Intermediary Liability Blog

The regulation on a single market for digital services also known as the digital services act proposed by the European Commission contains very little that is terribly new. To the surprise of many, the long-in-the-making policy update keeps many of the pillars that made the 2000 directive on e-commerce such a success. It keeps the European Union’s ban on “general-monitoring” requirements which could have brought free exchange on the Internet to a halt; it limits the potential liability of firms for aggressively taking down content that violates “community standards” with a good samaritan clause; and it even re-affirms the “country-of-origin principle” around which so much of Europe’s post-war economic success is built.

But there is one area where the proposal reaches dramatically for new ground – and that is in extending the regulation and possible legal liability for the sale of counterfeit and pirated goods online. Concretely, the proposal – which must still make its way through the labyrinthine European legal process before it becomes law – says that “in order to achieve the objective of ensuring a safe, predictable and trusted online environment… the concept of ‘illegal content’ should be defined broadly.” This is anodyne text, to be sure. But those few words could well mask a sea-change in the way platforms are regulated – and the way the fight against counterfeit goods is conducted.

For years, the sale of counterfeit goods online has been fought largely through a voluntary programme of self-regulation. In 2011, the European Commission sat down with platforms and consumer-goods makers and hashed out a Memorandum of Understanding on the Sale of Counterfeit Goods on the Internet. It set up a “notice and takedown” procedure for informing platforms when a manufacturer or government agency saw counterfeit goods being offered online as well as a series of “key performance indicators” to track progress on the speed and thoroughness of removals (the MoU was updated in 2016). In a recent evaluation, the European Commission concluded that the MoU is “a useful tool” for bringing stakeholders together, though it found that the sale of counterfeited and pirated goods remains “a serious problem.”

But the digital services act, if approved, would turn these voluntary commitments into legal obligations – and add the potential for fines that could rise to 6% of global revenue if platforms were found to be slow to respond or remove. Is the effort really necessary? A substantial body of evidence – including data from the European Commission’s own impact assessment of the proposal – indicate that the new terms are at the very least disproportionate to the size of the problem and may well have been concocted with aims that are more political than economic. This could have serious collateral damage: if allowed to stand, it could expose the European Commission as an organisation that responds mostly to pressure from domestic producers while hiding behind the language of protecting consumers. And it sets a low-bar for evidence-based policymaking in general and that could have reputation-damaging effects on the European Commission’s goal of becoming the world’s leading technology-sector regulator.

The plans start to go awry at the level of “problem definition” – a key pillar in any “smart regulation” and a key principle in the European Commission’s own guidelines on “better regulation.” In the impact assessment published alongside the digital services act proposal, the European Commission states that “it is estimated that total imports of counterfeit goods in Europe amounted to €121 billion in 2016” adding that “80% of products detected by customs authorities involved small parcels, assumed to have been bought online internationally through online market places or sellers’ direct websites.” These figures, in turn, come directly from Trends and Trade in Counterfeit and Pirated Goods, the Organisation for Economic Cooperation and Development/European Union Intellectual Property Office study – and they contain by the OECD’s own assessment several major qualifications and likely exaggerations.

For starters, the calculation assumes that counterfeit completely displace sales of legal products, i.e., that every buyer of a counterfeit product would buy the original one, if counterfeit was not available. This is like saying that everyone who bought a fake Louis Vuitton bag would buy the original if the pirated one was not available. In its study, the OECD-EUIPO admits that “this may lead to an inflated estimated value of the detentions in respect to alternative choices, in particular in those subcategories of luxury products where the retail value of the genuine product is much higher than that of the fake product in the secondary markets or that of its cost (e.g. luxury watches).” This is actually an understatement, as the majority of counterfeit goods are found in one sector – fashion products (footwear, clothing and leather articles) – where counterfeit goods are much cheaper than the original. And as often happens, this fundamental caveat is not even mentioned in the impact assessment of the digital services act.

