When we were in Lisbon, we had to take a cab because of a transit strike. Elke asked the driver whether he spoke English, and indeed, like most people in Lisbon, he did. From there, we had a lively conversation about life in the city, with its ups and downs.

This reminded me of a science fiction story we both read in the early 90s, in which the narrator instructed a robotic driver “with conversation.” Curiously, both a self-driving car and a chatting computer are no longer science fiction in 2026.

“With conversation” has since become a running gag between Elke and me in these situations. But which story is it from?

Surely, ChatGPT knows, so I asked when we stopped at a street café later that day. Aside from the quote, I remember quite a few story details: The narrator visited a friend who had become incredibly rich by inventing a universal material based on water. I also recalled that it had a Russian angle (like many SF stories).

ChatGPT rattled off a series of stories, none of which matched. One was The Water Statues by Fletcher Pratt from New York. While not Russian, it was close to Russian sci-fi of that era. That sounded specific enough that I let it be and moved on.

Back home, I followed up and learned that Fletcher Pratt had never written a story titled The Water Statues. There is a book with that title by Swiss author Fleur Jaeggy, but it is not science fiction.

So back to square one. I remembered that the book containing the story was called Das Mädchen am Abhang (“The girl at the slope”). A Google search revealed the author’s name. From there, ChatGPT finally identified the story as Die Flüssige Materie (The Liquid Substance) by Ilja Warszawski, which has never been translated into English and hence eluded the internet and AI.

It’s fascinating that a published story that has become so ingrained in Elke’s and my memory is largely obscure to the rest of the world. 

Building on American cloud is the easy choice, which is exactly why almost everyone makes it. One account at Amazon, Google, or Microsoft and you get the whole stack in one place: compute, database, storage, DNS, email, all of it wired together, billed on one invoice, documented to death. It is a genuinely excellent product. It is also where PlantLab started.

It doesn't run there anymore. The diagnosis API, the database that holds your history, and the services around them now run on European infrastructure, and the live path a request travels – upload, inference, response, storage – never leaves the EU. That was not the easy choice. I want to explain why I think the easy choice and the right one were two different things here.

---

The all-in-one pitch is real, and it's the trap

The reason a hyperscaler is so easy to build on is that it has already solved the hard part for you: integration. You don't think about how your database talks to your storage, or whether your email provider and your DNS provider have ever heard of each other. One vendor owns all of it, so it all just fits. For a solo founder with limited hours, that convenience is worth a lot.

The catch is what you hand over in exchange. Your data, and the rules that govern it, now live inside one American company's estate, under one country's legal reach, no matter which “region” you tick in the console. An EU region of a US cloud is still a US cloud. The convenience and the loss of sovereignty are the same decision – you can't take one without the other.

For a lot of software that trade is fine. For a tool that gets handed photos from real, often licensed, grow rooms, I didn't think it was.

---

Europe is fractured, and that's the whole point

Here is the honest part nobody puts in the brochure: there is no European hyperscaler. There is no single EU console where you tick a box and get a sovereign, all-in-one stack. So you build it the hard way – you assemble it.

You host compute with one provider in one country. You find a separate DNS and content-delivery company in another. You put your database and transactional email with providers in a third. And before you trust any of them you do the unglamorous research: is this company actually European-owned and European-hosted, or is it a US firm with an EU postcode? Where does the data physically sit? Who can be compelled to hand it over, and under whose law? More vendors, more contracts, more reading, more things that can break.

That fragmentation is real, and it is the cost of sovereignty. The single invoice is convenient precisely because one entity controls everything. The moment you insist that no single entity should, you inherit the work of stitching independent pieces together yourself. I think that work is the point, not a bug to be engineered away.

---

What the assembling actually produced

Here is where things stand now. Three countries, several independent European providers, deliberately not one console:

Layer	Where it runs now
Diagnosis API (the inference itself)	Germany
Database (your history, account, keys)	France
Transactional email	France
DNS and content delivery	Slovenia
Web analytics	EU-hosted, cookieless
Uptime monitoring	France

The cutover was the careful kind. I ran the new European stack alongside the old one, sent real traffic through it, and verified end to end that a diagnosis written on the new infrastructure could be read back correctly, including the parts that are encrypted at rest. Only then did production point at it. The old environment is still sitting there, frozen, as a rollback target for a while longer, because turning the lights off the same day you cut over is how you turn a migration into an incident.

In an earlier post on data privacy I said this move was in progress and was careful not to overclaim it – the core diagnosis API still ran on a US cloud at the time. That caveat is gone now. The whole live path is European.

---

Why the hard road

I didn't do this for a marketing line, and I'm wary of anyone who treats “EU-hosted” as a badge. I did it because of what a plant photo actually is.

A photo of a flowering plant gives things away – that you grow, the kind of setup you run, and across enough images, the scale of it. For a licensed European operation that is commercially sensitive information sitting inside a regulatory frame. The question that operator asks before sending anything real is simple: where does my data live, and whose rules govern it? “On servers in Germany, under EU law, with no single foreign company holding the whole stack” is a different answer than “somewhere in a US cloud's European region.”

There is a regulatory tailwind too. Europe's high-risk AI obligations come into force in August 2026, and the broader direction on privacy keeps moving toward stronger consent and more transparency, not less. Building here now, while PlantLab is small and the change is cheap, beats retrofitting it under a deadline later. But the regulation is the tailwind, not the reason. None of this makes PlantLab a compliance product, and you should distrust any small tool that claims a certificate.

The reason is plainer than that. Data sovereignty, privacy, and digital rights belong to the person whose data it is – not to whichever cloud happens to be cheapest to build on. Most companies build on US infrastructure because it's easy and it works, and I understand why. I took the harder, more fragmented road because, for a tool handling this kind of data, the user is the one who matters most. The convenience was mine to give up. The data was never mine to be casual with.

---

What this changes for you

For most people using the API, the answer is: nothing you have to do, which is the point. The endpoints are the same, your API key is the same, the response format is the same. Inference still runs in milliseconds – the model didn't change, only the building it runs in. A migration you have to think about is a migration done badly.

What it changes is what's true underneath:

• Your diagnosis data is processed and stored in the EU. The live request path stays inside European infrastructure from upload to response, across providers that no single foreign entity controls.
• Sovereignty is distributed on purpose. No one company holds your data, your DNS, and your delivery layer at once. That's harder to run and harder to compromise wholesale.
• The privacy controls travel with it. Bounded, opt-in retention and encryption of the sensitive diagnosis fields ride on top of the move. Where your data lives and how it's held now point the same way.

If you opt in to contributing diagnoses on the free tier, those images are kept in EU storage as well. The default is still minimization: opt-in, bounded, then deleted.

---

Stated accurately, not stretched

“EU-based” is a phrase that gets stretched until it means a billing address. I'd rather it mean something concrete. Here it does: the request that carries your plant photo is served from Germany, your history is stored in the EU, traffic is measured by cookieless EU analytics, and uptime is watched by EU monitoring – each from an independent European provider. The live path your data travels, in real time, is European end to end. That's the claim, and it's a specific one.

