU) 2018/1972, including services which enable direct interpersonal and interactive exchange of information merely as a minor ancillary feature that is intrinsically linked to another service;
Amendment 551 #
Proposal for a regulation
Article 2 – paragraph 1 – point d
Article 2 – paragraph 1 – point d
Amendment 559 #
Proposal for a regulation
Article 2 – paragraph 1 – point f – point ii
Article 2 – paragraph 1 – point f – point ii
(ii) an number-independent interpersonal communications service;
Amendment 564 #
Proposal for a regulation
Article 2 – paragraph 1 – point f – point iii
Article 2 – paragraph 1 – point f – point iii
Amendment 578 #
Proposal for a regulation
Article 2 – paragraph 1 – point j
Article 2 – paragraph 1 – point j
Amendment 587 #
Proposal for a regulation
Article 2 – paragraph 1 – point n
Article 2 – paragraph 1 – point n
Amendment 600 #
Proposal for a regulation
Article 2 – paragraph 1 – point s
Article 2 – paragraph 1 – point s
(s) ‘content data’ means data as defined in Article 2, point 10, of Regulation (EU) … [on European Production and Preservation Orders for electronic evidence in criminal matters (…/… e-evidence Regulation)]videos and images in a digital format;
Amendment 608 #
Proposal for a regulation
Article -3 (new)
Article -3 (new)
Article-3 Protection of fundamental human rights and confidentiality in communications 1. Nothing in this Regulation shall prohibit, weaken or undermine end-to-end encryption, prohibit providers of information society services from providing their services applying end-to- end encryption or be interpreted in that way. 2. Nothing in this Regulation shall undermine the prohibition of general monitoring under Union law or introduce general data retention obligations.
Amendment 609 #
Proposal for a regulation
Article 3 – paragraph 1
Article 3 – paragraph 1
1. Providers of hosting services and providers of number-independent interpersonal communications services shall identify, analyse and assess, for each such service that they offer, the risk ofany significant systemic residual serious risks stemming from the functioning and use of their service for the purpose of online child sexual abuses in the Union that their services are being used to disseminate or exchange child sexual abuse material. This is without prejudice to the prohibition on general monitoring nor generalised data retention, and should not be understood as an obligation on providers of relevant information society services to break, weaken or undermine end-to-end encryption or to take other steps that compromise the security, integrity and confidentiality of communications.
Amendment 620 #
Proposal for a regulation
Article 3 – paragraph 2 – point a
Article 3 – paragraph 2 – point a
(a) any previouslythe significant, systemic, serious risks and identified instances of use of its services for the purpose of online child sexual abuse;
Amendment 635 #
Proposal for a regulation
Article 3 – paragraph 2 – point b – indent 3
Article 3 – paragraph 2 – point b – indent 3
Amendment 644 #
Proposal for a regulation
Article 3 – paragraph 2 – point b – indent 4
Article 3 – paragraph 2 – point b – indent 4
– functionalities enabling users to flag online child sexual abuse to the provider through tools that are easily recognisable, accessible and age- appropriate, child- and user-friendly, including anonymous user-reporting channels;
Amendment 648 #
Proposal for a regulation
Article 3 – paragraph 2 – point b – indent 4 a (new)
Article 3 – paragraph 2 – point b – indent 4 a (new)
- systems and mechanisms that provide child- and user-friendly ressources to ensure that children can seek help swiftly, including information on how to contact national child protection organisations or national law enforcement
Amendment 655 #
Amendment 658 #
Proposal for a regulation
Article 3 – paragraph 2 – point d
Article 3 – paragraph 2 – point d
(d) the manner in which the provider designed and operates the service, including the business model, governance and relevant systems and processes, and the impact thereof on that risk. This is without prejudice to the prohibition on general monitoring nor generalised data retention, and should not be understood as an obligation on providers of relevant information society services to break, weaken or undermine end-to-end encryption or to take other steps that compromise the security, integrity and confidentiality of communications;
Amendment 663 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – introductory part
Article 3 – paragraph 2 – point e – introductory part
(e) with respect to the risk of solicitationrights of children:
Amendment 666 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – point i
Article 3 – paragraph 2 – point e – point i
(i) the extent to which the service is used or is likely to be used bydirectly targeting children;
Amendment 668 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – point ii
Article 3 – paragraph 2 – point e – point ii
Amendment 673 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – point iii – introductory part
Article 3 – paragraph 2 – point e – point iii – introductory part
(iii) the availability of functionalities creating or reinforcing the risk of solicitationsignificant, systemic, serious risk of rights of children, including the following functionalities:
Amendment 677 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – point iii – indent 1
Article 3 – paragraph 2 – point e – point iii – indent 1
– enabling users to search for other users and, in particular, for adult users to search for child userson services directly targeting children;
Amendment 682 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – point iii – indent 2
Article 3 – paragraph 2 – point e – point iii – indent 2
– enabling users to establish unsolicited contact with other users directly, in particular through private communications; on services directly targeting children,
Amendment 685 #
Proposal for a regulation
Article 3 – paragraph 2 – point e – point iii – indent 3
Article 3 – paragraph 2 – point e – point iii – indent 3
– enabling users to share images or videos with other users, in particular through private communications. on services directly targeting children
Amendment 712 #
Proposal for a regulation
Article 3 – paragraph 5
Article 3 – paragraph 5
Amendment 720 #
Proposal for a regulation
Article 3 – paragraph 6
Article 3 – paragraph 6
6. The Commission, in cooperation with Coordinating Authorities, European Data Protection Board, Fundamental Rights Agency and the EU Centre and after having conducted a public consultation, may issue guidelines on the application of paragraphs 1 to 5, having due regard in particular to relevant technological developments and to the manners in which the services covered by those provisions are offered and used.
Amendment 722 #
Proposal for a regulation
Article 3 a (new)
Article 3 a (new)
Amendment 723 #
Proposal for a regulation
Article 4 – title
Article 4 – title
Risk mitigation and safety by design
Amendment 728 #
Proposal for a regulation
Article 4 – paragraph 1 – introductory part
Article 4 – paragraph 1 – introductory part
1. Providers of hosting services and providers of number-independent interpersonal communications services shall take reasonable mitigation measures, tailored to the significant, systemic, serious risk identified pursuant to Article 3, to minimise that risk. Such targeted measures shall include some or all of the following, where applicable and technically feasible without being detrimental to the technical integrity or operating model of the provider, nor the security, integrity and confidentiality of communications:
Amendment 761 #
Proposal for a regulation
Article 4 – paragraph 1 – point c
Article 4 – paragraph 1 – point c
(c) initiating or adjusting cooperation, in accordance with competition law, with other providers of hosting services or providers of number-independent interpersonal communication services, public authorities, civil society organisations or, where applicable, entities awarded the status of trusted flaggers in accordance with Article 19 of Regulation (EU) …/… [on a Single Market For Digital Services (Digital Services Act) and amending Directive 2000/31/EC] .