Let’s be clear about this: it might be that the fashion sector does need help fighting counterfeits. But the help would be to the benefit of European manufacturers, not European consumers. Indeed, when it comes to actual consumer harm, it is hard to pin down the effects concretely. In Trends and Trade in Counterfeit and Pirated Goods, the OECD finds “58.5% of counterfeit and pirated products traded worldwide in 2016 were sold to consumers who actually knew they were buying fake products.” When it comes to safety, the potential harm is even harder to assess. On Safety Gate: the Rapid Alert System for Dangerous Non-Food Products, the European Commission’s portal for reporting and removing unsafe items for sale across borders, regulators only confirmed 191 genuine counterfeits out of the 15,459 products reported over a seven-year period between 2010 and 2017.

So to the extent that it exists, the problem is clearly a fraction of the stated estimate in terms of size. But to what extent is e-commerce to blame? According to the European Commission’s impact assessment, “80% of products detected by customs authorities involved small parcels” (small parcels being typically considered as a proxy for e-commerce). But this claim is also based on a misinterpretation. In fact, according to the European Commission’s Report on the EU Customs Enforcement of Intellectual Property Rights, small parcels (post and express courier) account for less than 5% of the counterfeit articles seized in 2019 despite being responsible for 80% of seizures. It is sea delivery instead that clearly dominates the trade of counterfeit articles with 71.1% of all counterfeit articles found there, while making up only 1.6% of seizures. The reason for this difference should be obvious: a small parcel includes fewer articles than, say, a large sea container, which continues to be the workhorse of global goods trade. So while the number of small packages seized is large, the actual amount of counterfeit articles found that way is rather small. The fact is, most overseas traffic is conducted through large containers. Any regulator looking to put an end to large-scale counterfeiting would be well advised to attack the fat end of the wedge here, focusing on the area where we might expect market-distorting volumes of counterfeits to be found. That means closer control of large scale shipments, where larger volumes of potentially counterfeit goods are undoubtedly moving.

E-commerce, as a whole, plays a far smaller role than stated. But since the digital single market measures are carefully designed to impact on the so-called “very large online platforms,” one question particularly needs to be asked: to what extent are platforms to blame for the counterfeit trade that does exist as opposed to stand alone e-commerce websites? Unfortunately, there is no evidence to answer this question directly, but there are proxies: Eurostat data show that in 2019 only 1% of total sales took place on platforms, against 6% on stand-alone websites or apps.

Not only do most transactions happen on stand-alone websites or apps rather than platforms, but in addition, contrary to stand-alone websites, the main e-commerce platforms all have monitoring mechanisms in place. And these appear to be rather effective. Based on the MoU evaluation, 98% of offers notified as potentially counterfeit in 2019 were proactively delisted by platforms, a 12% increase on the 2016 figure. And according to an assessment of the Product Safety Pledge, a European Commission-led “voluntary commitment of online marketplaces with respect to the safety of non-food consumer products sold online by third party sellers,” the share of product listings taken down within two working days was 99.7% for governmental notices and 97% for monitoring public recall websites.

In conclusion, the available evidence raises serious doubts about on the problem assessment of counterfeit goods as conceived in the digital services act. The problem is a fraction of the size mentioned in terms of economic impact and consumer harm; and it is much less attributable to e-commerce platforms than the proposed regulation would have you believe.

But this is much more than a technical issue about the misinterpretation and incorrect reporting of data. The European Commission prides itself for its regulatory performance – and rightly so. The OECD consistently ranks the European Union as the global leader in good, evidence-based, open governance in its Regulatory Policy Outlook. Never more than today, when populism is on the rise and truth risks becoming an accessory rather than the foundation of our democracies, we need to celebrate and protect these principles and practices.