---

PlantLab is free to try at plantlab.ai. Three diagnoses a day, results in milliseconds. The full API documentation, including data handling details, lives at plantlab.ai/docs.

---

FAQ

Where does PlantLab run now?

The diagnosis API is served from Germany, the database and transactional email are in France, and DNS and content delivery run from Slovenia. Analytics are cookieless and EU-hosted, and uptime monitoring runs from France – each from an independent European provider rather than a single all-in-one cloud. A diagnosis request stays inside the EU from upload to response.

Why not just use a US cloud's European region?

Because an EU region of a US company is still governed by that company and, ultimately, by US legal reach over it. Using independent European providers keeps the data physically in the EU and out of any single foreign entity's control. It's more work to run, which is the trade I chose to make.

Did the API change? Do I need to update anything?

No. The endpoints, your API key, and the response format are unchanged. Inference still runs in milliseconds. The move was designed to be invisible to integrators – nothing in your code needs to change.

Why does this matter for cannabis growers specifically?

A plant photo can reveal that you grow, the kind of operation you run, and at scale, how large it is. For a licensed European operation that's commercially sensitive and sits inside a regulatory frame. Data stored in the EU under EU law, across providers no single foreign company controls, is a stronger answer to “where does my grow data live” than data in a US cloud.

Does this make PlantLab GDPR or EU AI Act compliant?

EU-based infrastructure supports those goals but isn't a certificate, and no honest small tool should claim one. PlantLab pairs EU hosting with bounded opt-in retention, encryption of sensitive fields at rest, and cookieless analytics – controls that move in the same direction the regulation does.

---

Related reading: – A Plant Photo Says More Than You Think: Privacy by Design at PlantLab – What we keep, for how long, and why – How PlantLab Knows When It Might Be Wrong: The reliability_score Field – The trust signal on every diagnosis – What's Wrong With My Cannabis Plant? A Visual Diagnosis Guide – The grower-facing diagnostic hub

Today's MLB Game of Choice...

...in the Roscoe-verse, weather permitting of course, will have my Texas Rangers playing the Cleveland Guardians. This game is scheduled to start at 6:35 PM CDT. I'll be following the radio call of the game on 105.3 The Fan, DFW's Sports Station.

And the adventure continues.

Dionne Brand writes that every map a Black person makes begins at the door of no return — the rupture where the connection to origin was severed, where the Atlantic became the site of a dispossession so total that what it organized was not a journey with a destination but a navigation from a breaking that has no other side. The door does not draw you back through it. There is no back. What it produces instead is a particular structure of navigation: the body moving through geographies it did not choose, on land it arrived to under conditions not of its choosing, making maps from a point of irresolvable loss rather than from a legible origin. The water is where this structure is felt most honestly — not because it holds what was lost or promises what was severed, but because it is where the breaking happened and keeps happening, the ongoing condition of dispossession that the body is inside whether or not it has language for it. The St. Lawrence running east toward the Atlantic is not pulling the body toward something waiting on the other side. It is the body registering, near this specific water in this specific diaspora geography, the structure that has been organizing its navigation all along — the triangular piece of ice that pointed east from this river on a blustery February morning, the eastward orientation I keep returning to without deciding to, the body finding the water cities not because they were calling but because it is navigating from a rupture that makes every geography partial, every belonging conditional, every map a document of what cannot be returned to as much as of where you are. The body near Tiohtià:ke’s water, carrying what Kjipuktuk drew out of it, living inside Sharpe’s weather, navigating from Brand’s door — these are not separate conditions pressing on the same body but one condition, the structure of Black life in diaspora, felt here at the water’s edge.

I was thinking back to around the time that the very first COVID lockdown came into effect. I recall seeing a government person on a video talking about the moment when he first realized how serious of a problem it was. He said that moment came for him when there was a meeting with health officials, and they had showed him the numbers and projections and things.

For me back then, that moment came prior to the first lockdown. It was when I saw images online of streets in a city in China being hosed down with disinfectant by crews wearing hazmat suits. That disturbed me at the time, and I suspected it was going to be a huge deal. And it was.

I had a similar moment more recently when I became aware of bad things coming. I saw video of a moron on a stage with a chainsaw. My thought was, “nice to see that they are taking the leadership job seriously.” I just knew right then that the regime would take the shit show from swirling in the bowl, to gurgling down the pipes into the sewer. And their incompetence is dragging the rest of the world down with them.

How can I view it otherwise when news around the world shows that the race between absurdity like that, and hope for a better future is still a close race?

And just think, that same chainsaw wielding idiot is soon going to be the world's first trillionaire. My spellcheck doesn't even know the word. I agree with you, spellcheck. That word should not exist. The word billionaire should also not exist. Both are ridiculous. If my yearly wage was fifty thousand dollars a year, and if every cent could be saved, it would take twenty million years to reach a trillion dollars.

What are we supposed to feel about one 'person' worth a trillion dollars? Are we supposed to envy it? Are we supposed to view this as a great human milestone or accomplishment? This is no accomplishment. It is disgusting, a fail, when one gets to have so much while billions struggle to survive. It symbolizes a failure of a society with a failure of an economic system that allows things like him, and other ultra wealthy losers, to exist.

Mitte Mai wollte ich sagen, wie es rollenspielerisch mit mir weitergeht. Der Mai ist vorbei, also Zeit, Tacheles zu reden. Ich ziehe mich weitestgehend aus allen Sachen zurück. Damit sind alle Runden und auch mein Engagement auf WE20 gemeint. Eigentlich werde ich in den nächsten Monaten mehr freie Zeit haben als vorher, ABER ich werde sie nicht frei planen können. Das heißt, ich würde unzuverlässig sein, Runden kurzfristig absagen und Deadlines nicht einhalten. Ist ungeil!

Trotzdem will ich spielen, und wo ein Wille ist, findet sich mitunter auch ein Weg. Ich werde spontanere Runden anbieten. Gerade bei PbtA-Sachen geht das ja klar. Cthulhu-Szenarien werde ich auch wieder anbieten, nur eben nicht Wochen im Voraus.

Gut, so weit dazu. Thema Blog und Bloggen. Seit ich wieder angefangen habe zu bloggen, hatte ich Schwierigkeiten. WordPress fühlte sich behäbig an, und auch die Themen, über die ich schreiben wollte, passten für mich nicht in (m)einen Blog, fand ich. Auf WE20 habe ich dann einfach mal gefragt, wie andere Blogger oder Blogleser das so sehen. Und Clawdeen hat mich an etwas erinnert: Blogs sind eigentlich persönliche Weblogbücher. Sie dokumentieren meine Streifzüge durchs Web oder eben meinen Spaßkosmos (Pen & Paper, Horror und so weiter). Diese Sichtweise macht viel aus, beim Schreiben, aber auch beim Lesen, denke ich zumindest.

