EU Council Fast-Tracks Chat Control 1.0 to Reinstate Messenger Scanning
EU Council Fast-Tracks Chat Control 1.0 to Reinstate Messenger Scanning
The EU Council of Ministers is utilizing a fast-track legal maneuver to reinstate a regulation allowing technology companies to scan encrypted messages for child sexual abuse material (CSAM). This move comes after negotiations for a more comprehensive and mandatory scanning framework, known as Chat Control 2.0, stalled due to significant resistance within the EU Parliament.
The Return of Chat Control 1.0
The EU Council is reactivating a transitional regulation that expired on April 3, 2026. This regulation, referred to as Chat Control 1.0, provides a legal exemption to the European E-Privacy Directive, which generally prohibits the unauthorized interception or evaluation of communication content and traffic data.
By reinstating this exemption, the EU Council allows internet-based communication services—including messenger apps, webmail, and VoIP telephony—to voluntarily use AI and hash matching to search private chats for known abuse material or grooming patterns. This is designed to close a legal loophole that emerged when the original temporary exemption expired in the spring.
Legislative Tactics and the 'Fast-Track' Procedure
The EU Council is employing a specific legislative strategy to bypass traditional democratic hurdles and pressure the EU Parliament:
- Form over Extension: Because an expired regulation cannot be formally extended, the Council has introduced a new legislative proposal that is nearly identical in content to the previous regulation but different in form.
- Urgent Procedure: The draft is scheduled for the EU Parliament's agenda as an urgent procedure immediately before the summer break. This timing is intended to secure a vote when many Members of the European Parliament (MEPs) may have already departed for the holidays.
- High Voting Threshold: The procedure is currently in its second reading. At this stage, the Council's position can only be modified or blocked by an absolute majority of the representatives, a threshold considered difficult to achieve during the last days of a session.
Child Protection vs. Digital Privacy
The EU Council argues that voluntary detection measures are indispensable for identifying victims of abuse and curbing the spread of illegal material. They maintain that scans are limited to the "absolutely necessary extent" and that no indiscriminate surveillance is occurring.
However, critics argue that the intrusion into privacy is significant. Under the regulation, processed content and traffic data must be deleted within twelve months of detection unless a concrete suspicion is confirmed.
Community Perspectives and Technical Concerns
Discussions among technical communities and legal observers highlight several critical concerns regarding this legislation:
"This refers to 'Chat Control 1.0,' allowing facebook and other messaging providers to scan chats for harmful content... the far more dangerous Chat Control 2.0 that would weaken end-to-end-encrypted messengers like Signal is not being discussed here."
Key points of synthesis from the community discussion include:
- Distinction between 1.0 and 2.0: Users note that while 1.0 allows voluntary scanning (often by providers who already do so), it does not yet mandate the breaking of end-to-end encryption (E2EE) as proposed in the more controversial Chat Control 2.0.
- Democratic Legitimacy: There is widespread concern that the EU Council is systematically overriding the will of the EU Parliament and member states' objections through obscure legislative mechanisms.
- Effectiveness of Scanning: Some critics question the efficacy of these measures, noting that criminals likely avoid platforms that utilize such scanning, while the government relies on "sugar-coated figures" to conceal policing failures.
- Jurisdictional Conflicts: Some observers suggest that these measures may conflict with national laws in countries like Germany and Spain, potentially leading to further legal challenges.