Amendment 768 #
Proposal for a regulation
Article 4 – paragraph 1 – point c a (new)
Article 4 – paragraph 1 – point c a (new)
(ca) adapting the design, features and functions of their services in order to ensure a high level of privacy, safety, and security and data protection by design and by default
Amendment 783 #
Proposal for a regulation
Article 4 – paragraph 2 – point a
Article 4 – paragraph 2 – point a
(a) effective in mitigating the identified significant, systemic, and serious risk;
Amendment 785 #
Proposal for a regulation
Article 4 – paragraph 2 – point b
Article 4 – paragraph 2 – point b
(b) targeted and proportionate in relation to that risk, taking into account, in particular, the seriousness of the risk, ensuring that the interference with the fundamental right to privacy and the other rights laid down in the Charter is limited to what is strictly necessary as well as the provider’s financial and technological capabilities and the number of users;
Amendment 793 #
(c) applied in a diligent and non- discriminatory manner, having due regard with full respect, in all circumstances, to the potential consequences of the mitigation measures for the exercise of fundamental rights of all parties affected ;
Amendment 803 #
Proposal for a regulation
Article 4 – paragraph 3
Article 4 – paragraph 3
Amendment 816 #
Proposal for a regulation
Article 4 – paragraph 4
Article 4 – paragraph 4
4. Providers of hosting services and providers of number-independent interpersonal communications services shall clearly describe in their terms and conditions the mitigation measures that they have taken. That description shall not include information that may reduce the effectiveness of the mitigation measures.
Amendment 818 #
Proposal for a regulation
Article 4 – paragraph 5
Article 4 – paragraph 5
5. The Commission, in cooperation with Coordinating Authorities, European Data Protection Board, Fundamental Rights Agency and the EU Centre and after having conducted a public consultation, may issue guidelines on the application of paragraphs 1, 2, 3 and 4, having due regard in particular to relevant technological developments and in the manners in which the services covered by those provisions are offered and used. The European Data Protection Board shall also issue guidelines regarding the compliance with the General Data Protection Regulation of existing and future technologies that are used for the detection of child sexual abuse material in encrypted and non-encrypted environments.Data Protection authorities shall be in charge of the supervision of the application of those guidelines.With respect to any specific technology used for the purpose set out in Article 7, a mandatory prior data protection impact assessment as referred to in Article 35 of Regulation (EU) 2016/679 and a mandatory prior consultation procedure as referred to in Article 36 of that Regulation must be conducted.The competent authorties shall assess any technologies in use or that shall be used to detect child sexual abuse material in light of Regulation (EU) 2016/679 and Directive 2002/58/EC. The European Commission, along with the European Data Protection Board, Fundamental Rights Agency shall issue guidelines on how providers may implement age verification and age assessment measures with full respect for the Charter of Fundamental Rights and the General Data Protection Regulation.
Amendment 833 #
Proposal for a regulation
Article 5 – paragraph 1 – introductory part
Article 5 – paragraph 1 – introductory part
1. Providers of hosting services and providers of number-independent interpersonal communications services shall transmit, by three months from the date referred to in Article 3(4), to the Coordinating Authority of establishment a report specifying the following:
Amendment 836 #
Proposal for a regulation
Article 5 – paragraph 1 – point a
Article 5 – paragraph 1 – point a
(a) the process and the results of the risk assessment conducted or updated pursuant to Article 3, including the assessment of any potential remaining risk referred to in Article 3(5);
Amendment 847 #
Proposal for a regulation
Article 5 – paragraph 6
Article 5 – paragraph 6
Amendment 857 #
Proposal for a regulation
Article 6
Article 6
Amendment 884 #
Proposal for a regulation
Article 7 – title
Article 7 – title
7 Issuance of detection orderwarrants
Amendment 887 #
1. The Coordinating Authority of establishment shall have the power to request the competent judicial authority of the Member State that designated it or another independent administrative authority of that Member Stateto consider whether to issue a detection warrant order requiring a provider of hosting services or a provider of number- independent interpersonal communications services under the jurisdiction of that Member State to take the measures specified in Article 10 to detect online child sexual abuse on amaterial linked to specific terminal equipments or specific uservice accounts where there is reasonable suspicion that such content is in that user account or on that terminal equipment.
Amendment 901 #
Proposal for a regulation
Article 7 – paragraph 2 – subparagraph 1
Article 7 – paragraph 2 – subparagraph 1
The Coordinating Authority of establishment shall, before requesting the issuance of a detection orderwarrant, carry out the investigations and assessments necessary to determine whether the conditions of paragraph 4 have been met.
Amendment 909 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 1 – point a
Article 7 – paragraph 3 – subparagraph 1 – point a
(a) establish a draft request to the competent judicial authority of the Member State that designated it for the issuance of a detection orderwarrant, specifying the main elements of the content of the detection orderwarrant it intends to request and the reasons for requesting it;
Amendment 914 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 1 – point b
Article 7 – paragraph 3 – subparagraph 1 – point b
(b) submit the draft request to the provider and the EU Centre; supervisory authorities designated pursuant to Chapter VI, Section 1, of Regulation (EU) 2016/678 and request it to perform its tasks within the competence pursuant to Chapter VI, Section 2 of Regulation (EU) 2016/678 and provide its opinion on the draft request, within a reasonable time period set by that Coordinating Authority;
Amendment 915 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 1 – point c
Article 7 – paragraph 3 – subparagraph 1 – point c
Amendment 919 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 1 – point d
Article 7 – paragraph 3 – subparagraph 1 – point d
Amendment 926 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 2 – introductory part
Article 7 – paragraph 3 – subparagraph 2 – introductory part
Where, having regard to the comments of the provider and the opinion of the EU Centrecomepetent supervisory authorities designated pursuant to Chapter VI, Section 1, of Regulation (EU) 2016/678 to, that Coordinating Authority continues to be of the view that the conditions of paragraph 4 have met, it shall re-submit the draft request, adjusted where appropriate, to the provider. In that case, the provider shall do all of the following, within a reasonable time period set by that Coordinating Authority and shall:
Amendment 930 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 2 – point a
Article 7 – paragraph 3 – subparagraph 2 – point a
(a) draft an implementation plan setting out the measures it envisages taking to execute the intended detection orderwarrant, including detailed information regarding the envisaged technologies and safeguards;
Amendment 932 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 2 – point b
Article 7 – paragraph 3 – subparagraph 2 – point b
(b) where the draft implementation plan concerns an intended detection order concerning the solicitation of children other than the renewal of a previously issued detection order without any substantive changes, conducrequest a data protection impact assessment and a prior consultation procedure as referred to in Articles 35 and 36 of Regulation (EU) 2016/679, respectively, in relation to the measures set out in the implementation plan;
Amendment 937 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 2 – point c
Article 7 – paragraph 3 – subparagraph 2 – point c
(c) where point (b) applies, or where the conditions of Articles 35 and 36 of Regulation (EU) 2016/679 are met, adjust the draft implementation plan, where necessary in view of the outcome of the data protection impact assessment and in order to take into account the opinion of the data protection authority provided in response to the prior consultation;
Amendment 941 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 2 – point d
Article 7 – paragraph 3 – subparagraph 2 – point d
(d) submit to that Coordinating Authoritycompetent judicial authority of the Member State that designated it the implementation plan, where applicable attaching the opinion of the competent data protection authority and specifying how the implementation plan has been adjusted in view of the outcome of the data protection impact assessment and of that opinion.
Amendment 945 #
Proposal for a regulation
Article 7 – paragraph 3 – subparagraph 3
Article 7 – paragraph 3 – subparagraph 3
Where, having regard to the implementation plan of the provider and the opinion of the data protection authority, that Coordinating Authority continues to be of the view that the conditions of paragraph 4 have met, it shall submit the request for the issuance of the detection, adjusted where appropriate, to the competent judicial authority or independent administrative authority. It shall attach the implementation plan of the provider and the opinions of the EU Centre and the data protection authority to that request.