Das Schreiben eines Blogs soll Spaß machen und sich nicht anfühlen, als müsse man am nächsten Tag ein Referat halten – sofern Referate halten nichts ist, das euch Spaß macht! Und das Lesen eines Blogs sollte auch unterhaltend sein. Ich habe zum Beispiel immer mal wieder fefes oder Anke Gröners Blog gelesen, obwohl ich weder ITler noch Kunsthistoriker bin, eben weil mich die Blogs unterhalten haben (beide derzeit nicht erreichbar).

Langer Rede, kurzer Sinn: Ich werde hier künftig kurze Beiträge posten und auch nicht themenagnostisch sein, wobei ein großer Teil meines privaten Lebens mit Horror zu tun hat … Also, ähm … ich mag das Genre. Türlich auch Pen & Paper und ja, vielleicht auch Bücher aus anderen Bereichen. Auf WE20 gibt es einen nigelnagelneuen Buchclub, und ich überlege, auch hier darüber zu schreiben oder einen neuen Blog über write.as zu machen. Was man als Leser nämlich vielleicht nicht wahrnimmt: Eigentlich sind Blogs hier nur einen Klick voneinander entfernt, fast wie Kategorien in WordPress, nur anders.

Aber ich möchte natürlich auch tiefer in die Materie von Rollenspielen eintauchen. Ich werde weniger spielen, aber trotzdem nicht das Hobby aufgeben. Für die umfangreicheren Artikel habe ich mir einen Digital Garden zugelegt, ein Obsidian-Vault, das ich mit GitHub, Vercel und einem Plugin öffentlich mache. Das Ganze ist noch im Werden.

I watched the movie obsession today with some friends, and while I knew that it was a horror movie, and that there were several dark topics, I didn’t expect there to be a scene where, spoiler, he tried to commit suicide in the bathroom with pills. I don’t like to really use this word or admit it I guess, but I think I got triggered by that. Immediately felt like the depression part of my brain started to take over, and aggressively. When it got to the part where she was holding him crying as he dies in her arms, I couldn’t help but remind myself about how no one would do that for me. I know it’s also not true but it was just such a dominating thought in my head. I remembered how I tried to kill myself the same way, and I just physically started to shut down. The movie ended, and people started getting up and the lights turned on, but I couldn’t help myself but stare at the screen and not move. I started to panic a little bit because I knew that my friends would want to talk or something like that and I would’ve be able to because I was frozen and I kept trying to get myself to break out of it, but I would not. After I dropped off my friend, I just kind of sat there numb, and I had to consciously not do anything reckless while driving back. It honestly hurt to watch that scene.

There is a certain strength that comes from learning how to protect yourself. But there is an even greater strength that comes from realizing you were never really protecting yourself at all… you were shrinking.

Making yourself smaller on the outside while carrying entire worlds within. Watching everything. Noticing everything.

You become so familiar with pain that you can recognize it in other people without them ever speaking a word of it. You learn how to read a room before you enter it. You know who feels like safety and who feels like danger. Who carries warmth and who carries harm.

You become so good at seeing what others hide that it unsettles anyone who gets close enough to catch even a glimpse of you. And when they do, you run.

But what happens when someone feels familiar in all the right ways? When every instinct tells you to leave, yet something in you wants to stay even for just a little while.

And somehow they are so much like you that they bolt first.

A deep understanding between two people who never gave themselves a chance because fear arrived before trust ever could. Yet they remain connected in ways neither of them fully understands. The kind of ways only visible to those who have spent so long broken that they can no longer look away from what is real.

It’s the kind of understanding that is rarely spoken, but deeply felt. The kind that sits beneath every conversation, every silence, every goodbye.

And maybe that’s what makes it so terrifying.

Some teach you things. Others force you to learn things on your own.

Like a child left out in the rain without a coat, eventually you get sick from being cold for too long.

Abuse disguised as protection. Protection from who? From what?

When outside felt safer than inside, although outside came with its very own abuse and being far away felt more peaceful than being close, even though closeness was all you ever wanted.

Maybe that’s why you did what you did. Why you accepted what you accepted.

Abuse disguised as protection in such devastating ways that the mind fogs it over just to survive. It buries the truth, softens it, hides it from itself. Until one day it begins to untangle. Piece by piece, everything returns.

And it always seems to happen later. Later, when you’ve already lost so much. Later, when there’s no railing left to grab onto, nothing to keep you from falling. The truth finally arrives, and you’re left standing in the wreckage of everything it took to uncover it.

But that’s where the beauty begins. In the truth.

Pain is only believed when it performs according to expectations. Suffering that interrupts narratives, is seen as deception. Not because it lacks evidence, but because it disrupts order. People confuse clarity with honesty, forgetting that exhaustion erodes language before it erases reality. Discomfort produces doubt faster than evidence produces belief, and those who need the most care are often asked to prove this best. Belief is granted to those who remain palatable, who soften their pain so it is easily digested. What cannot be consumed politely is rejected. And somewhere in all of this, belief ends not where truth falters… but where inconvenience begins.

But what are you supposed to say? Where do you even begin? How do you explain something that has lived inside of you for so long that you’ve built an entire life around not speaking it?

How do you tell people that the mask was always just a mask? That the smile was practiced, the strength they admired was survival and that everything you’ve done to keep moving forward has contradicted the truth so deeply that if it ever slipped out, it would sound like a lie?

They take what isn’t theirs and leave you carrying the weight of it. They invade every corner of who you are until there’s so little of you left that you’re afraid to let anyone get close enough to see it. Close enough to hear it.

They teach you to question yourself. To doubt your memories, your feelings, your own truth. And after a while, the silence becomes its own kind of home.

So you become guarded. Not because you want to be but because it feels safer. You build walls so high that nothing can get in. The problem is, nothing can get out either.

But still, you love.

God, how you love.

You give pieces of yourself away even when you’re running on empty. You keep showing up. You keep trying. You keep hoping that one day someone will see past the walls without tearing them down.

But the damage lingers. It follows you into every relationship, every conversation, every moment where someone gets too close. And sometimes the fear is so much louder than the truth that you push people away before they ever have the chance to stay.

Because when you’ve spent years hiding the truth to survive, there comes a point where you don’t know whether you’re protecting it, or protecting everyone else from it.

A trust and safety analyst in a building somewhere in continental Europe arrives at her desk on the morning of Saturday 4 April 2026, opens her review queue, and finds it changed in a way that the interface does not visibly reflect. The thumbnails are still there. The hash matches are still streaming. The dashboards still glow. What has changed is the legal scaffolding under her seat. As of the previous day, the temporary legal derogation that authorised her employer, a large messaging platform headquartered in the European Union, to scan its private communications for child sexual abuse material has lapsed. Her job has not changed. The work she does, the harm she stops, the cases she refers to law enforcement, all of that continues. The legal authority under which she does it has evaporated, and the replacement statute has not arrived. She is not breaking the law. She is operating in a space the law no longer addresses, doing work that until yesterday was sanctioned and is today, on a strict reading, unauthorised.