One such principle is proportionality, enshrined in Article 5 of the Treaty of the European Union, which requires “that the content and form of Union action must not exceed what is necessary to achieve the objectives.” This is why so much effort is carried out in EU policymaking on “defining the problem” in qualitative and quantitative terms. If the policy has to be proportionate to the objective, then the correct quantification of the problem is a fundamental prerequisite to designing correct solutions.

The reality is that the problem of counterfeit products is simply of a different order of magnitude from illegal content. The latter is a serious matter that touches upon, and jeopardises, the very basis of our democratic societies. There are systemic trade-offs to be addressed, between protection of free speech and democratic institutions, between encouraging legitimate business models and spreading misinformation. And in those cases, it is clear that platforms play a central role.

The European Commission is to be commended for taking on the historical challenge to set the global standard in regulating online content. But it jeopardises the credibility by placing this effort in the same bucket with fighting fake Louis Vuitton bags. Mixing such different issues with different risks and incentives weakens the case for regulation, raises suspicions of “ad hominem” persecution of US-based platforms and in general makes it harder to find effective solutions to the very real problems we face.

Cristina Moise is senior researcher and head of statistical analysis at the Lisbon Council.

David Osimo is director of research.

The debate on Donald Trump’s belated suspension from social media platforms – he has long been in violation of “community standards” that ban the spread of illegal content and would have gotten ousted much sooner had he been an ordinary user – has ranged far from the real issues at stake here. For starters, the first amendment of the United States Constitution guarantees free speech. But those guarantees do not apply to crimes that might be contained within the speech itself. A good example is incitement. It is perfectly legal and even moral to shout “fire” in a crowded theatre if there really is a blaze and people’s wellbeing is in danger. But if there is no fire and the intention is merely to launch a stampede in which people might be harmed, this is most definitely a crime. And the crime is prosecutable and there is no free speech defence in that case.

Trump’s words have long since crossed a line where actual crimes were being committed – and spread via online platforms, including deliberate lies about the sanctity of America’s electoral system, the possible involvement of a political rival’s family in a presidential assassination, allegations about “conspiracies” and “witch hunts” involving the former U.S. president and vice-president in treasonous crimes, and even the bizarre claim – directly contradicting the findings of America’s intelligence agencies – that efforts to hack U.S. elections could be the work of “somebody sitting on their bed that weighs 400 pounds [181 kilos]” and not the work of Vladimir Putin. And these aren’t just lies that he spreads; actual harm has resulted in many cases. The explosion in Washington D.C. on 06 January 2021 was merely an impossible-to-ignore example of the danger malicious lies and implicit calls to violence can induce.

One would think that Angela Merkel, of all people, would understand the toll that deliberately misleading political speech can have on politics itself. Germany itself has a long and tragic experience with the effect that lies can have on democracy; and it has responded with some of the world’s toughest laws against them. To this day, holocaust denial is a crime in Germany – and not just because denying the holocaust is a lie, which it is. But because the lie itself can lead to horrific consequences in a political context if it is allowed to fester. One is left wondering what muse Merkel is listening to these days. Is her opposition to a private-sector-led ban on Trump’s incendiary messaging just the righteous first reaction of a well-educated scientist who grew up in Communist East Germany? Or does German resentment of the rising power of American platforms run so deep that she misses the import of the moment and allows herself to stray wildly from a seminal German position on the issue, one that guided the remarkable return of Germany to the family of nations over the last 70 years?

Less attention has been given to the actual effectiveness of banning users, and here there is a mountain of evidence worth revisiting in this context, particularly in the long fight against terrorism and terrorist incitement online. Some argue that an account banned on one platform will only migrate to other accounts and platforms – and, indeed, many rightwing conspirators merely drifted to other far-right platforms after the Trump ban. These apps have seen dramatic growth in the week following Trump’s ban from social media and the U.S. insurrection. Several platforms, including Apple Store, Google Play and Amazon Web Services have subsequently banned the more egregious among them, including Parler, for also fomenting incitement and spreading the same lies that got President Trump banned in the first place.