Amendment 952 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 1 – introductory part
Article 7 – paragraph 4 – subparagraph 1 – introductory part
The Coordinating Authority of establishment shall request the issuance of the detection orderwarrant, and the competent judicial authority or independent administrative authority shall issue the detection orderwarrant where it considers that the following conditions are met:
Amendment 960 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 1 – point a
Article 7 – paragraph 4 – subparagraph 1 – point a
(a) there is evidence of a significant risk of the servicsubstantive evidence amounting to reasonable suspicion that individual accounts or groups of accounts are being used for the purpose of online child sexual abuse online, within the meaning of paragraphs 5, 6 and 7, as applicable;
Amendment 966 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 1 – point b
Article 7 – paragraph 4 – subparagraph 1 – point b
(b) the reasons for issuing the detection orderwarrant outweigh negative consequences for the rights and legitimate interests of all parties affected, having regard in particular to the need to ensure a fair balance between the fundamental rights of those parties.
Amendment 979 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 2 – point a a (new)
Article 7 – paragraph 4 – subparagraph 2 – point a a (new)
(aa) whether or not the prosecution or judge would have sufficient information to issue the warrant with instructions describing the specific purpose and scope regarding the envisaged technologies to execute the warrant, including the basis upon which the individuals concerned are suspects within the meaning of Union or national law;
Amendment 981 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 2 – point b
Article 7 – paragraph 4 – subparagraph 2 – point b
(b) any additional information obtained pursuant to paragraph 2 or any other relevant information available to it, in particular regarding the use, design and operation of the service, regarding the provider’s financial and technological capabilities and size and regarding the potential consequences of the measures to be taken to execute the detection orderwarrant for all other parties affected;
Amendment 982 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 2 – point c
Article 7 – paragraph 4 – subparagraph 2 – point c
Amendment 987 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 2 – point d
Article 7 – paragraph 4 – subparagraph 2 – point d
(d) the opinions of the EU Centre and of the data protection authority submitted in accordance with paragraph 3.
Amendment 990 #
Proposal for a regulation
Article 7 – paragraph 4 – subparagraph 3
Article 7 – paragraph 4 – subparagraph 3
As regards the second subparagraph, point (d), where that Coordinating Authority substantially deviates from the opinion of the EU Centre, it shall inform the EU Centre and the Commissionthe data protection authority, it shall inform the data protection authority thereof, specifying the points at which it deviated and the main reasons for the deviation.
Amendment 993 #
Proposal for a regulation
Article 7 – paragraph 5
Article 7 – paragraph 5
Amendment 1001 #
Proposal for a regulation
Article 7 – paragraph 6
Article 7 – paragraph 6
Amendment 1012 #
Proposal for a regulation
Article 7 – paragraph 7 – subparagraph 1
Article 7 – paragraph 7 – subparagraph 1
Amendment 1022 #
Proposal for a regulation
Article 7 – paragraph 8 – subparagraph 1
Article 7 – paragraph 8 – subparagraph 1
The Coordinating Authority of establishment when requesting the issuance of detection orderswarrant, and the competent judicial or independent administrative authority when issuing the detection orderwarrant, shall target and specify it in such a manner that the negative consequences referred to in paragraph 4, first subparagraph, point (b), remain limited to what is strictly necessary to effectively address the significant riskreasonable suspicion referred to in point (a) thereof.
Amendment 1026 #
Proposal for a regulation
Article 7 – paragraph 8 – subparagraph 2
Article 7 – paragraph 8 – subparagraph 2
To that aim, they shall take into account all relevant parameters, including the technical feasibility, availability of sufficiently reliable detection technologies in that they limit to the maximum extent possible the rate of errors regarding the detection and their suitability and effectiveness for achieving the objectives of this Regulation, as well as the impact of the measures on the rights of the users affectedincluding their likelihood to inaccurately detect lawful speech as illegal content, as well as the impact of the measures on the rights of the users affected and on the security, integrity and confidentiality of their communications, and require the taking of the least intrusive measures, in accordance with Article 10, from among several equally effective measures.
Amendment 1029 #
Proposal for a regulation
Article 7 – paragraph 8 – subparagraph 3
Article 7 – paragraph 8 – subparagraph 3
Amendment 1041 #
Proposal for a regulation
Article 7 – paragraph 9 – subparagraph 2
Article 7 – paragraph 9 – subparagraph 2
The start date shall be set taking into account the time reasonably required for the provider to take the necessary measures to prepare the execution of the detection orderwarrant. It shall not be earlier than three months from the date at which the provider received the detection order and not be later than 12 months from that date.
Amendment 1045 #
Proposal for a regulation
Article 7 – paragraph 9 – subparagraph 3
Article 7 – paragraph 9 – subparagraph 3
The period of application of detection orderwarrants concerning the dissemination of known or new child sexual abuse material shall not exceed 24 months and that of detection orders concerning the solicitation of children shall not exceed 126 months.
Amendment 1048 #
Proposal for a regulation
Article 7 – paragraph 9 a (new)
Article 7 – paragraph 9 a (new)
9a. The competent supervisory authorities designated pursuant to Chapter VI, Section 1, of Regulation (EU) 2016/678 shall have the right to challenge a detection warrant within the competence pursuant to Chapter VI, Section 2 of Regulation (EU) 2016/678 before the competent judicial authority that issued the detection warrant.
Amendment 1055 #
Proposal for a regulation
Article 8 – title
Article 8 – title
Additional rules regarding detection orderwarrants
Amendment 1060 #
Proposal for a regulation
Article 8 – paragraph 1 – introductory part
Article 8 – paragraph 1 – introductory part
1. The competent judicial authority or independent administrative authority shall issue the detection orderwarrants referred to in Article 7 using the template set out in Annex I. Detection orderwarrants shall include:
Amendment 1071 #
Proposal for a regulation
Article 8 – paragraph 1 – point e
Article 8 – paragraph 1 – point e
Amendment 1133 #
Proposal for a regulation
Article 10 – paragraph 1
Article 10 – paragraph 1
1. Providers of hosting services and providers of number-independent interpersonal communication services that have received a detection orderwarrant shall execute it by installing and operating technologies to detect the dissemination of known or new child sexual abuse material or the solicitation of children, as applicable, using the corresponding indicators provided by the EU Centre in accordance with Article 46.
Amendment 1140 #
Proposal for a regulation
Article 10 – paragraph 2
Article 10 – paragraph 2
2. The provider shall be entitled to acquire, install and operate, free of charge, technologies made available by the EU Centre in accordance with Article 50(1), for the sole purpose of executing the detection orderwarrant. The provider shall not be required to use any specific technology, including those made available by the EU Centre, as long as the requirements set out in this Article are met. The use of the technologies made available by the EU Centre shall not affect the responsibility of the provider to comply with those requirements and for any decisions it may take in connection to or as a result of the use of the technologies.