That space is not abstract. It is the operational reality, on 30 May 2026, for the trust and safety teams of every major platform with operations in Europe that has, for the past five years, voluntarily scanned interpersonal communications for child sexual abuse material under the protection of Regulation (EU) 2021/1232, the temporary derogation to the ePrivacy Directive. The Regulation was extended once, in 2024, until 3 April 2026. On 26 March 2026, after a final round of negotiations between the European Parliament and the Council collapsed without agreement, the deadline arrived and the legal cover for voluntary detection ended. The permanent successor instrument, the Child Sexual Abuse Regulation that has come to be known across European policy circles as Chat Control, remains stuck in trilogue, with the next formal round scheduled for May 2026 and a target deal by July. The interregnum is real, and the interregnum is now.

The expiry coincides, with a timing that policy specialists have called either coincidental or grimly poetic depending on their priors, with the period in which the threat the derogation was written to address has changed its character entirely. On 28 February 2026, NBC News published a long investigation by reporters who had spent months mapping the criminal-court record of AI-generated child sexual abuse material in the United States. The piece documented thirty-six state and federal criminal cases brought within the previous three years across twenty-two states, and tracked a phenomenon that the Stanford policy fellow Riana Pfefferkorn, quoted in the article, described as outrunning the legal categories themselves. Less than a month later the Internet Watch Foundation, the UK-based hotline that processes reports of online child sexual abuse, published its annual analysis of AI-generated material. The report counted 8,029 AI-generated images and videos assessed in 2025 as depicting realistic child sexual abuse. It counted 3,443 AI-generated videos, against thirteen in 2024, a year-on-year change of 26,385 per cent. Sixty-five per cent of the videos were classified as Category A, the most severe under UK law, the category that covers depictions of penetrative sexual activity, sadism, or sexual activity with an animal. Girls comprised ninety-seven per cent of the illegal AI-generated images.

That is the surface. Beneath it sit the structural changes that make the numbers an undercount. The IWF report describes the spread of Low-Rank Adaptation, the technique known as LoRA, which allows a user with twenty existing images of a specific child and fifteen minutes of compute to fine-tune a generative model into a deepfake engine capable of producing infinite further imagery of that child. It describes the appearance of clear-web AI chatbot services that encourage users to act out simulated child sexual abuse scenarios in conversation. It describes the leap from still imagery to full-motion video as a step change that erases what little forensic distance had existed between synthetic and camera-captured material. Each of these developments, taken individually, would constitute a serious escalation. Taken together, with the regulatory cover for the principal mechanism of detection withdrawn at exactly the moment they begin to scale, they constitute the most adverse moment for online child protection in Europe since the IWF began publishing comparable data.

This is the question the next eighteen months will force a decision on. If the technology that creates the harm is advancing faster than the legal frameworks that authorise its detection, and a major jurisdiction has just removed the primary mechanism allowing platforms to look for it, what does meaningful protection for children actually require, and who bears the responsibility for building it? The honest answers are unflattering to almost everyone with a hand on the problem.

The Derogation, the Vote, and the Silence That Followed

The temporary derogation has always been an awkward instrument. It was drafted in haste in 2020 after the entry into force of the European Electronic Communications Code reclassified messaging services as electronic communications, and so brought them, for the first time, within the privacy protections of the ePrivacy Directive that had previously applied only to telephony. The reclassification had the unintended consequence of rendering legally precarious the voluntary scanning that companies like Meta, Google and Microsoft had been performing for years under the looser regime that preceded it. The European Commission acknowledged the problem, and the Parliament and Council adopted Regulation (EU) 2021/1232 to grant a time-limited carve-out. The Regulation was, at the time, framed as a stopgap pending the adoption of a permanent instrument that would either consolidate the legal basis for voluntary scanning or replace it with a mandatory regime.

The permanent instrument, the proposed Child Sexual Abuse Regulation, has been in negotiation since the Commission published its first draft in May 2022. The intervening four years have been some of the most contested in modern European digital policy. The Commission's original proposal would have required providers to assess the risk of their services being used to disseminate CSAM, and where the risk was high, to deploy detection technologies. The proposal included provisions for so-called detection orders that could compel scanning of end-to-end encrypted communications, a provision that critics, including the European Data Protection Supervisor, civil society coalitions across the continent, and a significant bloc of MEPs, argued would constitute an unjustifiable mass surveillance regime incompatible with the Charter of Fundamental Rights. The Parliament's position, agreed in November 2023, narrowed the scope considerably. The Council's position, agreed under the Danish presidency in November 2025, restored elements of the broader scanning regime. The trilogue rounds that began in December 2025 have been characterised by negotiators as substantive but slow, with the third round on 26 February 2026 ending without breakthrough and the next not scheduled until early May.

The narrower question of whether to extend the existing voluntary derogation, pending agreement on the broader regulation, came to a head in late March 2026. Negotiations between the Parliament and the Council on a short extension broke down on 26 March, with the Parliament voting against a further prolongation on the grounds, articulated by privacy-focused MEPs, that an extension would relieve pressure on the broader negotiation and entrench a regime that had been intended as temporary. The vote was the end of the road for the derogation. On 3 April 2026, the legal basis for voluntary scanning of interpersonal communications in the European Union ceased to exist.

The IWF's reaction was unsparing. Kerry Smith, the IWF chief executive, described the lapse as “a devastating failure for child protection in the EU, and globally.” Dan Sexton, the IWF chief technology officer, published a blog post under the title “Europe is about to make it illegal to protect children online,” which argued that the technology companies operating in the European Union would lose, on 3 April, the legal right to search their own platforms for child sexual abuse material because politicians tasked with replacing the derogation had failed to do so. The IWF's data carries weight here that abstract argument cannot. The hotline actioned 312,030 reports in the previous year where child sexual abuse material was confirmed, a 7 per cent increase on the year before. During a similar period of legal uncertainty in 2020, before the original derogation took effect, the IWF documented a 58 per cent drop in reports of child abuse material originating from EU-based services over a period of just eighteen weeks. The drop, the IWF noted at the time, reflected a decrease in detection, not a decrease in abuse. There is no plausible reason to expect a different pattern this time.

The vote against extension was not without its defenders. The Centre for Democracy and Technology's European office welcomed the Parliament's decision as a check on the normalisation of mass scanning. Their case, which is the case privacy advocates have made throughout, is that voluntary scanning is voluntary in name only when platforms operate under regulatory pressure and reputational exposure; that the technologies deployed are themselves imprecise, with false-positive rates that generate downstream harms for innocent users; and that any regime authorising routine scanning of private communications sets a precedent that can be expanded in directions the original drafters did not contemplate. These are not frivolous concerns. They are the substance of a serious civil-liberties argument, and they have not lost their force because the derogation has lapsed.

