EU's Chat Control Bill faces backlashes, will access encrypted chats
The EU recently proposed a child sexual abuse (CSAM) scanning bill that is facing backlashes from the opposition. The controversial bill is amid controversy just a few days before the important meeting.
On 12 September, the EU Council will share its final assessment of the Danish version of what is known as “Chat Control.” The proposal has faced strong backlash, as it aims to introduce new mandates for all messaging apps based in Europe to scan users’ chats, including encrypted ones.
Who is opposing?
Belgium and the Czech Republic are now opposing the proposed law, with the former calling it "a monster that invades your privacy and cannot be tamed." The other countries that have opposed the bill so far include Poland, Austria, and the Netherlands.
Who is supporting?
But the list of supporters is longer, including important member states: Ireland, Cyprus, Spain, Sweden, France, Lithuania, Italy, and Ireland.
Germany may consider abstaining from voting. This weakens the Danish mandate.
Impact on encrypted communications in the EU
Initially proposed in 2022, the Chat Control Proposal is now close to becoming an act. The vote will take place on 14 October 2025. Currently, the majority of member states are in support. If successful, it will mean that the EU can scan chats of users by October 2025, even the encrypted ones.
The debate is around encryption provisions- apps like Signal, WhatsApp, ProtonMail, etc., use encryption to maintain user privacy and prevent chats from unauthorized access.
Who will be affected?
If the proposed bill is passed, the files and things you share through these apps can be scanned to check for any CSAM materials. However, military and government accounts are exempt from scanning. This can damage user privacy and data security.
Although the proposal ensures that encryption will be “protected fully,” which promotes cybersecurity, tech experts and digital rights activists have warned that scanning can’t be done without compromising encryption. This can also expose users to cyberattacks by threat actors.