Amendment 1144 #
Proposal for a regulation
Article 10 – paragraph 3 – point a
Article 10 – paragraph 3 – point a
(a) effective in detecting the dissemination of known or new child sexual abuse material or the solicitation of children, as applicable;
Amendment 1148 #
Proposal for a regulation
Article 10 – paragraph 3 – point b
Article 10 – paragraph 3 – point b
(b) not be able to extract any other information from the relevant communications than the information strictly necessary to detect, using the indicators referred to in paragraph 1, patterns pointing to the dissemination of known or new child sexual abuse material or the solicitation of children, as applicable;
Amendment 1159 #
Proposal for a regulation
Article 10 – paragraph 3 – point d a (new)
Article 10 – paragraph 3 – point d a (new)
(da) ensure that the interference with the fundamental right to privacy and the other rights laid down in the Charter is limited to what is strictly necessary
Amendment 1170 #
Proposal for a regulation
Article 10 – paragraph 4 – point a
Article 10 – paragraph 4 – point a
(a) request, in respect of any specific technology used for the purpose set out in this Article, a mandatory prior data protection impact assessment as referred to in Article 35 of Regulation (EU) 2016/679, and request a mandatory prior consultation procedure as referred to in Article 36 of that Regulation have been conducted and take all the necessary measures to ensure that the technologies and indicators, as well as the processing of personal data and other data in connection thereto, are used for the sole purpose of detecting the dissemination of known or new child sexual abuse material or the solicitation of children, as applicable, insofar as strictly necessary to execute the detection orderwarrants addressed to them;
Amendment 1174 #
Proposal for a regulation
Article 10 – paragraph 4 – point a a (new)
Article 10 – paragraph 4 – point a a (new)
(aa) ensure privacy by design and safety-by-design and by default and, where applicable, the protection of encryption.
Amendment 1176 #
Proposal for a regulation
Article 10 – paragraph 4 – point b
Article 10 – paragraph 4 – point b
(b) establish effective internal procedures to prevent and, where necessary, detect and remedy any misuse of the technologies, indicators and personal data and other data referred to in point (a), including unauthorizsed access to, and unauthorised transfers of, such personal data and other data;
Amendment 1180 #
Proposal for a regulation
Article 10 – paragraph 4 – point c
Article 10 – paragraph 4 – point c
(c) ensure regular human oversight as necessaryt any moment to ensure that the technologies operate in a sufficiently reliable manner and, where necessary, in particular when potential errors and potential solicitation of children are detected, immediate human intervention;
Amendment 1182 #
Proposal for a regulation
Article 10 – paragraph 4 – point d
Article 10 – paragraph 4 – point d
(d) establish and operate an accessible, age-appropriate and user- and child- friendly mechanism that allows users to submit to it, within a reasonable timeframe, complaints about alleged infringements of its obligations under this Section, as well as any decisions that the provider may have taken in relation to the use of the technologies, including the removal or disabling of access to material provided by users, blocking the users’ accounts or suspending or terminating the provision of the service to the users, and process such complaints in an objective, effective and timely manner ;
Amendment 1185 #
Proposal for a regulation
Article 10 – paragraph 4 – point e
Article 10 – paragraph 4 – point e
(e) inform the Coordinating Authority and Data Protection Authorities, at the latest one month before the start date specified in the detection order, on the implementation of the envisaged measures set out in the implementation plan referred to in Article 7(3);
Amendment 1193 #
Proposal for a regulation
Article 10 – paragraph 5 – subparagraph 1 – point a
Article 10 – paragraph 5 – subparagraph 1 – point a
(a) the fact that it operates technologies to detect online child sexual abuse material to execute the detection order, the ways in which it operates those technologies and the impact onon the users’ fundamental rights to private and family life, including the confidentiality of users’ communications; and the protection of personal data;
Amendment 1198 #
Proposal for a regulation
Article 10 – paragraph 5 – subparagraph 1 – point c
Article 10 – paragraph 5 – subparagraph 1 – point c
(c) the users’ right of judicial redress referred to in Article 9(1) and their rights to submit complaints to the provider through the mechanism referred to in paragraph 4, point (d) and to the Data Protection Authority and Coordinating Authority in accordance with Article 34.
Amendment 1203 #
Proposal for a regulation
Article 10 – paragraph 6
Article 10 – paragraph 6
6. Where a provider detects potential online child sexual abuse material through the measures taken to execute the detection order, it shall inform the users concerned without undue delay, after Europol or the national law enforcement authority of a Member State that received the report pursuant to Article 48 has confirmed that the information to the users would not interfere with activities for the prevention, detection, investigation and prosecution of child sexual abuse offences.
Amendment 1209 #
Proposal for a regulation
Article 11 – paragraph 1
Article 11 – paragraph 1
The Commission, in cooperation with the European Data Protection Board, Fundamental Rights Agency, Coordinating Authorities and the EU Centre and after having conducted a public consultation, mayshall issue guidelines on the application of Articles 7 to 10, having due regard in particular to relevant technological developments, ensuring that the interference with the fundamental right to privacy and the other rights laid down in the Charter is limited to what is strictly necessary and the manners in which the services covered by those provisions are offered and used.
Amendment 1217 #
Proposal for a regulation
Article 12 – paragraph 1
Article 12 – paragraph 1
1. Where a provider of hosting services or a provider of number- independent interpersonal communications services becomes aware in any manner other than through a removal order issued in accordance with this Regulation of any information indicating potential online child sexual abuse material on its services, it shall promptly submit a report thereon to the EU Centre in accordance with Article 13. It shall do so through the system established in accordance with Article 39(2).
Amendment 1221 #
Proposal for a regulation
Article 12 – paragraph 2 – subparagraph 1
Article 12 – paragraph 2 – subparagraph 1
Where the provider submits a report pursuant to paragraph 1, it shall inform the user concerned, providing information on the main content of the report, on the manner in which the provider has become aware of the potential child sexual abuse concerned, on the follow-up given to the report insofar as such information is available to the provider and on the user’s possibilities of redress, including on the right to submit complaints to the Data Protection Authority and Coordinating Authority in accordance with Article 34.
Amendment 1224 #
Proposal for a regulation
Article 12 – paragraph 2 – subparagraph 2
Article 12 – paragraph 2 – subparagraph 2
The provider shall inform the user concerned without undue delay, either after having received a communication from the EU Centre indicating that it considers the report to be manifestly unfounded as referred to in Article 48(2), or after the expiry of a time period of three months from the date of the report without having received a communication from the EU Centre indicating that the information is not to be provided as referred to in Article 48(6), point (a), whichever occurs first.
Amendment 1232 #
Proposal for a regulation
Article 12 – paragraph 3
Article 12 – paragraph 3
3. The provider shall establish and operate an accessible, age-appropriate and child- and user-friendly mechanism that allows users to flag to the provider potential online child sexual abuse on the service.