The argument is, however, an argument about what kind of detection regime Europe should have. It is not an argument for the absence of any regime, which is the situation Europe now occupies. The Parliament's vote did not produce an alternative. It produced a vacuum, and the vacuum is being filled, on the operational level, by the discretion of platforms and the patchwork of national laws that govern child protection across the twenty-seven member states. The IWF, the NSPCC, the European Commission directorate responsible for the home affairs file, and a coalition of child-rights organisations have all argued, in different registers, that the absence of a harmonised legal basis is a worse outcome than either the imperfect derogation or the contested permanent regulation. They are not, on the evidence, wrong.

What Detection Actually Looks Like

The mechanisms the derogation authorised are less monolithic than the public debate suggests. The principal technologies are hash-matching against known CSAM datasets, classifier-based detection of previously-unseen material, and behavioural analysis of grooming patterns in text-based communication. Each operates differently, generates different categories of false positive, and carries different implications for the privacy of users whose communications pass through them.

Hash-matching, the workhorse of the field for over a decade, depends on shared databases of known abuse imagery maintained by organisations like the IWF and the US National Center for Missing and Exploited Children. The image to be scanned is reduced to a perceptual hash, a numerical fingerprint that survives common transformations like resizing or recompression. The hash is compared against the database. A match flags the image for review. The system works well for known material because the false-positive rate, in the best implementations, is extremely low. It is useless against material that has not previously been seen and registered.

Classifier-based detection addresses that gap. A machine-learning model, trained on labelled examples of CSAM and non-CSAM, returns a probability that a given image is abuse material. The classifier can flag new content for human review. The false-positive rate is higher than for hash-matching, because classifiers operate on the statistical patterns of the training distribution rather than on identity-level matches. Behavioural analysis, the third category, looks for the conversational patterns associated with grooming, with similar trade-offs.

The volume the system handles is hard to overstate. Thorn, the child-safety non-profit founded by the actors Ashton Kutcher and Demi Moore, reports that its Safer classifier product has processed 658.6 billion files and 334 million lines of text since 2019, resulting in the detection of more than 12.4 million potential CSAM files and nearly 1.4 million instances of potential child exploitation. The NCMEC CyberTipline received 21.3 million reports in 2025, encompassing 61.8 million images, videos and files. Of those reports, approximately 1.5 million had a nexus to generative AI, with the categories breaking down across CSAM appearing in AI training data, generated or possessed AI CSAM, prompts attempting to elicit CSAM, and altered or manipulated existing CSAM files. Online enticement reports, including sextortion, reached 1.4 million, a 156 per cent increase on 2024.

These are not numbers a discretionary, post-hoc, human-only review can address. They are the operational baseline of a global industry whose ability to find children at risk depends on automated triage at every stage of the pipeline. When the legal authority for that triage is withdrawn in a jurisdiction the size of the European Union, the consequence is not that detection becomes manual. The consequence is that detection becomes selective, fragmented, and dependent on the legal interpretations of individual platform counsels who must decide, in the absence of harmonised cover, whether and on what basis their scanning operations can continue.

The Synthetic Flood

Into this volume, and into this newly precarious legal environment, has arrived the second crisis: the production at scale of imagery that is indistinguishable, to both human reviewers and existing detection systems, from photographs of real children, and which is not in fact photographs of real children at all. The category goes by various names in the trade: AI-generated CSAM, synthetic CSAM, AIG-CSAM. The producers do not care what it is called. The detection pipelines do.

The mechanism is now widely understood. A user with access to an open-source diffusion model, a small dataset of training images, and the technical literacy to operate a LoRA fine-tuning workflow can produce a personalised generator capable of synthesising indefinite quantities of imagery on demand. The compute requirements have fallen below the threshold of consumer hardware. The technical knowledge has been democratised through tutorials hosted on forums that are themselves often dedicated to the production of the resulting material. Thorn's research, summarised in their 2026 reporting on synthetic abuse, finds that one in ten minors say they personally know someone who has used AI tools to generate nude images of other children. The phenomenon is not confined to dedicated dark-web communities. It is in schools. It is in peer groups. It is, by the testimony of teachers and school safeguarding leads who have spoken on the record to UK and US outlets, a problem for which institutional response has not yet been developed.

Thorn's analysts have drawn the structural implication explicitly: the eliminations of contact abuse as a necessary precursor to the production of exploitation material. Historically, the production of CSAM required, in the technical sense, the abuse of an actual child. The image was a record of a crime that had occurred. The detection of the image was therefore also, in a meaningful sense, the detection of the abuse, and the rescue of the depicted child was a tractable goal of the investigative work that followed. The arrival of generative models capable of producing convincing synthetic abuse imagery from a model that has been trained on legal images, or that has been bootstrapped from a small set of photographs of an identifiable child obtained from social media, severs that link. The imagery exists. There may be no child to rescue, because the child in the image was never abused in the production of it. Or there may be a child to rescue, because the imagery has been produced with the explicit intent of extorting or coercing a real person whose photographs have been used as training data. The two categories cannot, on the face of the image, be distinguished.

The consequence for the detection pipeline is what investigators have come to describe, in interviews with technology and policy reporters across the past year, as a flooding problem. The volume of synthetic material entering review queues threatens to overwhelm the capacity of human analysts to triage it. Each item still requires assessment. Each assessment still consumes attention that, in an unbounded queue, is taken away from the assessment of material that may depict a real, identifiable child whose location can be determined and whose abuse can be stopped. The economic logic of the trust and safety function tips, under such conditions, toward the deprioritisation of marginal cases. The marginal cases include exactly the cases where rescue is still possible, and where the cost of failing to identify a real victim is highest.

The detection community has responded with the only tool it has, which is more AI. The US Department of Homeland Security's Cyber Crimes Center awarded a $150,000 contract in late 2025 to the San Francisco-based firm Hive AI for software designed to identify whether a given image was AI-generated. Kevin Guo, the Hive AI co-founder and chief executive, has described the underlying approach as the identification of pixel-level patterns characteristic of synthetic generation, patterns that the company's classifier has been trained to detect across the broad family of contemporary generative models. The tool sits alongside Hive's hash-matching system, which assigns unique identifiers to known CSAM, and which has been developed in collaboration with Thorn. The integration is necessary. Neither tool, alone, can address the combined problem of known abuse, novel abuse, and synthetic material that mimics both.

The technical viability of AI-versus-AI detection is, on the evidence to date, real but bounded. The detectors do not have the generality of the generators. A new model architecture, a new training procedure, a new post-processing pipeline can produce imagery whose statistical signature falls outside the distribution the detector was trained on. The arms race is, in the technical sense, asymmetric. Generators improve continuously and are released, in many cases, into the open-source commons where they cannot be recalled. Detectors must be retrained against each new generation. The lag between the appearance of a new generator and the deployment of an effective detector against it is the window in which synthetic material flows unimpeded into the pipeline. The window does not, at present, close.

