EU reaches position on law protecting children from online abuse

Brussels, Belgium (PANA) – The European Union (EU) is stepping up its efforts to fight child sexual abuse and today, EU member states' representatives agreed on the Council position on a regulation to prevent and combat child sexual abuse.

The new law, once adopted, comes with obligations for digital companies to prevent the dissemination of child sexual abuse material and the solicitation of children. 

The competent national authorities will have the power to oblige companies to remove and block access to content or – in the case of search engines – delist search results. The regulation also establishes a new EU agency, the EU Centre on Child Sexual Abuse, to support member states and online providers in implementing the law.

 “Every year, millions of files are shared that depict the sexual abuse of children. And behind every single image and video, there is a child who has been subjected to the most horrific and terrible abuse. This is completely unacceptable,” said Peter Hummelgaard, Danish Minister for Justice. 

“Therefore, I'm glad that the member states have finally agreed on a way forward that includes a number of obligations for providers of communication services to combat the spread of child sexual abuse material.”

Under the new rules, online service providers will be required to assess the risk that their services could be misused for the dissemination of child sexual abuse material or for the solicitation of children. On the basis of this assessment, they will have to implement mitigating measures to counter that risk. 

Such measures could include making available tools that enable users to report online child sexual abuse, to control what content about them is shared with others and to put in place default privacy settings for children.

Member states will designate national authorities ('coordinating and other competent authorities') responsible for assessing these risk assessments and mitigating measures, with the possibility of obliging providers to carry out mitigating measures. In the event of non-compliance, providers could be subject to penalty payments.

The Council introduces three risk categories of online services. Based on a set of objective criteria (for example, its type), a service will be classified as high, medium or low-risk. Based on this categorisation, the authorities can oblige online service providers classified in the high-risk category to contribute to the development of technologies to mitigate the risks relating to their services.

According to a Council statement, online companies have to provide assistance for victims who would like child sexual abuse material depicting them to be removed, or for access to such material to be disabled. To that end, victims can also ask for support from the EU Centre.

The EU Centre will, for instance, check whether the companies involved have removed or disabled access to the item(s) which a victim wants to be taken down.

The Council also wants to make permanent a currently temporary measure that allows companies to – voluntarily – scan their services for child sexual abuse. At present, providers of messaging services, for instance, may voluntarily check content shared on their platforms for online child sexual abuse material, and report and remove it. 

This is allowed thanks to an exemption from certain rules specific to the electronic communications sector. Although this exemption is due to expire on 3 April 2026, according to the Council position, it will continue to apply. 

The new law provides for the setting up of a new EU agency, the EU Centre on Child Sexual Abuse, to support the implementation of the regulation.

The EU Centre will assess and process the information supplied by the online providers about child sexual abuse material identified on services, and will create, maintain and operate a database for reports submitted to it by providers. It will further support the national authorities in assessing the risk that services could be used for spreading child sexual abuse material.

The Centre is also responsible for sharing companies' information with Europol and national law enforcement bodies. Furthermore, it will establish a database of child sexual abuse indicators, which companies can use for their voluntary activities.

The Council position does not stipulate the location of the EU Centre; this will be decided together with the European Parliament in a separate procedure.

On the basis of today's agreement, the Council can start negotiations with the European Parliament with a view to agreeing on the final regulation. The European Parliament reached its position in November 2023.

-0- PANA AR/MA 26Nov2025