Amendment 1237 #
Proposal for a regulation
Article 13 – paragraph 1 – introductory part
Article 13 – paragraph 1 – introductory part
1. Providers of hosting services and providers of number-independent interpersonal communications services shall submit the report referred to in Article 12 using the template set out in Annex III. The report shall include:
Amendment 1238 #
Proposal for a regulation
Article 13 – paragraph 1 – point a a (new)
Article 13 – paragraph 1 – point a a (new)
(aa) where applicable, an exact uniform resource locator and, where necessary, additional information for the identification of the child sexual abuse material
Amendment 1239 #
Proposal for a regulation
Article 13 – paragraph 1 – point a b (new)
Article 13 – paragraph 1 – point a b (new)
(ab) the specific technology that enabled the provider to become aware of the potential online child sexual abuse;
Amendment 1241 #
Proposal for a regulation
Article 13 – paragraph 1 – point c
Article 13 – paragraph 1 – point c
(c) allthe relevant content data, including images, videos and text;
Amendment 1245 #
Proposal for a regulation
Article 13 – paragraph 1 – point d
Article 13 – paragraph 1 – point d
Amendment 1254 #
Proposal for a regulation
Article 13 – paragraph 1 – point f
Article 13 – paragraph 1 – point f
Amendment 1272 #
Proposal for a regulation
Article 14 – paragraph 2
Article 14 – paragraph 2
2. The provider shall execute the removal order as soon as possible and in any event within 24 hours of receipt thereof. For micro, small and medium enterprises, including open source providers, the removal order shall allow additional time, proportionate to the size and the resources of the provider.
Amendment 1296 #
Amendment 1311 #
Proposal for a regulation
Article 17
Article 17
Amendment 1323 #
Proposal for a regulation
Article 18
Article 18
Amendment 1329 #
Proposal for a regulation
Article 19 – paragraph 1
Article 19 – paragraph 1
Providers of relevant information society services shall not be liable for child sexual abuse offences solely because they carry out, in good faith, the necessary activities to comply with the requirements of this Regulation, in particular activities aimed at detecting, identifying, removing, disabling of access to, blocking or reporting online child sexual abuse in accordance with those requirements.
Amendment 1366 #
Proposal for a regulation
Article 21 – paragraph 2 – subparagraph 1
Article 21 – paragraph 2 – subparagraph 1
Persons residing in the Union shall have the right to receive, upon their request, from the Coordinating Authority designated by the Member State where the person resides, support from the EU Centre when they seek to have a provider of hosting services remove or disable access to one or more specific items of known child sexual abuse material depicting them. Persons with disabilities shall have the right to ask and receive any information relating to such support in a manner accessible to them.
Amendment 1371 #
Proposal for a regulation
Article 21 – paragraph 4 – point b
Article 21 – paragraph 4 – point b
(b) verifying whether the provider removed or disabled access to that item or those items, including by conducting the searches referred to in Article 49(1);
Amendment 1378 #
Proposal for a regulation
Article 22 – paragraph 1 – subparagraph 1 – introductory part
Article 22 – paragraph 1 – subparagraph 1 – introductory part
Providers of hosting services and providers of number-independent interpersonal communications services shall preserve the content data and other data processed in connection to the measures taken to comply with this Regulation and the personal data generated through such processing, only for one or more of the following purposes, as applicable:
Amendment 1383 #
Proposal for a regulation
Article 22 – paragraph 1 – subparagraph 2
Article 22 – paragraph 1 – subparagraph 2
Amendment 1389 #
Proposal for a regulation
Article 22 – paragraph 2 – subparagraph 3
Article 22 – paragraph 2 – subparagraph 3
Providers shall ensure that the information referred to in paragraph 1 is preserved in a secure mannern encrypted or protected in a similarly secure way and that the preservation is subject to state of the art appropriate technical and organisational safeguards. Those safeguards shall ensure, in particular, that the information can be accessed and processed only for the purpose for which it is preserved, that unauthorised access to, and unauthorised transfers of, such personal data and other data are prevented, that a high level of security is achieved and that the information is deleted upon the expiry of the applicable time periods for preservation. Providers shall regularly review those safeguards and adjust them where necessary.
Amendment 1408 #
Proposal for a regulation
Article 25 – paragraph 7 – point b
Article 25 – paragraph 7 – point b
(b) assist in assessing, in accordance with Article 5(2), the risk assessment conducted or updated or the mitigation measures taken by a provider of hosting or number-independent interpersonal communication services under the jurisdiction of the Member State that designated the requesting Coordinating Authority;
Amendment 1411 #
Proposal for a regulation
Article 25 – paragraph 7 – point c
Article 25 – paragraph 7 – point c
(c) verify the possible need to request competent national authorities to issue a detection orderwarrant, a removal order or a blocking order in respect of a service under the jurisdiction of the Member State that designated that Coordinating Authority;
Amendment 1412 #
Proposal for a regulation
Article 25 – paragraph 7 – point c
Article 25 – paragraph 7 – point c
(c) verify the possible need to request competent national authorities to issue a detection order, a removal order or a blocking order in respect of a service under the jurisdiction of the Member State that designated that Coordinating Authority;
Amendment 1470 #
Proposal for a regulation
Article 34 a (new)
Article 34 a (new)
Article34a Representative actions The following is added to Annex I of Directive (EU) 2020/1828 on Representative actions for the protection of the collective interests of consumers: “Regulation xxxx/xxxx of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse”
Amendment 1471 #
Proposal for a regulation
Article 34 a (new)
Article 34 a (new)
Article34a Reporting of breaches and protection of reporting persons Directive (EU) 2019/1937 of the European Parliament and of the Council shall apply to the reporting of breaches of this Regulation and the protection of persons reporting such breaches.
Amendment 1481 #
Proposal for a regulation
Article 36 – title
Article 36 – title
Identification and submission of online child sexual abuse material
Amendment 1484 #
Proposal for a regulation
Article 36 – paragraph 1 – subparagraph 1 – point a
Article 36 – paragraph 1 – subparagraph 1 – point a
(a) specific items of material and transcripts of conversations that Coordinating Authorities or that the competent judicial authorities or other independent administrative authorities of a Member State have identified, after a diligent assessment, as constituting child sexual abuse material or the solicitation of children, as applicable, for the EU Centre to generate indicators in accordance with Article 44(3);
Amendment 1487 #
Proposal for a regulation
Article 36 – paragraph 1 – subparagraph 1 – point b
Article 36 – paragraph 1 – subparagraph 1 – point b
(b) exact uniform resource locators indicating specific items of material that Coordinating Authorities or that competent judicial authorities or other independent administrative authorities of a Member State have identified, after a diligent assessment, as constituting child sexual abuse material, hosted by providers of hosting services not offering services in the Union, that cannot be removed due to those providers’ refusal to remove or disable access theretoit and to the lack of cooperation by the competent authorities of the third country having jurisdiction, for the EU Centre to compile the list of uniform resource locators in accordance with Article 44(3).
Amendment 1490 #
Proposal for a regulation
Article 36 – paragraph 1 – subparagraph 2
Article 36 – paragraph 1 – subparagraph 2
Member States shall take the necessary measures to ensure that the Coordinating Authorities that they designated receive, without undue delay, the material identified as child sexual abuse material, the transcripts of conversations identified as the solicitation of children, and the uniform resource locators, identified by a competent judicial authority or other independent administrative authority than the Coordinating Authority, for submission to the EU Centre in accordance with the first subparagraph.
Amendment 1493 #
Proposal for a regulation
Article 36 – paragraph 3
Article 36 – paragraph 3
3. Member States shall ensure that, where their law enforcement authorities receive a report of the dissemination of new child sexual abuse material or of the solicitation of children forwarded to them by the EU Centre in accordance with Article 48(3), a diligent assessment is conducted in accordance with paragraph 1 and, if the material or conversation is identified as constituting child sexual abuse material or as the solicitation of children, the Coordinating Authority submits the material to the EU Centre, in accordance with that paragraph, within one month from the date of reception of the report or, where the assessment is particularly complex, two months from that date.
