
The European Parliament is set to vote again on Thursday on controversial legislation widely known as 'chat control,' which would allow technology companies to scan private communications for child sexual abuse material (CSAM). The vote follows a rarely used urgent procedure approved on Tuesday, reviving a proposal that had already been rejected by lawmakers in March.
Background on Chat Control
The term 'chat control' refers to a legal framework that originally granted a temporary derogation from the EU's ePrivacy Directive, permitting online platforms to voluntarily scan private messages—including end-to-end encrypted ones—to detect and report CSAM. This derogation expired in early April 2026, leaving a legal vacuum. Since then, messaging platforms like WhatsApp have been allowed to implement their own voluntary measures to identify and report abusive content, but without a unified legal basis.
The European Commission first proposed a permanent regulation in 2022, but negotiations stalled amid intense lobbying from privacy advocates, tech companies, and civil society groups. Critics argue that scanning encrypted messages undermines the very purpose of encryption and creates a backdoor that could be exploited for mass surveillance. Supporters, including law enforcement agencies and child protection organizations, contend that the measures are necessary to combat the growing prevalence of online child exploitation.
Urgent Procedure Vote on Tuesday
On Tuesday, the European Parliament voted 331 in favor, 304 against, and 11 abstaining to adopt an urgent procedure that fast-tracks a vote on extending the expired derogation. This procedural move bypasses the usual committee scrutiny and allows a plenary vote within days. Pirate Party MEP Markéta Gregorová, a vocal opponent of chat control, criticized the maneuver, stating, "Today's vote violates our own rules of procedure. The European Parliament decided to use an urgent procedure for Chat Control 1.0. This means that on Thursday, we will once again vote on extending the derogation that allowed online platforms to scan our private communications."
The urgency was pushed by the European People's Party (EPP), the largest political group in Parliament. EPP leader Manfred Weber has been seeking ways to reinstate the measure without amendments, despite widespread opposition from other groups. The EPP argues that the temporary extension is necessary to maintain protections for children while a permanent regulation is finalized.
Previous Rejection and Political Dynamics
In March 2026, the Parliament rejected a similar temporary extension proposed by the European Commission. The vote was 311 against, 228 in favor, and 92 abstaining. Many MEPs who opposed the measure cited concerns over privacy, encryption, and the lack of safeguards to prevent abuse. Amendments that would have restricted the scope of scanning—such as limiting it to known CSAM images and excluding voice or video content—were also rejected.
The revival of the proposal through an urgent procedure has been met with outrage from privacy advocates and smaller political groups. Gregorová described the move as unprecedented, saying, "The European People's Party is abusing its position as the largest political group to bring back, through a procedural loophole, a proposal that Parliament had already rejected." The Green Party and the Left bloc have also condemned the tactic, calling for a transparent debate.
To reject or amend the proposal on Thursday, opponents will need an absolute majority of 361 votes out of 720 MEPs. Given the narrow margin of Tuesday's procedural vote, achieving this will be challenging. Supporters, on the other hand, require only a simple majority to pass the extension.
Member States' Position
In contrast to the Parliament's earlier rejection, EU member states have already agreed to reinstate an interim chat control measure. Last month, the Council of the EU approved a deal that would allow service providers to detect, report, and remove CSAM until 2028. This deal was reached among ambassadors from member states, but it still requires final adoption by the Parliament. The upcoming vote in the Parliament will determine whether the EU can restore a unified legal framework or face a patchwork of national laws.
The member states' agreement includes some concessions, such as requiring providers to use the least intrusive technologies and to obtain independent oversight. However, critics argue that these safeguards are insufficient and that the very principle of scanning encrypted messages remains dangerous.
Privacy and Encryption Concerns
The core of the controversy lies in the tension between child protection and digital privacy. End-to-end encryption ensures that only the sender and recipient can read messages, and any requirement to scan content effectively creates a vulnerability. Privacy advocates, including organizations like EDRi and the Electronic Frontier Foundation, warn that mandatory scanning would weaken encryption for all users, making systems more susceptible to hacking and government overreach.
Tech companies have also expressed concerns. WhatsApp and Signal have previously stated that they would rather exit certain markets than compromise their encryption. If the EU mandates scanning, these platforms might be forced to choose between compliance and user trust. Some companies have explored client-side scanning, where the scanning happens on the user's device before encryption, but this approach has been criticized for similar reasons.
The debate also touches on the broader trend of EU digital regulation. The Digital Services Act (DSA) and the Digital Markets Act (DMA) already impose obligations on platforms to address illegal content, but the chat control rules go further by specifically targeting encrypted communications. The outcome of Thursday's vote could set a precedent for how the EU balances security and privacy in the digital age.
Cryptography experts have testified before Parliament, arguing that there is no technical solution that can scan encrypted messages without breaking security. They emphasize that any scanning system could be abused, either by malicious actors or by states seeking to monitor political dissent. The European Data Protection Supervisor has also raised concerns, warning that the proposal may violate the EU's Charter of Fundamental Rights.
Implications for the Future
If the extension is approved, it will likely be temporary until a permanent regulation is enacted. However, the political battle is far from over. The European Commission is still working on a revised version of the permanent chat control law, which is expected to incorporate some of the criticisms. But given the deep divisions, a consensus may take years.
Meanwhile, the UK and other countries are watching closely. The UK's Online Safety Act already includes provisions for scanning encrypted messages, though its implementation has been delayed. The EU's decision could influence global standards for encryption and online safety.
Civil society groups are mobilizing for Thursday's vote, urging MEPs to reject the extension. Digital rights activists plan to protest outside the Parliament building in Brussels. Social media campaigns are calling on citizens to contact their representatives, framing the issue as a fundamental rights concern.
No matter the outcome, the chat control debate highlights the growing challenge of regulating the internet in a way that protects both children and fundamental rights. The vote on Thursday will be a critical test of the EU's ability to navigate this complex terrain.
Source:Cointelegraph News
