Addressing Child Online Safety: Balancing Data Security and Protection from CSAM

The recent Senate hearing on online safety for children brought together the CEOs of five major technology platforms to address the critical issue of child sexual abuse material (CSAM) availability. While several bills were proposed as potential solutions, concerns were raised about the unintended consequences that could harm data security practices. The most effective solutions to increase children’s online safety might already exist in the form of encryption and end-to-end encryption (E2EE) technology.

With the United States lacking a federal comprehensive data privacy and security law, many consumers and organizations seek to implement data security measures on their own. Technology companies have been pushing products with E2EE to protect data in transit and fully encrypted storage devices to protect data at rest. The importance of data security in national security cannot be understated, with the 2023 National Cybersecurity Strategy calling for the deployment of encryption to protect data.

However, proposed legislation like the STOP CSAM and EARN IT acts go against data security best practices, undermining the Biden administration’s pleas for better data security. While the fight against CSAM is crucial, it should not come at the expense of data privacy and security. The increase in reports of CSAM content highlights the need for effective solutions that do not compromise data security.

Parents can play a crucial role in enhancing children’s online safety by adopting safety measures at the network, device, and application levels. Network-level controls on routers, device-level parental controls, and application-level monitoring can help keep children safe online. Additionally, the Federal Trade Commission’s exploration of rulemaking for the Children’s Online Privacy Protection Act (COPPA) could provide an opportunity to establish rules that enhance data security to protect children’s personal data.

While addressing CSAM is crucial, lawmakers must ensure that policy decisions do not have negative consequences like deteriorating data security. Supporting legislation focused on training and funding law enforcement agencies to investigate online crimes affecting children is important, but embracing existing technology solutions and encouraging future innovation is key to ensuring the privacy and security of data.