EU’s controversial “Chat Control” proposal

EU’s controversial “Chat Control” proposal sparks backlash over fears of mass surveillance

Brussels — A controversial European Union proposal that could require the scanning of private digital communications is drawing intense criticism from privacy advocates, legal scholars, and several member states.

The draft regulation—informally dubbed “Chat Control”—is part of the EU’s broader initiative to combat the spread of child sexual abuse material (CSAM) online. Opponents, however, warn the proposal would effectively end digital privacy for millions of citizens.

At the center of the debate is a provision that would allow authorities to issue “detection orders” compelling tech companies to scan users’ messages, images, emails, and other content for potential illegal material. The most contentious element is client-side scanning, a method that examines content directly on a user’s device before it is encrypted.

Critics Sound Alarm Over Privacy Risks

Digital rights groups say that implementing client-side scanning would undermine end-to-end encryption, one of the core protections that currently shields private communications from government and corporate surveillance.

“This would be the largest expansion of state surveillance in EU history,” warned one European privacy organization. “Once the infrastructure exists, it could be extended far beyond its original purpose.”

Legal experts across the EU have also raised concerns that indiscriminate scanning could violate fundamental rights guaranteed under the EU Charter, including the rights to privacy and data protection. German lawmakers have been among the most vocal critics, warning that the proposal amounts to “general monitoring” of private communications—a practice that EU courts have repeatedly ruled unlawful.

Supporters Frame It as a Child Protection Measure

EU officials argue that the proposal is necessary to combat what they describe as a growing crisis of online child exploitation. Supporters say the detection orders would be targeted, not universal, and that the measures are designed with safeguards and judicial oversight.
“We cannot ignore the reality of online abuse,” a Commission spokesperson said. “The goal is to protect children—not to read people’s private messages.”

Some member states, including France and Spain, have expressed support for stronger scanning requirements, while others have urged compromise, such as limiting scanning to images and known harmful URLs rather than all text messages.

Accusations of Secrecy Intensify Tensions

The latest wave of criticism follows reports that EU representatives were preparing to advance key parts of the legislation during closed-door Council discussions, prompting allegations that lawmakers were attempting to push through the regulation “in secret” and without adequate public debate.
\
EU officials deny this, noting that legislative negotiations commonly occur in non-public sessions. Still, transparency advocates argue that the sweeping implications of the proposal demand a higher degree of openness.

Outcome Still Uncertain

The draft regulation has not yet been approved, and negotiations between the European Parliament, Council, and Commission remain ongoing. Meanwhile, the interim legal framework that allows voluntary CSAM detection by companies has been extended until 2026, giving policymakers more time—but also intensifying pressure to resolve the issue.

As the EU weighs how to balance child protection with digital privacy, the “Chat Control” proposal has become one of the most polarizing tech policy debates in Europe. Whether the regulation is ultimately adopted, amended, or rejected, its outcome is expected to have far-reaching consequences for encrypted services, tech platforms, and the online rights of more than 400 million EU residents.