EuroISPA
  • About
    • Who we are
    • About our industry
    • Committees
    • Partners
    • Articles of Association
  • News and Events
  • Policy
  • Join us
  • Contact
    • Contact us
  • Menu Menu

EuroISPA Position Paper on the CSAM Regulation

18/03/2026/in 2026, News, Position Paper

As trilogue negotiations on the CSAM Regulation continue, EuroISPA considers that the final framework should fully reflect the overall aim of protecting children online while preserving the security and privacy safeguards that already apply across the digital ecosystem. It should also enable effective and consistent application of the legal and technical framework already in place, addressing genuine gaps without duplicating existing legislation. Our members, from hosting providers to CDN operators, access providers, and VPN services, already run detection and reporting systems and act as trusted flaggers under the Digital Services Act, and the Regulation should build on that engagement rather than override it.

Before introducing new obligations, the Commission and co-legislators should ensure that the technical and legal conditions for compliance are firmly established, starting with a permanent legal basis for voluntary detection rather than one based on temporary derogations. Any new obligations should remain proportionate, targeted, and technologically neutral, and grounded in evidence of a genuine gap rather than assumption.

The Commission should first assess whether the objectives can be achieved through closer alignment with existing instruments, such as the DSA, NIS2, and the e-Evidence Regulation, rather than through additional, overlapping requirements. Coherence with this existing framework, not the creation of a parallel one, should guide the Regulation’s final shape.

Our key positions:

  • Ensure the Regulation does not weaken, circumvent, or disable encryption even on a voluntary basis.
  • Include a permanent legal basis for voluntary detection directly in the Regulation, rather than relying on the temporary ePrivacy derogation.
  • Adopt a cascade approach so only the provider with direct control over the content is obligated to act.
  • Remove provisions that duplicate or conflict with the DSA, the e-Evidence Regulation, the Cybersecurity Act, NIS2, and the GDPR.
  • Align user notification and transparency requirements with the DSA instead of creating separate obligations.
  • Streamline risk assessment and categorisation using the DSA’s staggered, proportionate approach.
  • Strengthen and adequately resource national reporting hotlines and the INHOPE network.
  • Ensure judicial oversight for competent authorities and keep any list of approved technologies voluntary.
  • Avoid regulating data retention separately from the Commission’s ongoing data retention initiative.
  • Treat age assurance as an optional mitigation measure, not a mandatory obligation.
  • Align provider liability with the DSA and protect good-faith voluntary detection efforts from penalty.
  • Conduct a renewed impact assessment given how substantially the text has changed since 2022.

We invite you to read our full position paper below.

Read the Position Paper
Tags: CSAM, EU, Position Paper
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
https://www.euroispa.org/wp-content/uploads/2026/07/Data.png 1080 1920 Secretariat https://www.euroispa.org/wp-content/uploads/2020/01/logo_euroispa_4c_invers_2-300x127.png Secretariat2026-03-18 11:30:002026-07-07 14:35:08EuroISPA Position Paper on the CSAM Regulation

Search

Latest Posts

  • e-Evidence Regulation: Closing the implementation gap before August 2026
  • EuroISPA contribution to the Targeted initiative to support the CDSM review process
  • EuroISPA contribution to the proposal on the Digital Networks Act
  • EuroISPA Contribution to the proposal on CSA 2.0. and the Directive on Simplification Measures and Alignment with the Cybersecurity Act
  • Joint Industry Statement on the Digital Omnibus on AI calling for a swift agreement with simplification at its core

Tags

AI Artificial Intelligence Board Child Safety Online Child Sexual Abuse Material competitiveness Connectivity consultation Copyright Copyright infringement Copyright in the information society Directive CSA CSAM Cybersecurity Data Access Data Protection Data Retention DFA Digital Fairness Act Digital Infrastructure Digital Services Act Digital Single Market DNA DSA e-Evidence Election Encryption EU EU Elections EuroISPA Community European Commission GDPR General Meeting internet governance ISPs Law Enforcement Manifesto Online Content Online Piracy Payments Position Paper Press Release Privacy Telecoms Vision

Contact details

EuroISPA

38, Rue de la Loi
1000 Brussels

+32 2 789 6618

[email protected]

General contact information | Privacy policy

EuroISPA published its position paper on the Digital Omnibus PackageINSIGHT: AI and Copyright: Building a Balanced Framework for Europe’s Digital...
Scroll to top