threat_intelligence712 wordsRead on Arc Codex

Return of Mass Scanning of Private Communications through Undemocratic Procedure

Return of Mass Scanning of Private Communications through Undemocratic Procedure Today, 9 July, the European Parliament voted to revive the interim derogation from the ePrivacy Directive, commonly known as “Chat Control 1.0” (Regulation (EU) 2021/1232), which provides the legal basis for the voluntary, indiscriminate scanning of private communications for known and new Child Sexual Abuse Material (CSAM), and for the solicitation of children. This vote is the outcome of an urgent procedure to revive and fast-track virtually the same derogation that Parliament had already rejected in March. These highly politicised procedural efforts, urged by European President Roberta Metsola, have been described by diplomats, experts and media as an “unprecedented move”, heavily criticised for overstepping Parliament’s own mandate and previous vote. The Timing of this Procedural Manoeuvre is Specific The voting day, Thursday, was the last sitting day before the summer recess, and because the file has been framed as a second reading, stopping it required an absolute majority of Parliament’s full membership (361 votes) rather than a simple majority of those present. Falling short of that threshold meant the Council’s text passed automatically, with no active endorsement required. Notably, a simple majority was reached both on the first vote on the rejection and on the final vote on the rejection of the text as amended. The vote demonstrated considerable opposition to the proposal, but votes fell short of the higher threshold required under the urgency procedure, which was compounded by reduced attendance ahead of the summer recess. Importantly, although only two amendments were adopted, they ensured the protection of end-to-end encryption. Jeopardising the Long-term Framework This revival comes barely a week after the final trilogue on the Child Sexual Abuse Material Regulation (CSAR), the permanent framework for CSAM detection, concluded on 29 June without agreement, with talks set to resume after the summer. Whether scanning is voluntary or mandatory, it raises complex legal and technical questions that demand careful, evidence-based lawmaking, as highlighted by the CSAR negotiations. Reviving Chat Control 1.0 now risks undermining progress on CSAR. The Evidence for Urgency is Lacking The urgent procedure rests on the claim that unforeseen developments make this procedural route necessary. The evidence does not support that claim, not for the derogation itself nor for the urgency justification. The German Federal Police, which had previously warned of a “drastic decline” in CSAM reporting if the derogation expired, has since acknowledged there is no specific link between the expiration of the interim regulation and the number of reports received. Just before the vote, as already done with the past vote in March, four European Commissioners wrote to MEPs ahead of the vote arguing that the derogation’s expiry would create an immediate and severe regulatory gap for online platforms. However, it is worth noting that the derogation was always designed as an exceptional, time-limited carve-out, not the legal basis for online child sexual abuse investigations as such. Moreover, its expiry has not created a legal loophole as even without it: - Targeted telecommunications surveillance based on concrete suspicion and judicial authorisation remains fully permissible, as do production and preservation orders for electronic evidence under the EU’s e-evidence framework. - Content hosted on platforms remains subject to existing removal and reporting channels: legal orders to expeditiously remove clearly illegal content (CSAM among the clearest examples), notice-and-action mechanisms, and dedicated CSAM-flagging channels for trusted flaggers under the Digital Services Act. - Known, previously verified CSAM, in hosted environments, can still be identified through hash-matching, a tool that flags content for human review within narrowly defined parameters, without requiring the broader scanning regime the derogation authorises. CDT Europe regrets and disagrees with both this vote and the procedural way in which it came about. CDT Europe has consistently supported the European Parliament’s efforts to reject Chat Control 1.0, first in March, and now against this renewed attempt under the guise of urgent procedure, and has engaged throughout the CSAR legislative process. We will continue working to ensure that any final framework rejects mass surveillance and while fully protecting end-to-end encryption. We call for a narrowly tailored and proportionate regulatory pathway that upholds fundamental rights, protects against indiscriminate mass-scanning models and expansive risk-mitigation mandates, and aligns with international human rights standards and the jurisprudence of the European Court of Human Rights.

How it works

Once you click Generate, Ollama reads this article and crafts 5 comprehension questions. Your answers are graded against the article content — general knowledge won't be enough. Score 70+ to count toward your certificate.

Questions are cached — you'll always get the same 5 for this article.