However, years of experience with fighting terrorism online show that bans can be very effective. A recent study from the Programme on Extremism at George Washington University demonstrates that – in the case of Islamic State of Iraq and the Levent (ISIS) – the suspension of one or two high-profile English language accounts had a substantial effect on efforts to spread illegal content elsewhere, including the congruent effort to rebuild the terrorist communities dispersed by the ban in other places.

Europol has had an interesting experience as well. It was able to radically slow the spread of ISIS content on Telegram, a messaging service popular with jihadists, by working directly with the platform in 2019. Later, both Telegram and Europol found that the effort needed to be ongoing; an initial 2018 one-off effort had proven less effective. Since then, there has been substantial follow up and monitoring, which have had a powerful effect on curbing the spread of material that incites violence as well as on the “platform migration” that others might have predicted, according to a study by the UK Centre for Research and Evidence on Security Threats (CREST).

What these studies consistently show is that, despite the openness of the Internet and the endless possibility to create new platforms and open new accounts, banning users who spread lies and illegal content – and the apps on which they spread – can achieve a significant impact in slowing down terrorist outreach and recruitment capacity, especially when public and private actors collaborate.

But platforms were still hesitant to ban Donald Trump. They argue – and apparently believe – that they perform an important public function in relaying the words of a democratically elected president of the United States even when the information those words contain is patently false and they don’t themselves share the views or intent behind the message. There is some merit in that point of view – but not without qualification. The fact is, the presidency of Donald Trump left us with the question, what do you do when the elected leader of a democratic country turns rogue? Do we allow the president to violate the law repeatedly by dutifully spreading his lies and ignoring the mounting violence? Or do we better serve justice by holding elected officials to the same legal standards and norms of public responsibility as the rest of us? It’s not like depriving President Trump of a social-media megaphone deprives him of a voice – he still has the podium of the White House and the ever-present eyes of live television and the White House press corps to carry his words to the world and parse his every utterance. But does he really need a special channel to spread disinformation that others are not allowed to spread? The debate over how social media platforms and the media itself should deal with a rogue leader in a democratic state has only begun.

PAUL HOFHEINZ
Paul Hofheinz is president of the Lisbon Council.

DAVID OSIMO
David Osimo is director of research at the Lisbon Council.

The European Commission has sent a strong signal: like the electronic commerce directive (2000) before it, the new digital services act will “preserve” the “country of origin principle” – a core tool in the European Union’s legislative chest. That principle holds that if a product or service is legal and licensed in one European Union member state that product or service should be good enough for sale without additional licensing or restrictions in another.

In the real world, this has important effects. It means that a business that is licensed in one EU member state is free to sell goods and services in any other without additional restrictions. It is a core principle behind Europe’s massive €17 trillion [$20 trillion] single market – the standard which keeps false borders from arising where real ones once stood. And that sizable market – despite a host of evident problems – is the grease which keeps entrepreneurs in relatively small countries rolling forward even in difficult times. A large proportion of European Union small- and medium-sized-enterprise trade is accounted for by crossborder imports and exports.

But the country of origin principle is also something of a mirage – a stopgap measure created to allow speedier progress in areas where deeper levels of integration might otherwise be elusive. The fact is, most EU law remains national. It is written by national parliaments, implemented by national governments and enforced by national courts. The country of origin principle sits in the middle of this; it amounts to a vote of confidence among EU member states that they believe their EU allies’ laws are as robust and effective as their own, and therefore they honour those laws as their own. But this is not the same thing as having a single set of European rules governing trade or a fully harmonised legal system among 27 independently constituted states. And that hidden fragmentation can cause very visible problems. Companies providing services across borders often find new restrictions awaiting them in target markets whatever the “principle” might hold.

This is especially true for digital enterprises whose businesses are theoretically “borderless,” but which in reality often find themselves dealing with a patchwork of diverging national rules as they seek to do business in other EU member states or expand across the EU. And it has become even more true as individual EU member states – notably France and Germany – have promulgated robust national laws governing the practice of e-commerce on their territory including rules for content management and taxation.

