Trilogue deal: EU extends error-prone bulk chat control scanning of private messages by US internet companies
This morning, the EU Parliament and EU Council reached a trilogue agreement on the extension of the controversial, error-prone voluntary bulk scanning of private messages and photos for suspected content by US internet companies such as Meta (Instagram, Facebook), Google (GMail) and Microsoft (X-Box) until April 2026 (so-called chat control 1.0 or interim ePrivacy derogation regulation). The deal is to be approved in a fast-track procedure before the European elections. The EU Parliament majority originally only wanted to extend the regulation by 9 months in order to switch as quickly as possible to targeted surveillance of suspects and a far more effective approach to protecting children, including by safer default settings and design of internet services, proactive searches for freely accessible CSAM, removal obligations and setting up an EU child protection centre. Instead, the EU Parliament today agreed to extend the status quo by more than twice the period of time originally envisaged.
Pirate Party MEP and digital freedom fighter Patrick Breyer, who is taking legal action against Meta’s scanning of direct messages, criticises:
”The EU Parliament wants to end blanket chat controls that violate fundamental rights, but with today’s deal it is cementing them. The EU Parliament wants a much stronger and court-proof protection against child abuse online, but today’s deal achieves nothing at all to better protect our children. With so little fighting spirit, further extensions of the status quo are likely to follow and a better protection for our children is increasingly becoming unlikely. Victims of child sexual abuse deserve better!
The EU Commission, EU governments and an international surveillance-industrial network have unfortunately succeeded in scaring the parliamentary majority about a supposed ‘legal gap’ as a consequence of phasing out bulk chat control mass surveillance. In reality, bulk scanning makes no significant contribution to saving abused children or convicting abusers, but instead criminalises thousands of minors, overburdens law enforcement officers and opens the door to arbitrary private justice by internet companies. If, according to the EU Commission, only one in four reports is relevant for the police, this means 750,000 leaked private beach photos, nude images and intimate coversations of Europeans without any law enforcement relevance every year. Our chats and photos are not safe in the hands of unknown moderators abroad and do not belong there. The EU regulation on voluntary chat control is obsolete and violates our fundamental right to privacy: Social networks that classify as ‚hosting services‘ do not need a regulation to screen public posts to begin with. And the error-prone scanning of private communications by Zuckerberg’s Meta group will soon be a thing of the past anyway thanks to the announced introduction of end-to-end encryption.
As a Pirate, I am working to stop the illegal bulk chat control scanning in court. We will be watching every move of the EU Commission which now has more time to find majorities in the EU Council in favour of the extreme dystopia of mandatory chat control 2.0 to destroy digital privacy of correspondence and secure encryption, including by manipulating critical EU states using infamous PR campaigns and misinformation.”
Today‘s agreement still requires approval by the EU Parliament and EU Council. At the beginning of March, the EU interior ministers will once again discuss the EU Commission’s parallel proposal to destroy digital privacy of correspondence and secure encryption (Chat Control 2.0 or permanent child sexual abuse regulation). So far, there has been no agreement between supporters and opponents among the EU governments, meaning that this project is on hold or possibly even dead.
