New EU "Chat Control" Doctrine Threatens Open Software

All types of Free, open software will suffer if controls intended for the App Store are forced upon non-commercial distributions. Since this has not yet been discussed in English, we offer a translation from Germany's NETZPOLITIK

Chatkontrolle: Danger Ahead for Open Software

It is now widely known that chat control would have dramatic consequences for all of our fundamental rights. However, it's impact on the open source community is hardly discussed.

There is currently a heated debate about the plans of the EU Commission and the Federal Ministry of the Interior to introduce a new mass surveillance system without cause. The main focus of the public debate is the effects that the so-called chat control would have on encrypted communication, data protection and the privacy of all of us.

On the other hand, the threatening consequences of such surveillance for programmers and providers of apps in app stores are not discussed. These would be felt above all in the open source community. The EU Commission and the federal government are showing once again that they fail to appreciate the importance of the open source ecosystem. Because the chat control would bring the principle as well as the production and distribution conditions of free software in dire straits.
Who or what is an app store?

According to Article 2.14 of the Digital Markets Act (DMA), app stores are “online intermediation services through which primarily software applications are conveyed as a product or service”. To do this, they must meet the following conditions: firstly, they must offer electronic, non-material services (Art.1 b), secondly, provide a platform for providers who make their products available to users and process the necessary transactions, and thirdly, Establish a contractual relationship between providers and users.

However, the DMA restricts this regulation to a very small number of app stores, depending on the number of users and the amount of sales. Last but not least, these include Apple's App Store and Google's Play Store.

The EU Commission's CSA regulation does not provide for such restrictions. Rather, it wants to make all app stores responsible – regardless of their size and financial resources.

Alternative app stores such as F-Droid and other open source software repositories would also be affected by the chat control regulations. They meet the above conditions in part or - depending on the design - in full. The plans for chat control thus create great legal uncertainty for these open, non-commercial offers, which are mostly operated by a community of volunteers.
App stores would have to introduce age verification

This is particularly evident in the planned age verification. Because the Commission's plans envisage that app stores will in future have to assess the risk of each app separately as to whether it is suitable for contacting children or not. The software providers should also help with this assessment, provided they have prepared their own risk assessment.

If an app can be used to contact children, app stores must ensure that children under a certain age do not have access to it. But that means nothing more than that app stores have to introduce and carry out age verification for their users. They should also show transparently how the risk assessment was carried out and what measures were taken - without jeopardizing the effectiveness of the measures, of course.

Originally published at

Republished here in the public interest.





Submitted by radio on