Whatever their intention, these national rules often hamper digital service providers’ ability to use that market for what it was intended: a broadly-conceived piste for successful commercialisation of great ideas and a source of inspiration for European entrepreneurs whose companies might someday grow into the world’s largest and most successful, a place where European consumers can find the best products and services at decent, competitive prices and the powerful engine behind a European economy which seeks to project fundamental rights and responsible regulation into global markets on the back of the economic success that Europe enjoys there.

There are, in fact, some important exceptions to the country of origin principle – labour law, for one. Companies established in one EU member state cannot send workers to other EU member states (except for short postings) without agreeing to obey the legal acquis of the member state where the workers are posted, including the payment of social security tax and sectorally-established wages. Consumer law is another exception. Recent laws have granted consumers the right to redress in the “country of sale” where they purchase a good. No one is disputing the principle involved here – consumers have a right to redress and if laws created to allow that are too distant for them to use then what kind of redress is there? But the practice itself has proven problematic – offering essentially two sets of rules. One where country of origin rules apply. And another where local point-of-sale logic prevails. Who’s right in these cases? In a digital economy where crossborder service provision is the rule and not the exception, whose rules apply?

The European Commission has sought to diffuse these tensions by setting up elaborate “reconciliation measures” intended to help countries speak to each other about emerging issues before companies in one country encounter problems or break laws in another. According to the original electronic commerce directive, EU member states can take blocking measures against products arriving from other member states – but only after 1) the country of destination first informs regulators in the country of origin that the goods are problematic, and 2) the country of origin member state fails to act on the complaint. The European Commission must also be notified and has the right to examine the rules in question and file “infringement” charges in cases where single market principles have been violated.

But even this elaborate machinery hasn’t failed to eliminate ongoing market fragmentation in an age where borders themselves have long since become less porous. Italy and Spain, for example, have promulgated laws which would require online platforms to report their local sales revenue even if the company is registered elsewhere. Latvia has objected to Russian language programming on the grounds that hate speech laws in Sweden and the United Kingdom, where the Russian programming is registered, does not meet the local Latvian standard. Germany, too, has weighed in – adopting the famous Netzwerkdurchsetzungsgesetz (NetzDG) (2017), which puts new transparency requirements on all platforms operating in Germany and mandates a 24-hour take down for illegal content. France followed suit through its proposed Loi contre les contenus haineux sur Internet (the “Avia law,” named for sponsor Laetitia Avia), though the 2019 law was recently struck down by a French court.

None of these objections are unreasonable. But they do pose difficulties for companies doing business in the EU. And they’ve caused unwelcome collateral damage for European companies. Conceived in many cases as a way of reining in the market power of large, international platforms, the high compliance costs and tough-to-overcome obstacles generated by diverging laws have fallen squarely on smaller companies and startups. Big companies have big legal offices which can successfully maneuver their way through diverging rules that hamper efforts to buy and sell across borders. Smaller companies do not. This is one reason why Europe’s much vaunted single market remains more vision than reality. And it is a reason why large, global platforms have had an easier time competing across Europe than the homegrown champions. The national laws are well intentioned. But their effect – in the absence of careful coordination at the European level – are splitting the market and having a deleterious effect that leaves smaller, local companies at a distinct disadvantage.

So what then should the European Commission do? Two things:

1. The proposed revision to the e-commerce directive offers a great opportunity: first and foremost, it is a chance to recommit Europe to the country of origin principle which has powered the growth of the single market since at least 1993. But it is also a chance to clarify dramatically how the country of origin principle should work in practice. The new rules could, for one, include better definitions of key concepts like “place of establishment” and “centre of activity” as well as clearer procedures for governance and compliance. This might include, inter alia, clarity on whether media companies based in one member state should be required to comply with unique national laws in other member states where their offerings are shown (such as the cumbersome requirement for financing local-language content in France). And the question of tax reporting – while well outside the scope of the e-Commerce directive – is another bone of contention. As is the growing plethora of diverging and sometimes conflicting national regulations on hate speech and mandatory take-down times.