Amendment 1496 #
Proposal for a regulation
Article 36 – paragraph 4
Article 36 – paragraph 4
4. They shall also ensure that, where the diligent assessment indicates that the material does not constitute child sexual abuse material or the solicitation of children, the Coordinating Authority is informed of that outcome and subsequently informs the EU Centre thereof, within the time periods specified in the first subparagraph.
Amendment 1517 #
Proposal for a regulation
Article 39 – paragraph 1
Article 39 – paragraph 1
1. Coordinating Authorities shall cooperate with each other, any other competent authorities of the Member State that designated the Coordinating Authority, the Commission, the EU Centre and other relevant Union agencies, including Europol, to facilitate the performance of their respective tasks under this Regulation and ensure its effective, efficient and consistent application and enforcement.
Amendment 1519 #
Proposal for a regulation
Article 39 – paragraph 2
Article 39 – paragraph 2
2. The EU Centre shall establish and maintain one or more reliable and secure information sharing systems with highest cybersecurity standards supporting communications between Coordinating Authorities, the Commission, the EU Centre, other relevant Union agencies and providers of relevant information society services.
Amendment 1526 #
Proposal for a regulation
Article 39 a (new)
Article 39 a (new)
Article39a Independence The Commission shall ensure in the draft general budget of the Union that the European Data Protection Board and European Data Protection Supervisor are provided with sufficient human, technical and financial resources, premises and infrastructure necessary for the effective performance of its tasks and exercise of its powers pursuant to this Regulation.
Amendment 1535 #
Proposal for a regulation
Article 40 – paragraph 2
Article 40 – paragraph 2
2. The EU Centre shall contribute to the achievement of the objective of this Regulation by supporting and facilitating the implementation of its provisions concerning the detection, reporting, and removal or disabling of access to, and blocking of online, of child sexual abuse material and gather and share information and expertise and facilitate cooperation between relevant public and private parties in connection to the prevention and combating of child sexual abuse, in particular online.
Amendment 1544 #
Proposal for a regulation
Article 42 – paragraph 1
Article 42 – paragraph 1
The seat of the EU Centre shall be The Hague, The Netherlands.have its seat in […]
Amendment 1548 #
Proposal for a regulation
Article 43 – paragraph 1 – point 1 – point a
Article 43 – paragraph 1 – point 1 – point a
(a) supporting the Commission and European Data Protection Board in the preparation of the guidelines referred to in Article 3(8), Article 4(5), Article 6(4) and Article 11, including by collecting and providing relevant information, expertise and best practices, taking into account advice from the Technology Committee referred to in Article 66;
Amendment 1556 #
Proposal for a regulation
Article 43 – paragraph 1 – point 2 – point c
Article 43 – paragraph 1 – point 2 – point c
(c) giving providers of hosting services and providers of number-independent interpersonal communications services that received a detection order access to the relevant databases of indicators in accordance with Article 46;
Amendment 1560 #
Proposal for a regulation
Article 43 – paragraph 1 – point 4 – point b
Article 43 – paragraph 1 – point 4 – point b
Amendment 1564 #
Amendment 1600 #
Proposal for a regulation
Article 44 – paragraph 1 – introductory part
Article 44 – paragraph 1 – introductory part
1. The EU Centre shall create, maintain and operate databases of the following three types of indicators of online child sexual abuse material:
Amendment 1602 #
Proposal for a regulation
Article 44 – paragraph 1 – point b
Article 44 – paragraph 1 – point b
Amendment 1607 #
Proposal for a regulation
Article 44 – paragraph 1 – point c
Article 44 – paragraph 1 – point c
Amendment 1610 #
Proposal for a regulation
Article 44 – paragraph 2 – point a
Article 44 – paragraph 2 – point a
(a) relevant indicators, consisting of digital identifiers to be used to detect the dissemination of known or new child sexual abuse material or the solicitation of children, as applicable, on hosting services and number-independent interpersonal communications services, generated by the EU Centre in accordance with paragraph 3;
Amendment 1612 #
Proposal for a regulation
Article 44 – paragraph 2 – point c
Article 44 – paragraph 2 – point c
(c) the necessary additional information to facilitate the use of the indicators in accordance with this Regulation, including identifiers allowing for a distinction between images, videos and, where relevant, other types of material and videos for the detection of the dissemination of known and new child sexual abuse material and language identifiers for the detection of solicitation of children.
Amendment 1615 #
Proposal for a regulation
Article 44 – paragraph 3 – subparagraph 1
Article 44 – paragraph 3 – subparagraph 1
The EU Centre shall generate the indicators referred to in paragraph 2, point (a), solely on the basis of the child sexual abuse material and the solicitation of children identified as such by the Coordinating Authorities or the courts or other independent authorities of the Member States, submitted to it by the Coordinating Authorities pursuant to Article 36(1), point (a).
Amendment 1621 #
Proposal for a regulation
Article 45 – paragraph 1
Article 45 – paragraph 1
1. The EU Centre shall create, maintain and operate a database for the reports submitted to it by providers of hosting services and providers of number- independent interpersonal communications services in accordance with Article 12(1) and assessed and processed in accordance with Article 48.
Amendment 1623 #
Proposal for a regulation
Article 45 – paragraph 2 – point b
Article 45 – paragraph 2 – point b
(b) where the EU Centre considered the report manifestly unfounded, the reasons and the date and time of informing the provider in accordance with Article 48(2);
Amendment 1626 #
Proposal for a regulation
Article 45 – paragraph 2 – point c
Article 45 – paragraph 2 – point c
(c) where the EU Centre forwarded the report in accordance with Article 48(3), the date and time of such forwarding and the name of the competent law enforcement authority or authorities to which it forwarded the report or, where applicable, information on the reasons for forwarding the report solely to Europol for further analysis;
Amendment 1627 #
Proposal for a regulation
Article 45 – paragraph 2 – point e
Article 45 – paragraph 2 – point e
(e) where available, information indicating that the provider that submitted a report concerning the dissemination of known or new child sexual abuse material removed or disabled access to the material;
Amendment 1631 #
Proposal for a regulation
Article 46 – paragraph 1
Article 46 – paragraph 1
1. Subject to paragraphs 2 and 3, solely EU Centre staff and auditors duly authorised by the Executive Director and Data Protection Officer shall have access to and be entitled to process the data contained in the databases referred to in Articles 44 and 45.
Amendment 1637 #
Proposal for a regulation
Article 46 – paragraph 2
Article 46 – paragraph 2
2. The EU Centre shall give providers of hosting services, providers of number- independent interpersonal communications services and providers of internet access services access to the databases of indicators referred to in Article 44, where and to the extent necessary for them to execute the detection or blocking orderwarrants that they received in accordance with Articles 7 or 16. It shall take measures to ensure that such access remains limited to what is strictly necessary for the period of application of the detection or blocking orderwarrants concerned and that such access does not in any way endanger the proper operation of those databases and the accuracy and security of the data contained therein.
