Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

12 states sue to block $110 billion Paramount deal from Warner Bros

Apple says ex-employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI

SpaceX decided to fly Starship again after the booster failed in May

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    Should artificial intelligence help you get away with murdering your husband?

    13 July 2026

    Meta enters the crowded AI coding fray with Muse Spark 1.1

    13 July 2026

    Can AI answer the $3 trillion question?

    12 July 2026

    OpenAI shuts down Atlas, but AI browser ambitions keep growing

    12 July 2026

    OpenAI bets on families as ChatGPT goes deeper into households

    11 July 2026
  • Apps

    As TV-watching app TV Time shuts down, its founder creates Bingers, a new home for fans

    13 July 2026

    Elon Musk says X will send DMs when posts you’ve interacted with are fixed

    13 July 2026

    ‘Slow-cial’ Roost app forces you to slow down to the speed of a carrier pigeon

    12 July 2026

    Character.AI is entering the micro-drama arena with its own productions, but there’s a twist

    12 July 2026

    A new app, HyperTexting, turns the open web into a social media scrolling-like stream

    11 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    Don’t want to invest in Elon Musk? Two new ETFs expressly exclude him

    10 July 2026

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026
  • Hardware

    Meta’s new AI chips will begin production in September

    12 July 2026

    This slush machine was a lifesaver during the New York heat wave

    12 July 2026

    Dumb Co dared me to exchange my iPhone for a hacked phone

    11 July 2026

    SK Hynix raises $26.5 billion in largest foreign public IPO in US history, set to build new fabs in US

    11 July 2026

    After Apple, smartphone manufacturing boom in India enters new phase with Vivo JV

    10 July 2026
  • Media & Entertainment

    12 states sue to block $110 billion Paramount deal from Warner Bros

    14 July 2026

    Netflix could be planning “always on” live TV channels.

    11 July 2026

    Netflix is ​​dealing with shorter video content with its new set of publisher deals with Variety and others

    8 July 2026

    Netflix invented binge watching. Now he may be over it.

    7 July 2026

    New Google ad imagines a Declaration of Independence written with the help of artificial intelligence

    4 July 2026
  • Security

    Apple says ex-employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI

    13 July 2026

    US cybersecurity agency CISA had to create the incident guide during the incident, the agency reveals

    11 July 2026

    Florida ransomware dealer convicted of helping ransomware gang extort US companies

    10 July 2026

    Hacktivists call out Trump by hacking and defacing US military websites

    8 July 2026

    Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

    6 July 2026
  • Startups

    AI chip maker SambaNova raises $1 billion at $11 billion valuation, 5 months after last mega round

    12 July 2026

    Hot French startup ZML releases free product to speed up inference on multiple AI chips

    12 July 2026

    Former OpenAI executive Kevin Weil is now on Stoke Space’s board

    11 July 2026

    Phia Accused of ‘Cookie Stuffing’, Taking Affiliate Credit for Unearned Purchases

    11 July 2026

    Oratomic raises $300M to build sustainable quantum computer that only needs 20,000 qubits

    10 July 2026
  • Transportation

    SpaceX decided to fly Starship again after the booster failed in May

    13 July 2026

    TechCrunch Mobility: A robotaxi ultimatum

    12 July 2026

    Slate Auto partners with Crayola to paint its EV truck

    10 July 2026

    Autonomous drone delivery startup Manna plans major US expansion

    9 July 2026

    Federal authorities are demanding that autonomous vehicle companies stop interfering with first responders

    9 July 2026
  • Venture

    Filed Under: College Fizz App Accuses VC Of Sharing Confidential Startup Info With Rival Sidechat

    11 July 2026

    Charles Hudson shares the common mistakes he’s seen after investing in 500+ startups

    10 July 2026

    Nandan Nilekani steps down as GP at Fundamentum as it launches third $200m fund

    9 July 2026

    What are bending spoons? The little-known owner of AOL and Vimeo who is now public

    5 July 2026

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn
Security

EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn

techtost.comBy techtost.com3 May 202408 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
Eu Plan To Force Messaging Apps To Scan For Csam
Share
Facebook Twitter LinkedIn Pinterest Email

A controversial push by European Union lawmakers to legally require messaging platforms to scan citizens’ private communications for child sexual abuse material (CSAM) could lead to millions of false positives a day, hundreds of security experts and privacy. I open a letter Thursday.