2. And there’s a second thing: The country of origin principle is only one tool in the European kit. A more powerful tool is full harmonisation – a system under which European countries could agree a single set of rules, enforceable by a European-level agency and/or political body. To date, the European Commission has sought to mitigate market fragmentation by pursuing legislation which runs ahead of national initiatives. The recent European Union regulation on preventing the dissemination of terrorist content online (2018) is one effort intended to run ahead of similar initiatives emerging in France and Germany. But initiatives like this could be made more systematic. Even more importantly, they could be given added weight through a permanent institutional presence – a European regulator, in other words – that was empowered to insure that European law is consistent with the continent’s single-market aspirations and that one set of common rules are being applied unswervingly across the continent.

And here’s where the story gets really interesting. Contrary to received wisdom, the technology sector is not avoiding regulatory scrutiny. To the contrary, some companies have stepped up and asked for more oversight. In a key paper drafted over a two-year period with extensive cross-industry input, EDiMA, the Brussels-based association representing 15 of the world’s most successful technology companies, spoke warmly of “an EU-level body” that “at the very least should function as an EU-level coordination mechanism for designated national authorities capable of delivering legal certainty and consistency for all parties.” EDiMA added: “Crucially, the focus of an oversight body’s work should be restricted to the broad measures which service providers are taking. It should not have the power to assess the legality of individual pieces of content and it should not be empowered to issue takedown notices, which is the remit of the courts.”

Across the Atlantic, tech CEOs have been racing to Washington DC – and calling for more regulation. As in Europe, the goal is not necessarily to bring more rules to the sector but to create a single rule book that would be applicable across all 50 U.S. states. The worry is that state-level legislation – such as California’s strict new privacy laws – could cause the vast American market to splinter back into 50 mini-states.

Success in the digital field is not beyond us. Ultimately, it’s about providing great products and services, using our immense scientific knowhow to put better goods and services in people’s hands at affordable prices. But getting there will require imagination and boldness a bit greater than what is on display right now. It’s not enough to regulate technology markets as if the only concern were to punish the winners. We must also learn to give birth to the kinds of companies that conquer global markets – and we must give those companies the market access they need to be successful. First and foremost that means creating a single market as readily accessible to small companies with big ideas as it is to large, global ones. A hefty legal affairs department should not be a prerequisite for success in Europe. A stronger single market – with less friction, greater clarity, broader scope and more consistency – would be the most powerful catalyst European regulators could deliver for success.

PAUL HOFHEINZ
Paul Hofheinz is president and co-founder of the Lisbon Council.

AMARINS LAANSTRA-CORN
Amarins Laanstra-Corn is research associate.

DAVID OSIMO
David Osimo is director of research.

The rules on illegal content are clear: if it’s illegal in the real world then it’s illegal online. Platforms and regulators have seldom sparred over this; the community guidelines enforced by most platforms are straight-forward. Content suspected of being illegal can be flagged for inspection – or blocked at upload – and should be removed as quickly as possible if it turns out to be unlawful. This zero-tolerance rule applies to many types of illegal material, but it applies first and foremost to child pornography and images of children being abused. 

Many platforms have invested heavily in artificial-intelligence to help them spot and block illegal content before it even goes up – so much so that some images, like the iconic picture of a naked Vietnamese child running to escape an American napalm attack, have been incorrectly flagged and temporarily barred (a subsequent human review saw the content restored and the algorithms tweaked).

