European Parliament IMCO Committee draft report threatens children’s safety and fails to understand and respond to child sexual abuse online.

On 8 February 2023, the European Parliament’s Committee on the Internal Market and Consumer Protection (IMCO) published its draft report on the European Commission’s proposal to prevent and combat child sexual abuse. The draft report seeks a vastly reduced scope for the Regulation, demonstrating a misguided interpretation of the Commission’s proposal, and a flawed understanding of the complex dynamics of child sexual abuse. It favours the anonymity of perpetrators of abuse over the rights of victims and survivors of sexual abuse and seeks to reverse progress made in keeping children safe as they navigate or are harmed in digital environments that were not built with their safety in mind.

We, a civil society coalition united in defence of children’s right to protection from violence and abuse, feel obliged to address the potential harm to children by IMCO’s draft report to substantially water down the Regulation:

Detection of unknown child sexual abuse material (CSAM) and grooming should not be optional. We must take action to address both.

Download the full statement

Excluding the possibility of detecting so far unknown CSAM and grooming is to deliberately look away from a crime. Only looking for what has already been verified is refusing to help a child in need or from preventing the harm from ever happening.

Databases of known CSAM only exist because unknown CSAM can be detected and identified. ‘Unknown’ CSAM refers to new photos and videos of children being sexually abused or exploited that have not before been detected and categorised. Once detected and categorised by law enforcement and child protection organisations, new CSAM becomes ‘known’ CSAM.

Over one third (34%) of children have been asked to do something sexually explicit online they were uncomfortable with or did not want to do. This is one example of grooming. Children exposed to sexually explicit content and grooming report similar levels of trauma symptoms (i.e. clinically diagnosable PTSD) to victims of penetrative offline sexual offences. To tackle this crime at scale, online service providers must deploy the preventative technologies foreseen by the Regulation as mandatory following a risk assessment.

Prevention and user reporting are essential, but will not solve the issue alone.

We agree with the draft report that there is a need for more prevention. However, decades of experience show that effective prevention of child sexual abuse (CSA) online requires a combination of prevention methods which include targeted technologies, education, and referral mechanisms for children and caregivers.

While we also agree on the need for robust, accessible, and accountable user reporting mechanisms on all platforms, in reality, the proportion of known and new CSAM identified through user reports will always remain small. This is because of the massive volume of illegal content circulating online and because reporting sexual abuse is not as simple as reporting a stolen credit card. It is complicated for bystanders and highly complex for victims.

We know that up to 83% of children do not report or tell anyone about sexual abuse or grooming happening to them . Victims may not know their abuse has been recorded, some victims are too young to speak out, older children need help to remove their sexual images. Both adults and children often don’t report because of shame, fear, threats from the offender not to report or even indifference. If they do report, they are likely to do so to child-friendly and safe reporting mechanisms, such as child helplines and child-focused hotlines.

Prevention of harm starts with verifying the age of a user

Children can be denied entry to a bar or a cinema based on their age. Why should access to online platforms which also pose a threat to their welfare be any different? Where a platform cannot be made safe by design, assessing the age of users on a platform is a safeguarding measure which must remain available to service providers and should be carried out using effective and privacy-preserving age assurance techniques.

Technology can meet a high standard of privacy and protection

Technologies are built to meet high standards of privacy-protection, data minimisation, proportionality, and transparency, these neither restrict nor undermine encryption. What they do is detect the illegal distribution of illegal content depicting child sexual abuse. What really matters is ensuring strong safeguards to establish a global standard. This is a policy decision, and should be based on the best interests of the child as enshrined in EU and international law.

Detection Orders are designed to balance rights and ensure a democratic process

Detection orders will only be issued for approved technologies and using a risk assessment, with supervision by national courts and scrutiny by an independent EU Centre. This means that all deployed technologies must meet existing EU standards before they can be used. The focus on error rates bypasses the role of existing legal frameworks such as the 2011 CSA Directive, and human review.

The IMCO draft report seeks to make the detection process even more complicated. Checks and balances are essential and were built into the existing proposal. Excessive red tape risks letting perpetrators of sexual abuse off the hook. Proactive mitigation measures can ensure that children who are being sexually abused continue to be on our radar and can get the help they need today, not in 18-24 months.

The scale of this problem requires us to act at scale and to use the efficiency offered by technology, just as we do in every other aspect of the digital transformation of societies. We call upon EU policy-makers to ensure the new EU Regulation covers detection of known CSAM, unknown CSAM and grooming in order to continue protecting children on and offline. We equally urge EU policy-makers to establish effective age verification and assessment requirements.

Written by the Steering Group of the European Child sexual abuse Legislation Advocacy Group (ECLAG), a coalition of NGOs working to ensure children’s right and protection.

Terre des Hommes, Brave Movement, ECPAT International, Missing Children Europe, Internet Watch Foundation, Thorn


Innocence in Danger e.V., Germany
Child Rescue Coalition
ECPAT Austria
ECPAT Norway
NSPCC, United Kingdom
ISPCC, Ireland
Lightup, Norway
Hintalovon Foundation – ECPAT Hungary
The Lucy Faithfull Foundation, United Kingdom
The International Centre for Missing and Exploited Children
Missing Children Switzerland
Missing Persons Families Support Centre, Lithuania
Lasten perusoikeudet – Children´s Fundamental Rights ry, Finland
Instituto de Apoio à Criança, Portugal
Marie Collins Foundation, United Kingdom
ASTRA-Anti-trafficking action, Serbia
The Smile of the Child, Greece
ITAKA Foundation, Poland
Stiftung Digitale Chancen / Digital Opportunities Foundation, Germany
“Hope For Children” CRC Policy Center, Cyprus
Child Helpline International
Association for the Prevention and Handling of Violence in the Family (SPAVO), Cyprus
S.O.S Il Telefono Azzurro Onlus, Italy
Fundación ANAR, Spain
International Justice Mission
End Violence Global Partnership
Defence for Children – ECPAT the Netherlands
eLiberare, Romania
Augusta Associates, LLC
Network for Children’s Rights, Greece
Child10, Sweden
Childnet, United Kingdom
UK Safer Internet Centre
South West Grid for Learning, United Kingdom