Amendment 1644 #
Proposal for a regulation
Article 46 – paragraph 5
Article 46 – paragraph 5
5. The EU Centre shall give Europol access to the databases of indicators and reports referred to in Article 454 and Article 45, solely on a case-by-case basis with cross-border elements, where and to the extent necessary for the performance of its tasks of assisting investigations of suspected child sexual abuse offences . The EU Centre shall provide the access only where a link to criminal activity can be demonstrated by Europol and solely upon the authorisation of a request, specifying the purpose of the request, the modalities of the requested access, the intented subsequent use and the degree of access needed to achieve that purpose. The requests for the access shall be introduced via the Secure Information Exchange Network Application (SIENA). The EU Centre shall diligently assess those requests and only grant access where it considers that the requested access is necessary for and proportionate to the specified purpose.
Amendment 1646 #
Proposal for a regulation
Article 46 – paragraph 6 – subparagraph 1
Article 46 – paragraph 6 – subparagraph 1
The EU Centre shall provide the access referred to in paragraphs 2, 3, 4 and 54 only upon the reception of a request, specifying the purpose of the request, the modalities of the requested access, and the degree of access needed to achieve that purpose. The requests for the access referred to in paragraph 2 shall also include a reference to the detection order or the blocking order, as applicable.
Amendment 1652 #
Proposal for a regulation
Article 46 – paragraph 7
Article 46 – paragraph 7
7. The EU Centre shall regularly verify that the data contained in the databases referred to in Articles 44 and 45 is, in all respects, complete, accurate and up-to-date and continues to be necessary for the purposes of reporting, detection and blocking in accordance with this Regulation, as well as facilitating and monitoring of accurate detection technologies and processes. In particular, as regards the uniform resource locators contained in the database referred to Article 44(1), point (a), the EU Centre shall, where necessary in cooperation with the Coordination Authorities, regularly verify that the conditions of Article 36(1), point (b), continue to be met. Those verifications shall include audits, where appropriate. Where necessary in view of those verifications, it shall immediately complement, adjust or delete the data.
Amendment 1653 #
Proposal for a regulation
Article 46 – paragraph 8
Article 46 – paragraph 8
8. The EU Centre shall ensure that the data contained in the databases referred to in Articles 44 and 45 is stored in a secure mannern encrypted or protected in a similarly secure way and that the storage is subject to appropriatehighest state of the art technical and organisational safeguards. Those safeguards shall ensure, in particular, that the data can be accessed and processed only by duly authorised persons for the purpose for which the person is authorised and that a high level of security is achieved. The EU Centre shall regularly review those safeguards and adjust them where necessary.
Amendment 1659 #
Proposal for a regulation
Article 47 – paragraph 1 – point d
Article 47 – paragraph 1 – point d
Amendment 1664 #
Proposal for a regulation
Article 48 – paragraph 1
Article 48 – paragraph 1
1. The EU Centre shall expeditiously assess and process reports submitted by providers of hosting services and providers of number-independent interpersonal communications services in accordance with Article 12 to determine whether the reports are manifestly unfounded or are to be forwarded.
Amendment 1669 #
Proposal for a regulation
Article 48 – paragraph 2
Article 48 – paragraph 2
2. Where the EU Centre considers that the report is manifestly unfounded, it shall inform the provider that submitted the report, specifying the reasons why it considers the report to be unfounded.
Amendment 1670 #
Proposal for a regulation
Article 48 – paragraph 3 – subparagraph 1
Article 48 – paragraph 3 – subparagraph 1
Where the EU Centre considers that a report is not manifestly unfounded, it shall forward the report, that is adequate, relevant and limited to what is strictly necessary together with any additional relevant information available to it, to Europol and to the competent law enforcement authority or authorities of the Member State likely to have jurisdiction to investigate or prosecute the potential child sexual abuse to which the report relates.
Amendment 1673 #
Proposal for a regulation
Article 48 – paragraph 3 – subparagraph 2
Article 48 – paragraph 3 – subparagraph 2
Amendment 1677 #
Proposal for a regulation
Article 48 – paragraph 6 – point b
Article 48 – paragraph 6 – point b
(b) where the provider that submitted the report is a provider of hosting services and the report concerns the potential dissemination of child sexual abuse material, communicate to the provider that it is not to remove or disable access to the material, specifying the time period during which the provider is not to do so.
Amendment 1680 #
Proposal for a regulation
Article 48 – paragraph 8
Article 48 – paragraph 8
8. The EU Centre shall verify whether a provider of hosting services that submitted a report concerning the potential dissemination of child sexual abuse material removed or disabled access to the material, insofar as the material is publicly accessible. Where it considers that the provider did not remove or disable access to the material expeditiously, the EU Centre shall inform the Coordinating Authority of establishment thereof.
Amendment 1686 #
Proposal for a regulation
Article 49 – paragraph 1 – introductory part
Article 49 – paragraph 1 – introductory part
1. The EU Centre shall have the power to conduct searches on hosting services for the dissemination of publicly accessible child sexual abuse material, using the relevant indicators from the database of indicators referred to in Article 44(1), points (a) and (b), in the following situations:
Amendment 1691 #
Proposal for a regulation
Article 49 – paragraph 2 – subparagraph 1
Article 49 – paragraph 2 – subparagraph 1
The EU Centre shall have the power to notify, after having conducted the searches referred to in paragraph 1, the Coordinating Authoriy to request a removal order persuant to Article 14 and the providers of hosting services of the presence of one or more specific items of known child sexual abuse material on their services and request them to remove or disable access to that item or those items, for the providers’ voluntary consideration. .
Amendment 1696 #
Proposal for a regulation
Article 50 – paragraph 1 – subparagraph 1
Article 50 – paragraph 1 – subparagraph 1
The EU Centre shall make available technologies that providers of hosting services and providers of number- independent interpersonal communications services may acquire, install and operate, free of charge, where relevant subject to reasonable licensing conditions, to execute detection orders in accordance with Article 10(1). The EU Centre shall provide recommended mitigating measures and relevant best practices that are in particular effective in identifying child sexual abuse material that result from the operation of providers’ mitigating measures, in accordance with Article 4 of the Regulation.
Amendment 1700 #
Proposal for a regulation
Article 50 – paragraph 1 – subparagraph 1 a (new)
Article 50 – paragraph 1 – subparagraph 1 a (new)
The EU Centre shall provide recommended mitigating measures and relevant best practices that are in particular effective in identifying child sexual abuse material that result from the operation of providers’ mitigating measures, in accordance with Article 4 of the Regulation.
Amendment 1705 #
Before including specific technologies on those lists, the EU Centre shall request the opinion of its Technology Committee and of the European Data Protection Board. The Technology Committee and the European Data Protection Board shall deliver their respective opinions within eight10 weeks. That period may be extended by a further six12 weeks where necessary, taking into account the complexity of the subject matter. The Technology Committee and the European Data Protection Board shall inform the EU Centre of any such extension within one month of receipt of the request for consultation, together with the reasons for the delay.
Amendment 1706 #
Proposal for a regulation
Article 50 – paragraph 1 – subparagraph 3 a (new)
Article 50 – paragraph 1 – subparagraph 3 a (new)
The EU Centre shall respect the positions and findings in the opinion provided by the European Data Protection Board before making specific technologies available.