The questions become trickier when legal liability is brought into the picture. In 1996, the United States set the rules that would become the standard; according to section 230 of the communications decency act, platforms would be expected to “use good faith” to restrict access to content that was “obscene, lewd, lascivious, filthy, excessively violent, harassing or otherwise objectionable” and would enjoy legal immunity from prosecution over content that users posted (including prosecution for removing user-posted content that fell foul of the platform’s community guidelines). In Europe, article 14 of the electronic commerce directive (2000) did the same; it said platforms were not liable for content posted on their site if they had no prior knowledge of the illegal nature and if the platform acted expeditiously to remove it once notified.

The disturbing thing is the amount of child-abuse material available online is rising. The volume of content hosted on websites containing sexually abusive material has increased a staggering 70% since 2017, according to an Internet Watch Foundation report.

To be clear, the platforms themselves are not guilty of this rise; much of the material appears on stand-alone websites. Shockingly, 90% of those websites originate in Europe.

No one supports the use of the Internet to aid and abet crimes against children. But the question of whether the rules are tough enough – and whether platforms are doing enough – is in clear dispute. But so is the flip side of the argument: platforms use filters to flag and remove content; have these become too sensitive? Is the law inching towards censorship and surveillance? Do lawmakers need stronger tools for tracking criminal activity online? Or is there an emerging threat to privacy slipping in under the banner of stopping crimes we all know and feel to be horrific?

And perhaps more pointedly, is the horrendous fact of the continued existence and spread of online child pornography – and the evident need to respond with strengthened measures – being used as a convenient screen for compelling platforms to allow political parties – some led by powerful politicians – to spread lies without being challenged?

In May 2020, U.S. President Donald Trump announced a formal “review” of the section 230 exemption, charging the platforms with political bias after one platform posted a link to correct information next to a tweet containing proven and provable lies. Earlier, U.S. Senator Lindsey Graham, a South Carolina Republican, introduced a sweeping bill on Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act that would allow the platform liability exemption to be lifted in certain cases. Under the proposed rules, a 19-person committee would elaborate a code-of-conduct on content-removal (which the U.S. Attorney General and the U.S. Congress would ratify and amend); companies that failed to meet the tough standard could see their legal immunity from prosecution lifted, opening the door to lawsuits from aggrieved parties who felt that harm had been generated or their rights abused by material circulated on the platforms.

Law enforcement officials – including U.S. Senators sponsoring the bill – say the platforms still don’t do enough to stop illegal content from spreading; with the support of several Democratic Senators, they seem to be carving out a middle ground where platforms could keep much of their legal immunity but where, crucially, guidelines approved by the U.S. Attorney General (currently a controversial Republican) could be used to lift or suspend it in some cases.

Privacy advocates see additional threats; they say the law could be used to force companies to open backdoors on end-to-end encryption, an increasingly popular way of communicating and exchanging information. Or it might possibly lead to pre-emptive curbs on the use of end-to-end encryption itself.

The European Commission has also promised new rules “for a more effective fight against child sexual abuse” later this year, according to the 2020 work programme put forward by President Ursula von der Leyen. And the U.S. law’s final contour isn’t known. To be sure, class action suits are how the U.S. established high product safety standards in areas as diverse as automobiles, children’s toys, lawnmowers and airplanes. But the risk is the power the proposed law would give political figures to lift immunity and allow lawsuits against platforms which challenge their authority on the most basic points of truth and evidence. Recent history has shown that U.S. administrations – and this one in particular – are not always impartial and don’t shy away from using the tools of state for political ends.

Which leaves the horrific problem of child abuse online. Whatever the modalities, regulators should set aside their potentially harmful games and work with industry and privacy advocates to curb this scourge that no one wants and everyone would like to see end. Its rise is a shame and a disgrace that should concern us all. But attitude and scorn are not sufficient tools for fighting it. And political witch hunts will be very distracting and even less effective. The best response would be to take the issue seriously, craft joint responses and tackle the problem collectively. That’s what voters want. That’s what society needs.

PAUL HOFHEINZ
Paul Hofheinz is president and co-founder of the Lisbon Council.