The Platforms in the Middle

Telegram, on 21 April 2026, became the highest-profile object of UK regulatory scrutiny in the period covered by this article. Ofcom, the communications regulator that holds enforcement authority under the Online Safety Act 2023, opened a formal investigation into Telegram Messenger Inc., examining whether the platform had met its illegal-content safety duties in relation to child sexual abuse material. The investigation was triggered by evidence from Ofcom's own assessment of the platform and by referrals from the Canadian Centre for Child Protection. Compliance failures under the Act can result in fines of up to £18 million or 10 per cent of qualifying worldwide revenue, whichever is the greater, and Ofcom has the further power to apply to UK courts for business disruption measures that could require payment providers, advertisers, or internet service providers to withdraw services from a non-compliant platform.

The NSPCC's response to the investigation was supportive and specific. Rani Govender, the associate head of policy at the charity, said the scale of the abuse on the platform was stark and that the charity strongly welcomed Ofcom ramping up its enforcement. The position is consistent with the NSPCC's longer-running argument that there should be no part of any messaging service where perpetrators can act without detection, a position the charity has held throughout the Online Safety Bill's passage and during the early phase of its operationalisation. Telegram itself rejected the framing of the investigation, asserting that it had made significant strides since 2018 to nearly eliminate the public distribution of CSAM through sophisticated detection algorithms and collaborations with non-governmental organisations, and noting that it had joined the Internet Watch Foundation in December 2024 and deployed detection tools on its public channels.

The Telegram case sits inside a broader pattern of Ofcom enforcement that has accelerated through the spring of 2026. The regulator opened an investigation into X in January 2026 concerning the use of the Grok AI chatbot to generate sexually exploitative content. It opened investigations alongside the Telegram probe into the platforms Teen Chat and Chat Avenue over alleged failures to prevent grooming. It issued direct demands to Facebook, Instagram, Roblox, Snapchat, TikTok and YouTube for child-safety evidence by 30 April. The cumulative effect is to establish the UK as the most active regulatory jurisdiction in the developed world on platform-level CSAM enforcement, at exactly the moment that the EU has retreated from its own equivalent regime.

OpenAI's intervention, on 8 April 2026, took a different form. The company published a document called the Child Safety Blueprint, developed in consultation with NCMEC, the Internet Watch Foundation, and the Attorney General Alliance's AI Task Force, whose co-chairs Jeff Jackson of North Carolina and Derek Brown of Utah are named as contributing partners. The blueprint sets out three priority areas: the updating of legislation to cover AI-generated abuse material; the refinement of reporting mechanisms to law enforcement; and the integration of preventative safeguards into AI systems themselves. The company acknowledged, in figures included in the accompanying materials, that it had submitted eighty times more exploitation reports to NCMEC than in the prior year, a number that admits of two interpretations. The first is that its detection has improved. The second is that the volume of attempted abuse on its platforms has scaled accordingly. The two interpretations are not mutually exclusive.

The blueprint is, at one level, an exercise in industry leadership that takes the problem seriously and that engages constructively with the regulatory partners best placed to act on the information it provides. At another level, it is a document published by a single firm, in the absence of any binding cross-industry framework, that asks regulators and legislators to do work that the firm itself cannot do. The IWF's reporting indicates that 8,000 AI-generated CSAM reports were recorded in the first half of 2025 alone, a 14 per cent year-on-year increase, and the proliferation of open-source models means that the contribution of any single model provider to the overall problem is bounded by the contribution of every other model provider, regardless of how seriously each takes its own role. The blueprint is necessary. It is not sufficient.

The Question of Responsibility

The accountability question that the simultaneous expiry of the derogation and the scaling of synthetic abuse pose is one the existing institutional architecture is poorly equipped to answer. The candidates for primary responsibility include, in no particular order: the platforms that host the content; the model providers whose systems are used to generate it; the regulators who set the framework within which the platforms and models operate; the lawmakers who, at the EU level, have failed to replace the lapsed derogation with a workable successor; the hash-matching providers and child-safety hotlines whose pipelines are being flooded; the law-enforcement agencies whose victim-identification work is being undermined; and, in the limit, the users who produce and distribute the material itself.

The platforms argue, with some justification, that the regulatory framework within which they operate has been unstable for the past decade and is now, in the principal European jurisdiction, absent. The model providers argue, with less justification given the trajectory of the technology, that the open-source ecosystem within which much of the harmful generation occurs is beyond their direct control, that their own commercial products incorporate safety measures, and that the responsibility for downstream misuse lies with the user. The regulators argue, where they are willing to argue, that they enforce the laws that exist and cannot substitute for the legislative process. The lawmakers argue, where they argue at all, that the trade-offs between privacy and child protection are genuinely difficult and that the political process is the appropriate forum in which to resolve them. The hotlines argue, increasingly publicly, that the system they are asked to operate has been overwhelmed and that their warnings have been ignored. The law-enforcement agencies, in the figure of the various national crime agencies and Europol-affiliated units, argue that the resources available to them are not commensurate with the scale of the problem they are asked to address.

Each of these arguments is partially correct. None of them, taken alone, addresses the problem the question poses. What the question poses is the structural failure mode of a regulatory regime in which detection authority is withdrawn at exactly the moment the harm scales, in which the technology that produces the harm is advancing faster than the law that authorises its detection, and in which the human consequence (the inability to identify and rescue real victims) is borne by the children whose abuse is being depicted or whose images are being used as training data, not by the institutions whose decisions have created the gap.

The answer the question demands begins with the recognition that no single actor in the system can solve the problem alone. The platforms cannot, because they need legal cover to operate detection at the scale the volume requires. The model providers cannot, because the open-source ecosystem will continue to produce capable generators regardless of what the leading commercial firms do. The regulators cannot, because their authority extends only to the platforms within their jurisdiction. The lawmakers can, but only if they are willing to make difficult choices about the trade-offs between privacy and detection that the current political process has so far refused to resolve. The hotlines can scale detection technology, but only with the funding and the legal cover to do so. The law-enforcement agencies can prioritise victim identification, but only if the upstream pipeline delivers actionable material in a form that can be triaged.

A workable framework, on the evidence assembled in the preceding sections, would have several components. It would restore, at the EU level, a harmonised legal basis for voluntary detection of CSAM in interpersonal communications, with safeguards against scope creep that satisfy the civil-liberties objections that brought down the derogation. It would establish, at the model-provider level, binding commitments to safety-by-design that go beyond the voluntary principles articulated in the Thorn and All Tech Is Human framework and into auditable obligations enforceable by regulators. It would fund, at the hotline and law-enforcement level, the investigative capacity required to keep pace with the volume of reports the detection pipeline now generates. It would treat the distinction between synthetic and camera-captured CSAM as a triage variable, not as a legal exemption, with the production and possession of synthetic abuse material treated as serious criminal offences in all major jurisdictions. And it would, at every level, recognise that the asymmetry between the speed of technological development and the speed of legislative response is itself a structural problem requiring structural response, not a temporary mismatch to be addressed through ad hoc accommodation.