Concern over the EU proposal has been building since the Commission proposed the CSAM scanning plan two years ago — with independent experts, lawmakers from the European Parliament and even the bloc’s Data Protection Supervisor among those sounding the alarm .

The EU proposal does not only require scanning by messaging platforms that receive a CSAM detection mandate known CSAM? they would also have to use unspecified detection scanning technologies to try to locate unknown CSAMs and identify grooming activity as it occurs — leading to accusations of lawmakers indulging in magical levels of tech thinking.

Critics argue that the proposal is asking for the technologically impossible and will not achieve the stated goal of protecting children from abuse. Instead, they say, it will destroy Internet security and Internet users’ privacy by forcing platforms to deploy blanket surveillance of all their users by deploying dangerous, unproven technologies such as client-side scanning.

Experts say there is no technology capable of achieving what the law requires without causing far more harm than good. However, the EU is plowing independently.

The latest open letter refers to amendments to the draft CSAM scanning regulation recently proposed by the European Council, which the signatories argue do not address fundamental flaws in the draft.

The letter’s signatories—numbering 270 at the time of writing—include hundreds of academics, including well-known security experts such as Professor Bruce Schneier of the Harvard Kennedy School and Dr. Matthew D. Green of Johns Hopkins University, along with some researchers working for technology companies such as IBM, Intel and Microsoft.

An older one I open a letter (last July), signed by 465 academics, warned that the detection technologies that the legislative proposal hinges on forcing platforms to adopt are “deeply flawed and vulnerable to attack” and would lead to a significant weakening of vital protections provided by end-to-end encrypted communications (E2EE).

Little attraction to counter-proposals

Last fall, MEPs in the European Parliament united to push back with a substantially revised approach — which would limit scanning to individuals and groups already suspected of child sexual abuse. limit it to known and unknown CSAM, removing the scan requirement for grooming. and remove any risks to E2EE by limiting it to platforms that are not end-to-end encrypted. However, the European Council, the other co-legislator involved in EU law, has yet to take a position on the matter and where it goes will affect the final shape of the law.

The latest amendment on the table was tabled by the Belgian presidency of the Council in March, which is leading discussions on behalf of representatives of EU member state governments. However, in the open letter, experts warn that this proposal still fails to address the fundamental flaws in the Commission’s approach, arguing that reviews still create “unprecedented capabilities to monitor and control Internet users” and would “undermine… secure digital future for our society and could have huge implications for democratic processes in Europe and beyond.”

Amendments to be discussed in the Council’s amended proposal include a proposal that detection orders can be more targeted by implementing risk categorization and mitigation measures. and cybersecurity and encryption can be protected by ensuring that platforms are not required to create access to decrypted data and by controlling detection technologies. But the 270 experts suggest that this amounts to a hassle bordering on a security and privacy disaster.

From a “technical point of view, to be effective, this new proposal will completely undermine the security of communications and systems,” they warn. Although we rely on “flaw detection technology” to identify cases of interest in order to send more targeted detection orders, it will not reduce the risk that the law will usher in a dystopian era of “mass surveillance” of internet users’ messages. analysis.

The letter also discusses a proposal by the Council to limit the risk of false positives by defining a “person of interest” as a user who has already shared CSAM or attempted to groom a child — which is envisaged to be done through automated assessment. such as waiting 1 visit for known CSAM or 2 for unknown CSAM/treatment before the user is formally identified as a suspect and reported to the EU Center, which would handle CSAM reports.

Billions of users, millions of false positives

Experts warn that this approach is still likely to result in huge numbers of false alarms.

“The number of false positives due to detection errors is very unlikely to decrease significantly unless the number of replicates is so large that detection ceases to be effective. Given the large number of messages sent on these platforms (in the billions), one can expect a very large number of false alarms (in the millions),” they write, noting that the platforms are likely to end up being slapped with an order tracker can have millions or even billions of users, like WhatsApp owned by Meta.

“Since there has been no public information on the performance of the detectors that could be used in practice, let’s imagine that we would have a detector for CSAM and grooming, as stated in the proposal, with a false positive rate of only 0.1%. (ie, one in a thousand times, misclassifies non-CSAM as CSAM), which is much lower than any currently known detector.

