Skip to Content

Government Surveillance

The Problems With the Levy / Robinson UK Paper on Protecting Children from Online Sexual Abuse

CDT’s and other civil society experts’ recommendations continue to be ignored

A new paper by two officials at the UK’s cyber intelligence agency, the GCHQ, and the UK’s National Cybersecurity Centre, offers guidance to tech companies on how to protect children from online sexual abuse. In the analysis, Dr. Ian Levy and Crispin Robinson focus solely on end-to-end encrypted systems and claim that techniques from content scanning to secure enclave computing are compatible with end-user privacy, which experts have consistently rejected

The UK has funded development of technology prototypes that implement the suggestions in this new paper. About such efforts, we recently wrote, “To the UK: An Encrypted System That Detects Content Isn’t End-to-End Encrypted.”

While we and other experts were pleased to have been invited to participate in a consultative process related to the report, key recommendations we made are not reflected in the final report. Below is a letter drafted and signed with other scholars and civil society experts who were consulted prior to publication, making our position on the report clear:


Jul 20, 2022

Dear Ian and Crispin,

We want to recognise the importance of your effort to find nuance and deeper analysis of the debate with this paper. It is the views of the undersigned, who have participated in confidential discussions with you about the content of this paper, the Tech Safety Challenge and the REPHRAIN framework, that 1) the systemic security vulnerabilities that would be introduced to confidential communication services by these proposed solutions would fundamentally disrupt the trust relationship between users and service providers and 2) the proportionality principle has not been met in order to restrict authorities in the exercise of their powers.

We recommend that you directly acknowledge these as gaps in the executive summary, analysis and conclusions:

  • Include explicit acknowledgement that measures and techniques are “incompatible with end-to-end encrypted systems”.
  • Include explicit acknowledgement that measures and techniques are “not proportionate”.

It is a relief to acknowledge and recognise the irreconcilable shortcomings of artificial intelligence and machine learning techniques to identify known and novel objectionable content on end-to-end encrypted platforms. We would recommend you extend this acknowledgement of shortcomings to include end-user device applications, otherwise known as client-side scanning.

We kindly request that you include this response in the publication as an appendix.


Mallory Knodel, Center for Democracy and Technology 

Richard Wingfield, Global Partners Digital 

Jean-Christophe Le Toquin, Encryption Europe 

Mark Johnson, Big Brother Watch