The analyst whose Saturday morning began this article is, on 30 May 2026, still at her desk. The work she does continues. The legal scaffolding under her seat remains absent. Her counterparts in the law-enforcement units that receive her referrals are reviewing review queues whose composition has changed, with synthetic material now a significant fraction of the inflow and the share of cases involving identifiable real victims a smaller fraction of the total. The IWF, the NSPCC, NCMEC, Thorn, Hive AI, and the operational teams inside every major platform continue to work on the problem with the tools that exist, the legal authorities that remain, and the budgets that have been allocated. They are not, in any meaningful sense, the parties whose decisions have created the gap. The parties whose decisions have created the gap are the legislators who failed to extend the derogation, the trilogue negotiators who have not yet agreed a successor, the model providers who released the systems that produce the synthetic material into the open-source commons, and, behind all of them, the political culture that has treated child protection as an issue to be balanced against other priorities rather than as a baseline obligation that the rest of the regime must accommodate.

The question of who bears responsibility for building meaningful protection for children does not, on a clear-eyed reading of the evidence, admit of a single answer. It admits of a distribution of responsibility across the actors who collectively constitute the system, with the heaviest weight falling on the institutions that have most explicitly chosen, through action or inaction, to allow the current state of affairs to obtain. The lapsed derogation will not extend itself. The trilogue will not resolve itself. The synthetic abuse will not abate of its own accord. The work the analyst is doing on Saturday morning will continue. Whether it continues to be authorised, funded, and supported by a regime that recognises its necessity is a choice that has not yet been made, and that the European political process, in the months remaining of 2026, is now required to make.

References

1. European Parliament. “Child sexual abuse online: current rules extended until April 2026.” 8 April 2024. https://www.europarl.europa.eu/news/en/press-room/20240408IPR20311/child-sexual-abuse-online-current-rules-extended-until-april-2026
2. Internet Watch Foundation. “EU Child Safety Crisis: The Failure to Restore CSAM Detection Laws.” 2026. https://www.iwf.org.uk/policy-work/eu/eu-failure-on-child-safety-why-csam-detection-laws-must-be-restored/
3. Dan Sexton, Internet Watch Foundation. “Europe is about to make it illegal to protect children online.” 23 March 2026. https://www.iwf.org.uk/news-media/blogs/europe-is-about-to-make-it-illegal-to-protect-children-online/
4. Internet Watch Foundation. “Harm without limits: AI child sexual abuse material through the eyes of our Analysts.” 2026. https://www.iwf.org.uk/media/hl1nvdti/iwf-ai-csam-report-2026.pdf
5. Internet Watch Foundation. “AI CSAM Report 2026: Harm Without Limits.” 2026. https://www.iwf.org.uk/about-us/why-we-exist/our-research/how-ai-is-being-abused-to-create-child-sexual-abuse-imagery/
6. Fortune. “Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year.” 3 April 2026. https://fortune.com/2026/04/03/internet-watch-foundation-260-fold-increase-ai-generated-csam/
7. NBC News. “The AI child exploitation crisis is here.” 28 February 2026. https://www.nbcnews.com/tech/security/ai-child-exploitation-crisis-rcna259409
8. Stanford Cyber Law. “The AI child exploitation crisis is here.” 28 February 2026. https://cyberlaw.stanford.edu/press/the-ai-child-exploitation-crisis-is-here/
9. Centre for Democracy and Technology Europe. “Response to the European Parliament Rejection of the Chat Control 1.0's Extension.” 2026. https://cdt.org/insights/cdt-europes-response-to-the-european-parliament-rejection-of-the-chat-control-1-0s-extension/
10. State of Surveillance. “Chat Control Dies Tomorrow: EU Voluntary Scanning Expires April 3.” 2026. https://stateofsurveillance.org/news/eu-chat-control-voluntary-scanning-expires-april-3-2026/
11. Cybernews. “Privacy vs child safety? EU to stop scanning private chats for abuse material.” 2026. https://cybernews.com/tech/eu-chat-control/
12. Bloomberg. “UK's Ofcom Opens Telegram Probe on Child Sexual Abuse Concerns.” 21 April 2026. https://www.bloomberg.com/news/articles/2026-04-21/uk-s-ofcom-opens-telegram-probe-on-child-sexual-abuse-concerns
13. The Next Web. “After X and Grok, Ofcom opens child safety investigation into Telegram.” April 2026. https://thenextweb.com/news/ofcom-telegram-investigation-csam-online-safety-act
14. Digital Watch Observatory. “Ofcom steps up child safety enforcement with Telegram and chat site investigations.” April 2026. https://dig.watch/updates/uk-target-telegram-and-chat-in-child-exploitation
15. OpenAI. “Introducing the Child Safety Blueprint.” 8 April 2026. https://openai.com/index/introducing-child-safety-blueprint/
16. OpenAI. “Protecting Children in the Age of Generative AI.” April 2026. https://cdn.openai.com/pdf/9886ee82-5a5e-4f0a-acaa-a47b01b0a68e/Child-Protection-Blueprint.pdf
17. TechCrunch. “OpenAI releases a new safety blueprint to address the rise in child sexual exploitation.” 8 April 2026. https://techcrunch.com/2026/04/08/openai-releases-a-new-safety-blueprint-to-address-the-rise-in-child-sexual-exploitation/
18. Thorn. “AI-generated child sexual abuse: The new digital threat we must confront now.” 2026. https://www.thorn.org/blog/ai-generated-child-sexual-abuse-the-new-digital-threat-we-must-confront-now/
19. Thorn. “Safer's 2025 Impact Report.” 2026. https://www.thorn.org/blog/safer-impact-report-2026/
20. Thorn and All Tech Is Human. “Safety by Design for Generative AI: Preventing Child Sexual Abuse Material.” 2024. https://info.thorn.org/hubfs/thorn-safety-by-design-for-generative-AI.pdf
21. National Center for Missing and Exploited Children. “The Work Never Stops: A First Look at NCMEC's 2025 Data.” 2026. https://www.missingkids.org/blog/2026/the-work-never-stops-first-look-at-ncmecs-2025-data
22. National Center for Missing and Exploited Children. “CyberTipline Data.” https://ncmec.org/gethelpnow/cybertipline/cybertiplinedata
23. MIT Technology Review. “US investigators are using AI to detect child abuse images made by AI.” 26 September 2025. https://www.technologyreview.com/2025/09/26/1124343/us-investigators-are-using-ai-to-detect-child-abuse-images-made-by-ai/
24. UK Government. Online Safety Act 2023. https://www.legislation.gov.uk/ukpga/2023/50/contents
25. European Union. Regulation (EU) 2021/1232 on a temporary derogation from certain provisions of Directive 2002/58/EC. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32021R1232

---

Tim Green UK-based Systems Theorist & Independent Technology Writer

Tim explores the intersections of artificial intelligence, decentralised cognition, and posthuman ethics. His work, published at smarterarticles.co.uk, challenges dominant narratives of technological progress while proposing interdisciplinary frameworks for collective intelligence and digital stewardship.

His writing has been featured on Ground News and shared by independent researchers across both academic and technological communities.

