Time is running out for EU Member States to decide on Chat Control

This article first appeared in EU Tech Loop and has been published as part of a partnership with Euronews. Any opinions expressed do not reflect Euronews.

On September 12, European Member States will have to finalise their positions on the proposed regulation to force client-side scanning of Child Sexual Abuse Material (CSAM) in messaging apps, also known as Chat Control. 

While the Danish Presidency of the Council of the EU has previously stated it will push for CSAM-scanning during its Presidency, the number of people and political groups articulating opposition to automatic scanning of private communications, effectively ending end-to-end encryption, is growing. 

The opposition

According to the citizen-led initiative and website Fightchatcontrol.eu, only six EU Member States are on the record opposing the current Chat Control proposal: Austria, Belgium, the Czech Republic, Finland, the Netherlands and Poland.

Poland has opposed such measures since they were introduced, and has remained consistent despite different governments taking charge.

The undecided

Germany is a different story. While Germany was a strong opponent of chat control in the previous Social Democratic party-led government, the country now stands as “undecided” under a Merz-led conservative coalition government, along with Estonia, Greece, Luxembourg, Romania, and Slovenia. 

Estonia’s former chief information officer, Luukas Ilves, has openly questioned his country's waffling stance:

“Estonia has always been a fervent proponent of end-to-end encryption. I’ve fought a few rounds of this fight myself in the council. Now we’re “undecided”? What gives?” he said.

Multiparty opposition in the European Parliament brewing

In the European Parliament, the ranks of opposition include both green/social-liberal, so-called right-wing parties, and the smaller Pirate parties. 

Members of Greens/EFA VOLT have openly spoken out against Chat Control recently, stating that “protecting children online is possible without mass surveillance”. 

This message was also echoed by members of Patriots for Europe, the right-wing parliament group that is currently the third-largest contingent in the EU Parliament. The flamboyant former race car driver and Czech MEP Filip Turek has firmly opposed the chat control proposal, as well as his fellow populist Přísaha party member Nikola Bartusek: 

“My official position on the vote for Chat Control is clear. I will vote AGAINST! I receive hundreds of emails on this topic every day, and I am glad that you support our position and the petition against Brussels snooping!”

On the conservative side, Finnish MEP Aura Salla, a member of the EPP, the largest parliamentary group in Brussels, also voiced opposition to the Commission's regulation, stating that it "poses a massive risk of exposing our private communications and photos".

With just a few days left before the Council is due to take a vote on the controversial proposal, both the public pressure and cross-party outcry may pose a unique challenge to Brussels' usual choreographed votes on long-debated legislation.

What is Chat Control?

As a regulation, the proposal creates a new "duty" forced on private providers of encrypted software to scan for offensive and illegal child sexual abuse material. As has been noted by many security experts, this method of client-side scanning effectively breaks the encryption algorithms that currently protect private messages from being read or seen by anyone apart from their intended recipient.

Client-side scanning means that before content is delivered from a device to the intended recipient, it will be uploaded to another database to screen for offensive or illegal material. In a normal end-to-end encrypted conversation, each party to the message has a private and a public key. By forcing content to be filtered, this obliterates the usefulness of even having the private-public key pair that ensures content is delivered as intended.