Last month we slammed this list with a gigantic, long report. This month we
will try to focus on a few key developments: child protection (CSAM and
age-verification), the Franco-German Digital Summit and a minor DSA
update.
=== CSAM ===
Regular readers of this monitoring report will know about the proposed
Regulation to Prevent and Combat Child Sexual Abuse
<https://en.wikipedia.org/wiki/Regulation_to_Prevent_and_Combat_Child_Sexual…>
(and about the Wikimedia Foundation’s position
<https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/1…>).
It has been stuck in Council for quite some time because Member States
can’t agree on an obligation on mandatory direct message scanning for
providers of interpersonal messaging services. The main criticism of this
is that it would essentially vanish end-to-end encryption.
—
There is a very recent development. One of the staunchest supporters of the
obligation, Denmark, which also currently holds the rotating Council
presidency, announced it is dropping this demand
<https://www.berlingske.dk/politik/dansk-forslag-om-digital-boernebeskyttels…>.
This could very well unblock the deadlock.
—
The European Parliament has a negotiating position since 2023 (without this
obligation), so if the Council now manages to agree on its own position, we
might see this legislation progress quickly.
—
There is also a looming deadline. Currently companies may scan for CSA
material voluntarily, based on a temporary exception
<https://www.europarl.europa.eu/news/en/press-room/20240408IPR20311/child-se…>
to the ePrivacy Directive, which will expire in April 2026.
—
Other articles of this regulation will establish a European centre in The
Hague, which will maintain a hash database with known and suspected
material that platforms will be obliged to scan for and, if found, report.
The scanning of content outside of “private chats” has not been
controversial in the deliberations.
=== Blatant Plug ===
On 4 November we are organising an Online Child Safety Training
<https://meta.wikimedia.org/wiki/Wikimedia_Europe/Advocacy/Child_Safety_Trai…>
for Wikimedians (esp. project editors and contributors). You may still
register
<https://docs.google.com/forms/d/e/1FAIpQLSegC5G8LNiq4lGQXmXy3aO6GlccRBDOZQH…>
.
=== Age-Verification ===
The other hot child protection topic is age-verification. 25 countries
signed the so-called Jutland Declaration
<https://www.euractiv.com/content/uploads/sites/2/2025/09/Euractiv_1252_001.…>,
vowing to increase both national and European efforts to protect children
online. Interestingly Belgium and Estonia abstained from signing.
—
Still, two fault-lines remain. First, EU countries can’t agree on the “age
of majority” and whether there should be a universal one across the bloc.
Second, should this be a hard age limit, or should parental consent be able
to “override it”?
—
The European Commission is sending very mixed signals. They don't seem too
keen to move, but are being forcefully pushed in different directions by
Member States, MEPs and stakeholders. They are now focused on assembling a
panel of experts
<https://www.euractiv.com/news/von-der-leyen-eyes-tougher-social-media-restr…>
on this. Which does sound like kicking the can down the road.
—
The European Parliament passed one own-initiative report
<https://www.europarl.europa.eu/news/fr/press-room/20251013IPR30892/nouvelle…>
(of many) on child protection. In it, the parliamentarians declare that
they want a university “digital majority” age of 16. Below this age access
to social media and AI assistants should be possible only with parental
consent. It also calls for the prohibition of dark patterns. Own-initiative
reports are non-binding.
—
Two countries where the debate is already underway, and based on actual
legislative proposals that are being negotiated, are Italy and Romania. In
both countries Wikimedia affiliates are engaging. In Italy an amendment
<https://www.senato.it/show-doc?leg=19&tipodoc=EMENDC&id=1476126&idoggetto=1…>
aims to clarify the definition of “social network” (thereby excluding
non-commercial educational, scientific and encyclopedic projects). In
Romania there are three (3!) separate age-verification proposals in the
legislature. WMROMD <https://romd.wikimedia.org/wiki/Pagina_principal%C4%83>
is working on public and direct communication, based on the notion of
“protecting
and empowering children online
<https://wikimedia.brussels/protecting-and-empowering-children-online-a-wiki…>
”
== Franco-German Digital Summit ===
Germany and France are preparing a high-level, politically very symbolic
Franco-German Digital Summit
<https://dig.watch/event/summit-on-european-digital-sovereignty> on 18
November. There will be many sessions on digital sovereignty, as one might
expect.
—
Ahead of the summit the German government has signalled it wants the AI
Act’s obligations to be delayed and to be clarified so it makes the lives
of entrepreneurs and enterprises easier. Germany is also eyeing another
simplification of the GDPR.
—
France is mostly pushing for age verification and “making big tech pay”.
However the French position can be considered a bit weaker, seeing the
inability to show off a stable government, budget or parliamentary
majority.
—
Wikimedia Deutschland will be present and Wikimedia will join a call to
advance open-source, public interest AI, including specific ideas how to do
so. Watch this space.
== DSA Data Access ===
A delegated act
<https://digital-strategy.ec.europa.eu/en/library/delegated-act-data-access-…>
on how researchers should be given access to Very Large Online Platforms
(VLOPs) to study systemic risks came into force.
—
It specifies that researchers must file requests for data to the national
authorities first, which then decide whether to pass on their petitions to
VLOPs. Researchers must provide information about their funding and
research questions.
—
It is not the most important development in the world right now, but still
important to note. Data about Wikimedia projects is mostly open by default.
Still, some requests might add considerable workload on the Wikimedia
Foundation or raise questions about which information could potentially
harm volunteers if disclosed.
—
Recommended read: A deep-dive
<https://verfassungsblog.de/dsa-platforms-digital-services-act/> on
studying platform by using DSA provisions by Daphne Keller.
*=== END ===*
--
Wikimedia Europe ivzw