ORCID: 0009-0002-0156-9795 Email: tim@smarterarticles.co.uk

Listen to the free weekly SmarterArticles Podcast

Our Father Who art in Heaven Hallowed be Thy name Thy Kingdom come Thy will be done on Earth as it is in Heaven Give us this day our daily Bread And forgive us our trespasses As we forgive those who trespass against us And lead us not into temptation But deliver us from evil

Amen

Jesus is Lord! Come Lord Jesus!

Come Lord Jesus! Christ is Lord!

In Summary: * Shifting gears now. All that remains of this Saturday is listening to the Spurs / Knicks NBA Finals game, and working through the night prayers. No guarantees re: my finishing the NBA Game. But I WILL wrap up those prayers.

Prayers, etc.: * I have a daily prayer regimen I try to follow throughout the day from early morning, as soon as I roll out of bed, until head hits pillow at night. Details of that regimen are linked to my link tree, which is linked to my profile page here.

Health Metrics: * bw= 232.15 lbs. * bp= 164/95 (71)

Exercise: * morning stretches, balance exercises, kegel pelvic floor exercises, half squats, calf raises, wall push-ups

Diet: * 05:45 – 1 banana * 06:15 – 1 ham & cheese sandwich * 07:30 – pizza * 11:45 – beef chop suey, fried rice

Activities, Chores, etc.: * 04:00 – listen to local news talk radio * 05:00 – bank accounts activity monitored. * 05:30 – read, write, pray, follow news reports from various sources, surf the socials, nap * 11:45 to 12:45 – watch old game shows and eat lunch at home with Sylvia * 12:45 – listen to “Rain Delay Theater” on Chicago Cubs Radio Network as their afternoon MLB game vs the San Francisco Giants is currently on Rain Delay. They still hope to play the game, but rain is falling on Wrigley Field and ... we wait. * 14:20- Opening pitch has been thrown, and the Cubs / Giants game is on. * 17:20 – and the Giants beat the Cubbies, 18 to 3.

Chess: * 09:10 – moved in all pending CC games

This post forms part of the ongoing #TagHub project.

The project uses as reference data Geoscape Datasets for Australian roads and administrative boundaries. Over the years, I have worked with these datasets under commercial licence, but happily they are now available for public use under The Australian Government's Data and Digital Government Strategy. Let's take a look at them.

Geoscape National Roads

Note: National Roads © Geoscape Australia licensed by the Commonwealth of Australia under Creative Commons Attribution 4.0 International license (CC BY 4.0).

The Geoscape National Roads dataset is a digital representation of the road network of Australia, inclusive of bus ways, walking trails, cycleways, and even ferry routes. The dataset has rich metadata, inclusive of road hierarchy (e.g. national highway, arterial, local road) and travel direction. One facet I like is that each row – and its associated geometry – is defined intersection-to-intserection (e.g. an actual road might be broken into multiple rows, with each row being the segment between two intersections).

The open edition of this dataset varies subtly from the commercially licensed edition. Firstly, the metadata is almost (but not quite) identical:

• road_id – primary key
• contributor_id
• jurisdiction_control – for example Aboriginal Land Council, Botanical Gardens, Commonwealth, Council, Department of Environment and Conservation, Department of Transport, Dept of Defence, etc
• operator – for example Port Authority, SAG: Forestry SA, SAG: Water, Southern Rural Water, etc
• date_created, date_modified
• national_route, state_route
• full_street_name (upper case)
• street_name (upper case) / street_name_label (title case)
• street_type (upper case) / street_type_label (title case)
• street_suffix (upper case) / street_suffix_label (title case)
• street_alias_name (upper case) / street_alias_type (upper case) / street_alias_suffix (upper case)
• feature_type – one of DUAL CARRIAGEWAY, FERRY ROUTE, MOTORWAY, PATHWAY, RAMP, ROUNDABOUT, SINGLE CARRIAGEWAY, VEHICULAR_TRACK, or null
• hierarchy – one of ACCESS ROAD, ARTERIAL ROAD, BUSWAY, COLLECTOR ROAD, CYCLEPATH, FERRY, FOOTPATH, LOCAL ROAD, NATIONAL OR STATE HIGHWAY, SUB-ARTERIAL ROAD, VEHICLE TRACK, or null
• subtype – BRIDGE, FERRY, FIRE TRAIL, PATHWAY, RAMP, ROAD, ROUNDABOUT, TUNNEL, or null
• ground_relationship – ABOVE GROUND, BELOW GROUND, ON GROUND, or null
• lane_count – range 1-6 or null
• lane_description – ONE, TWO OR MORE, or null (note all three values apply where lane_count is null)
• one_way – ONE WAY, TWO WAY, null
• status – CLOSED, OPERATIONAL, PROPOSED, UNDER CONSTRUCTION, or null
• surface – SEALED, UNSEALED, or null
• trafficability – 2WD, 4WD, or null
• travel_direction – BOTH, FROM TO, TO FROM, null
• speed – 10 – 110, or null
• state, source – ACT, NSW, NT, QLD, SA, TAS, VIC, WA (note: no OT)
• horizontal_accuracy – range 1-250
• shape_length, shape

Secondly, there are more limited data formats and datums. My intention is to work with GDA2020 in GDB format.

Geoscape Administrative Boundaries

Note: Administrative Boundaries © Geoscape Australia licensed by the Commonwealth of Australia under Creative Commons Attribution 4.0 International license (CC BY 4.0).

The Geoscape Administrative Boundaries is a comprehensive set of national boundaries, including government, statistical and electoral boundaries.

The dataset comprises seven products:

• Localities
• Local Government Areas (LGAs)
• Wards
• Australian Bureau of Statistics (ABS) Boundaries
• Electoral Boundaries
• State Boundaries
• Town Points

The ABS Boundaries product is organised in three themes related to 2011, 2016 and 2021 boundary definitions. Of most interest to me is the 2021 ABS Mesh Blocks and Statistical Areas layer within the ABS Boundaries 2021 theme. This is described in detail on the ABS website product comprises:

• Australia
• States and Territories (S/T)
• Statistical Areas Level 4 (SA4s)
• Statistical Areas Level 3 (SA3s)
• Statistical Areas Level 2 (SA2s)
• Statistical Areas Level 1 (SA1s)
• Mesh Blocks (MBs)
• Greater Capital City Statistical Areas (GCCSAs) – not part of main structure

Like National Roads, this dataset is available only in limited datums and formats. I am going to work with GDA2020 downloaded in SHP format.

Tags: #TagHub #Geospatial #DuckDB

In the red Volvo, I was listening to Looptroop — Long Arm of the law,

It’s an awesome track,

The lyrics crack me up every time.

It’s about being oppressed by the system, and especially the police

About getting “fucked by the long dick of the law”,

And then somewhat disproportionately

Wouldn't even give me a public defender  For such a small case, not paying on the trains  Still they wanted four thousand kronors, from my bank account  I thought that was a too big amount  But the judge didn't had no sympathy on me

I love it