EU Parliament Greenlights Chat Control 1.0 Interim Regulation

EU Parliament Greenlights Chat Control 1.0 Interim Regulation

EU Parliament Approves Interim Mass Scanning of Private Communications

The European Parliament has allowed "Chat Control 1.0" to pass, an interim regulation that permits the suspicionless mass scanning of private communications. This measure will remain in effect until 2028, or until a permanent regulation is agreed upon. The passage of the law is notable because a majority of voting Members of the European Parliament (MEPs) actually opposed it (314 against, 276 in favor), but the motion to reject it failed to reach the required absolute majority of 361 votes.

Scope of Scanning: What is Affected and What is Not

The return of Chat Control 1.0 specifically targets unencrypted private communications on a limited set of platforms.

Services Subject to Scanning

US tech companies are permitted to scan private messages without a warrant or prior suspicion. This includes:

  • Direct messages on Instagram, Discord, Snapchat, Skype, and Xbox.
  • Emails via Google Gmail and Apple iCloud.

Services Exempt from Scanning

  • End-to-End Encrypted (E2EE) Chats: Services like WhatsApp remain exempt from these scans.
  • European Providers: European messaging and email services have not implemented these chat control measures.
  • Public Content: Public social media posts and files in cloud storage were already subject to scanning and remain so.

Evidence and Effectiveness of Mass Scanning

Critics and data from the EU Commission and the German Federal Criminal Police Office (BKA) suggest that suspicionless mass scanning is an ineffective tool for child protection:

  • Low Impact on Convictions: The EU Commission admits there is no evidence that suspicionless scanning has increased criminal convictions or the number of rescued children.
  • High False Positive Rate: The BKA reports that 48% of all incoming alerts are not criminally relevant.
  • Redundancy: An estimated 99% of reports generated by Meta consist of previously known material, which does not stop active abuse.
  • Declining Utility: Since 2022, the volume of suspected abuse reports from the US has dropped by 50% as users migrate toward encrypted messaging.
  • Limited Contribution: In 2024, mass scanning of private chats accounted for only 36% of all abuse reports; the majority came from public posts and cloud storage.

The Conflict Over "Chat Control 2.0"

While Chat Control 1.0 is an interim measure, negotiations for a permanent "CSAM Regulation" (Chat Control 2.0) are ongoing. The core dispute centers on whether detection should be indiscriminate or targeted.

The Parliamentary Proposal

The EU Parliament is advocating for a paradigm shift toward targeted detection, including:

  • Mandatory detection orders against specific criminal suspects identified by the judiciary.
  • The creation of an EU Child Protection Centre to remove known abuse material from the public internet.
  • "Security by Design" standards for messaging apps to prevent cyber grooming.

The Member State Position

EU member state governments continue to insist on maintaining the status quo of voluntary, suspicionless scanning of private communications.

Perspectives from Survivors and Privacy Advocates

Survivors of sexual violence argue that mass surveillance does not provide the protection it claims to offer and may actually harm victims.

"As a survivor I relied on confidential communications to tell my story and find justice... We survivors need privacy, because without it we lose our voice. Chat Control was not created to protect children. It was about Big Tech companies like Meta or Google wanting access to our data for profiteering, and states attempting to expand mass surveillance." — Alexander Hanff, survivor and privacy advocate

Other survivors emphasize that genuine protection requires deleting material at the source and proactive police work on the Darknet rather than corporate scanning of private messages.

Community Analysis and Criticism

Discussion among technical and political observers highlights several concerns regarding the legislative process and the implications of the law:

  • Procedural Controversy: Observers noted that the vote was scheduled on the last day of parliament before the summer break, with 113 MEPs absent, which critics argue was a tactical move to ensure the interim regulation passed despite lacking a majority of voting members.
  • Privacy Precedent: Some argue that allowing "voluntary" scanning sets a dangerous precedent that the confidentiality of private correspondence is conditional rather than fundamental.
  • Technical Workarounds: Discussions emerged regarding the use of steganography and peer-to-peer messaging as potential defenses against centralized scanning.

Sources