As the European Union edges closer to ​rewriting the rules of users’ privacy online, debates surrounding the controversial ‘Chat Control’ legislative proposal reignite.

The latest developments include the Council’s vote to extend the application period of the interim legislation and the start of the trialogue procedure. The proposed law to scan private communications for child sexual abuse material (CSAM) has been subject to scrutiny from human rights organisations, tech companies, and civil society groups since its introduction in 2022.

This January 29th the Council voted to extend the application period of the temporary and voluntary-based screening regime (‘Chat Control 1.0’) until April 2026. With this derogation from the ePrivacy Directive platforms can decide to opt-in for voluntary participation. Given that this proposal still needs to be approved by the European Parliament, citizens initiatives against it are already forming, with activists calling Members of the European Parliament (MEPs) to reject the proposal. The regulation has become one of the bloc’s most polarising debates on privacy online in recent years.

WHAT IS CHAT CONTROL?

The Child Sexual Abuse Regulation (CSAR), or ‘Chat Control’, is a proposal introduced by the Commission in 2022 in line with its ‘EU Strategy for a More Effective Fight Against Child Sexual Abuse’. If the legislation is adopted, digital communications services and online platforms will be obligated to detect and report CSAM. While EU institutions and proponents argue that the new regulatory tools are necessary to ensure the safety of underage and vulnerable users online, critics are not convinced. The legislation envisages, as a derogation from the current EU rules on protection of privacy online, an obligation for platforms to screen users’ communications for potential illegal content.

The client-side indiscriminatory screening mechanism means that the authorities may gain access to users’ correspondence before it is encrypted, rendering end-to-end encryption void. One of the main arguments against the legislation is notably the mechanism used for detection – experts point to the inaccuracies and mistakes in AI technologies’ output. ‘False positives’ can not only lead to the persecution of innocent people and erode freedom of expression online, but flooding the authorities with inaccurate signals of abuse can prove counterproductive to solving the issue in the first place by wasting resources.

The current ‘interim’ rules are applied on a voluntary basis by platforms which decide to do so, but most of the opponents to the regulation warn against extending the temporary framework, noting that it’s been in effect since 2021, at this point rendering the derogation semi-permanent.

… AND WHY DOES IT MATTER?

Critits of the legislation, among whom are the European Pirates, warn that forced scanning of private messages could weaken encryption, undermine fundamental digital freedoms, and set a precedent for mass surveillance across the digital space. Human rights activists pay particular attention to the possible infringement to the right to respect of personal life and personal correspondence. The broader implications of chat control on human rights and privacy online have been the main topic of contention, with a warning on the matter issued by the EU’s own Data Protection Board.

The legislative trend in recent years towards reducing privacy online and weakening encryption is particularly worrying. While the UK recently adopted its own Online Safety Act, also now under scrutiny, the European Court of Human Rights ruled against any efforts to weaken encryption of communications.

WHAT NOW?

Trialogues already started in December 2025 with the second round scheduled for 26 February 2026.

It is worth noting that the European Parliament already rejected indiscriminate scanning and blanket chat control in 2023, based on the report of the Civil Liberties, Justice and Home Affairs (LIBE) Committee. Consequently, it proposed modifications to the regulation, opting for targeted surveillance and only after a judicial warrant has been issued based on reasonable suspicion. Other aspects of the draft regulation, firmly opposed by Parliament, are the mandatory age checks and the provision to lock users under 17 years of age from certain apps. The age verification mechanism is also a part of the Commission’s guidelines on the protection of minors under the DSA.

Markéta Gregorová, member of the Pirates, is the shadow rapporteur for the ‘chat control’ file for the Greens/EFA. In the coming months she will be doing everything she can to ensure that the Parliament does not give in to the Council’s demands in the trialogues.

In a surprising turn of events in December, the Commissioner in charge of the dossier sided with the Parliament and its proposal. The Council, however, sways towards mass scanning. Nevertheless member states are still divided on the issue, with Czechia, Italy, the Netherlands and Poland still opposing the regulation. Germany, which until recently was the leader in the team opposing the regulation, has now softened its position and expressed support for the revised Danish proposal. These latest shifts in positions of the main actors in the trialogues make the results of the negotiations ever more unclear.

This is why it is important to act against the proposal before it is too late: sign the petition and contact your MEPs to ensure that the illusion of security does not encroach on our right to privacy.

europeanpirates.eu/scanning-th…