“Given that WhatsApp users send 140 billion messages a day, even if only 1 in a hundred was a message checked by such detectors, there would be 1.4 million false positives every day. To reduce false positives to hundreds, statistically one would need to identify at least 5 replicates using different, statistically independent images or detectors. And that’s just for WhatsApp – if we consider other messaging platforms, including email, the number of iterations required will increase significantly to the point where CSAM sharing capabilities are not effectively reduced.”

Another Council proposal to limit detection orders to messaging apps deemed to be “high risk” is a useless revision, in the view of the signatories, as they argue that it will likely still “indiscriminately affect a huge number of people”. Here they point out that only standard functions such as image sharing and text chat are required for CSAM exchange — functions that are widely supported by many service providers, meaning that a high-risk categorization “will undoubtedly affect many services.”

They also point out that E2EE adoption is increasing, which they suggest will increase the likelihood that services distributing it will be classified as high risk. “This number may increase further with the interoperability requirements introduced by the Digital Markets Act which will result in messages flowing between low and high risk services. As a result, almost all services could be classified as high risk,” they argue. (Note: Message interoperability is a key element of the EU DMA.)

A backdoor for the backdoor

When it comes to safeguarding encryption, the letter reiterates the message that security and privacy experts have been repeatedly shouting to lawmakers for years: “Tracing into end-to-end encrypted services undermines the protection of encryption by definition.”

“The new proposal has as one of its goals to ‘protect cyber security and encrypted data while keeping services that use end-to-end encryption within the scope of detection orders.’ As we have explained before, this is an oxymoron” they emphasize. “The protection provided by end-to-end encryption means that no one other than the intended recipient of a communication should be able to learn any information about the content of that communication. Enable traceability, either for encrypted or pre-encrypted data; it violates the very definition of confidentiality provided by end-to-end encryption.”

In recent weeks, police chiefs across Europe have drawn up their own joint statement — expressing concerns about the expansion of E2EE and asking platforms to design their security systems in such a way that they can still detect illegal activity and send reports for content of messages to law enforcement authorities.

The intervention is widely seen as an attempt to pressure lawmakers to pass laws like the CSAM scanning regulation.

Police chiefs deny they are calling for backdoor encryption, but have not explained exactly what technical solutions they want the platforms to adopt to allow the intended “legitimate access”. Squaring this circle puts a very loosely shaped ball back in the legislators’ court.

If the EU continues on its current path — provided the Council does not change course, as MEPs have urged — the consequences will be “disastrous”, the letter’s signatories then warn. “It sets a precedent for internet filtering and prevents people from using some of the few tools available to protect their right to privacy in the digital space. it will have a chilling effect, especially on teenagers who rely heavily on online services for their interactions. It will change the way digital services are used around the world and is likely to negatively impact democracies around the world.”

An EU source close to the Council could not provide information on current discussions between member states, but noted that there is a working group meeting on May 8, where they confirmed that the proposal for a regulation to combat child sexual abuse will be discussed.

apps CSAM eh encryption eu csam-scanning proposal experts false Force messaging millions plan positives Risks Scan Warn
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleThe Hubble network makes a Bluetooth connection with a satellite for the first time
Next Article Kajabi’s online course platform allows creators to build their own branded apps
bhanuprakash.cg
techtost.com
  • Website

Related Posts

Apple says ex-employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI

13 July 2026

US cybersecurity agency CISA had to create the incident guide during the incident, the agency reveals

11 July 2026

Florida ransomware dealer convicted of helping ransomware gang extort US companies

10 July 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

12 states sue to block $110 billion Paramount deal from Warner Bros

14 July 2026

Apple says ex-employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI

13 July 2026

SpaceX decided to fly Starship again after the booster failed in May

13 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

Don’t want to invest in Elon Musk? Two new ETFs expressly exclude him

10 July 2026

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026
Startups

AI chip maker SambaNova raises $1 billion at $11 billion valuation, 5 months after last mega round

Hot French startup ZML releases free product to speed up inference on multiple AI chips

Former OpenAI executive Kevin Weil is now on Stoke Space’s board

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.