Amendment 1709 #
Proposal for a regulation
Article 50 – paragraph 2 – point a
Article 50 – paragraph 2 – point a
(a) information obtained in the performance of its tasks under this Regulation concerning detection, reporting, removal or disabling of access to, and blocking of online child sexual abuse;
Amendment 1721 #
Proposal for a regulation
Article 51 – paragraph 2 – point b
Article 51 – paragraph 2 – point b
Amendment 1723 #
Proposal for a regulation
Article 51 – paragraph 2 – point c
Article 51 – paragraph 2 – point c
Amendment 1729 #
Proposal for a regulation
Article 51 – paragraph 2 – point m
Article 51 – paragraph 2 – point m
(m) assessing and processing reports of potential online child sexual abuse in accordance with Article 48;
Amendment 1730 #
Proposal for a regulation
Article 51 – paragraph 2 – point n
Article 51 – paragraph 2 – point n
Amendment 1735 #
Proposal for a regulation
Article 51 – paragraph 4
Article 51 – paragraph 4
4. It shall ensure that the personal data is stored in a secure mannern encrypted or protected in a similarly secure way and that the storage is subject to appropriatehighest state of the art, technical and organisational safeguards. Security requirements for data security pursuant to Article 88 of Regulation (EU) 2018/1725, Article 32 of Regulation 767/2008, Article 16 of Regulation 1987/2006, Article 16 of Regulation 2018/1862 and Article 34 of Regulation 603/2013 shall apply accordingly. Those safeguards shall ensure, in particular, that the personal data can be accessed and processed only for the purpose for which it is stored, that a high level of security is achieved and that the personal data is deleted when no longer strictly necessary for the applicable purposes. It shall regularly review those safeguards and adjust them where necessary.
Amendment 1741 #
Proposal for a regulation
Article 53 – paragraph 2
Article 53 – paragraph 2
Amendment 1752 #
Proposal for a regulation
Article 53 – paragraph 3
Article 53 – paragraph 3
3. The terms of cooperation and working arrangements shall be laid down in a publically accessible memorandum of understanding.
Amendment 1757 #
Proposal for a regulation
Article 54 – paragraph 1
Article 54 – paragraph 1
1. Where necessary fFor the performance of its tasks under this Regulation, the EU Centre mayshall cooperate with organisations and networks with information and expertise on matters related to the prevention and combating of online child sexual abuse, including civil society organisations and semi-public organisations.
Amendment 1796 #
Proposal for a regulation
Article 66 – paragraph 1
Article 66 – paragraph 1
1. The Technology Committee shall consist of technical experts appointed by the Management Board in view of their excellence, particular expertise in upholding privacy and data protection and their independence, following the publication of a call for expressions of interest in the Official Journal of the European Union.
Amendment 1809 #
Proposal for a regulation
Article 83 – paragraph 1 – introductory part
Article 83 – paragraph 1 – introductory part
1. Providers of hosting services, providers of number-independent interpersonal communications services and providers of internet access services shall collect data on the following topics and make that information available to the EU Centre upon request:
Amendment 1815 #
Proposal for a regulation
Article 83 – paragraph 1 – point a – indent 2
Article 83 – paragraph 1 – point a – indent 2
– the error rates of the technologies deployed to detect online child sexual abuse and measures taken to prevent or remedy any errors;
Amendment 1816 #
Proposal for a regulation
Article 83 – paragraph 1 – point a – indent 2 a (new)
Article 83 – paragraph 1 – point a – indent 2 a (new)
- including the rates of false positives and negatives, and confirmed positives and negatives
Amendment 1825 #
Proposal for a regulation
Article 83 – paragraph 1 – point d
Article 83 – paragraph 1 – point d
Amendment 1828 #
Proposal for a regulation
Article 83 – paragraph 1 – point e
Article 83 – paragraph 1 – point e
(e) the number of instances in which the provider invoked Article 8(3), Article 14(5) or (6) or Article 17(5), together with the grounds therefor;
Amendment 1837 #
Proposal for a regulation
Article 83 – paragraph 2 – point b
Article 83 – paragraph 2 – point b
(b) the most important and recurrent risks of online child sexual abuse, as reported by providers of hosting services and providers of number-independent interpersonal communications services in accordance with Article 3 or identified through other information available to the Coordinating Authority;
Amendment 1840 #
Proposal for a regulation
Article 83 – paragraph 2 – point c
Article 83 – paragraph 2 – point c
(c) a list of the providers of hosting services and providers of number- independent interpersonal communications services to which the Coordinating Authority addressed a detection order in accordance with Article 7;
Amendment 1845 #
Proposal for a regulation
Article 83 – paragraph 2 – point f
Article 83 – paragraph 2 – point f
(f) the number of removal orders issued in accordance with Article 14, broken down by provider, the time needed to remove or disable access to the item or items of child sexual abuse material concerned, and the number of instances in which the provider invoked Article 14(5) and (6);
Amendment 1846 #
Proposal for a regulation
Article 83 – paragraph 2 – point g
Article 83 – paragraph 2 – point g
Amendment 1853 #
Proposal for a regulation
Article 83 – paragraph 3 – introductory part
Article 83 – paragraph 3 – introductory part
3. The EU Centre shall collect data and generate statistics on the detection, reporting, removal of or disabling of access to online child sexual abuse under this Regulation. The data shall be in particular on the following topics:
Amendment 1858 #
Proposal for a regulation
Article 83 – paragraph 3 – point c
Article 83 – paragraph 3 – point c
(c) the total number of reports submitted to the EU Centre in accordance with Article 12, broken down by provider of hosting services and provider of number-independent interpersonal communications services that submitted the report and by Member State the competent authority of which the EU Centre forwarded the reports to in accordance with Article 48(3);
Amendment 1873 #
Proposal for a regulation
Article 83 – paragraph 4
Article 83 – paragraph 4
4. The providers of hosting services, providers of number-independent interpersonal communications services and providers of internet access services, the Coordinating Authorities and the EU Centre shall ensure that the data referred to in paragraphs 1, 2 and 3, respectively, is stored no longer than is necessary for the transparency reporting referred to in Article 84. The data stored shall not contain any personal data.
Amendment 1887 #
Proposal for a regulation
Annex I – title
Annex I – title
DETECTION ORDERWARRANT ISSUED IN ACCORDANCE WITH REGULATION (EU) …/… LAYING DOWN RULES TO PREVENT AND COMBAT CHILD SEXUAL ABUSE (‘THE REGULATION’)
Amendment 1891 #
Proposal for a regulation
Annex I – Section 4 – paragraph 2 – point 2
Annex I – Section 4 – paragraph 2 – point 2
Amendment 1892 #
Proposal for a regulation
Annex I – Section 4 – paragraph 2 – point 3
Annex I – Section 4 – paragraph 2 – point 3
Amendment 1896 #
Proposal for a regulation
Annex II – title
Annex II – title
TEMPLATE FOR INFORMATION ABOUT THE IMPOSSIBILITY TO EXECUTE THE DETECTION ORDERWARRANT referred to in Article 8(3) of Regulation (EU) .../… [laying down rules to prevent and combat child sexual abuse]
Amendment 1897 #
Proposal for a regulation
Annex III – Section 2 – point 2 – point 2
Annex III – Section 2 – point 2 – point 2
Amendment 1899 #
Amendment 1901 #
Proposal for a regulation
Annex III – Section 2 – point 3 – introductory part
Annex III – Section 2 – point 3 – introductory part
3) CRelevant content data related to the reported potential online child sexual abuse, including images, videos and texts, as applicable:
Amendment 1904 #
Amendment 1906 #
Proposal for a regulation
Annex VII
Annex VII
Amendment 1908 #
Proposal for a regulation
Annex VIII
Annex VIII